-
Joining Redhat box to MS ADS Domain without Kerberos
Hi all.
I have a Redhat EL3 computer operating in a Windows-based network running ADS. I really have very little knowledge of domain-type networking, and the network admins here have less knowledge of linux than I do (which isn't that much!). However, it's my understanding that kerberos is an additional security protocall that can be used in an ADS environment, but is not always present. In our case, I don't believe we have it.
However, samba 3 seems to expect kerberos to be present. When I run the command "net ads join" I get errors stating "Cannot find KDC for requested realm". I've also been trying the "net testjoin" command for both ads and rpc environments with the following results:
[root@kitten jdbrown]# net ads testjoin
KITTEN$@CREOL's password:
[2005/02/08 15:43:33, 0] libads/kerberos.c:ads_kinit_password(146)
kerberos_kinit_password KITTEN$@CREOL failed: Cannot find KDC for requested realm
[2005/02/08 15:43:33, 0] utils/net_ads.c:ads_startup(186)
ads_connect: Cannot find KDC for requested realm
Join to domain is not valid
[root@kitten jdbrown]# net rpc testjoin
Unable to find a suitable server
Join to domain 'CREOL' is not valid
As I stated earlier, I really don't have a lot of knowledge in regards to networking (or to linux for that matter - but I get by). Can anyone give me some suggestions for this, or should I just live with this in its current state?
Thanks,
JB
Boredom tempts a twisted mind!!!
-
Depending on how your AD domain in configured, you might be able to get away with using security = domain instead of security = ads.
See this article:
http://www.justlinux.com/forum/showt...hreadid=118920
If that fails, you might try using security = server. That will allow your Samba server to authenticate against the domain without actually being a member. I know I've used that against NT type domains but I can't recall if I've successfully used it against an AD domain.
Last edited by cowanrl; 02-09-2005 at 07:56 AM.
If God hadn't meant for us to use GUI tools, there wouldn't have been a Xerox PARC.
-
samba ads login problem
Hi Cowanrl,
I followd ur samba 3.0 using ADS security,
and configure my m/c,
it works partiallly,
that from
linux i can mount all available shares on windows 2k server,
but
i can only public dircetories of samba ,
my users home dir cannt be accessed it shows invalid user name and password,
ex:-
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
in this if i comment valid users, then i can access the my home dir,
otherwise i cant access it,
help me,
regadrs n thankx in advance,
sami,
meetsami@gmail.com
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|