Results 1 to 2 of 2

Thread: join samba to AD 2008

  1. #1
    Senior Member ananth_ak's Avatar
    Join Date
    May 2010
    Location
    Vault 101
    Posts
    192
    Thanks
    23
    Thanked 19 Times in 17 Posts
    Rep Power
    7

    Default join samba to AD 2008

    Hi Guys,

    I wanted to share my experience with joining a samba server to 2008 domain controller.

    I recently added Active Directory Windows Server 2008 to my domain, I still have 2003 AD running as backup for the moment. The AD 2008 holds all fsmo roles.

    Under RHEL 6 (samba 3.4) you can make the AD 2008 as the password server in smb.conf and kerberos kdc/admin server using authconfig-tui and join to the network. shares through hostname,IP,cnames works no problem on windows xp,7 clients and windows 2003 server.

    Under RHEL 5 (samba-3.0.33) When you specify AD 2008 as the kerberos kdc and admin server, you cannot access the shares at all, windows system comes back with an error "network path is invalid" and on the linux samba server the error reports:

    Code:
     Error was NT_STATUS_INVALID_PARAMETER.
    samba3x for RHEL5 solved all my issues, I could access machines using cnames ip address the lot. Very happy.

    Just this morning I was tidying up my /etc/krb files manually as I had loads of duplicate entries for kdc's.

    Just as a test I tried to rejoin to the domain to ensure everything worked fine. This failed, I got the following error:

    Code:
    kerberos_kinit_password <HOSTNAME>  Preauthentication failed
    I thought I was trying the password out wrong, so I tried serveral times. No luck! I got the same error plus an additional error.

    Code:
    failed to lookup DC info for domain over rpc
    I used authconfig-tui to check kerberos settings. For some reason the duplicates I thought I had removed were still there. So I cleaned up the duplicated and saved changes using tui. When I tried to rejoin to the AD domain, it worked!!

    Just to test to see if I could break it again I manually editied the krb files and tried to join the domain, and as expected (though I was wishing it more) it broke!

    Question: When using authconfig-tui are these the only files to be updated?

    /etc/krb5.conf
    /etc/krb.conf
    /var/lib/samba/smb_krb5/krb5.conf

  2. #2
    Junior Member
    Join Date
    Dec 2008
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default

    well in my experience /etc/krb5.conf is the one I tweak to configure AD auth.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Samba VAX server Samba Lenny client
    By jmurch in forum File Servers
    Replies: 3
    Last Post: 12th January 2011, 06:06 PM
  2. samba
    By valliappan in forum CentOS / RHEL / Fedora
    Replies: 1
    Last Post: 17th December 2008, 01:38 PM
  3. samba prob!!!!!!!
    By arka_bose99 in forum File Servers
    Replies: 1
    Last Post: 25th November 2008, 06:58 PM
  4. Help, samba 3.0.23 join ads domain
    By warren in forum Linux software
    Replies: 1
    Last Post: 9th January 2007, 03:41 PM
  5. Samba Problem
    By sonaikar in forum Linux software
    Replies: 1
    Last Post: 26th April 2005, 12:18 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •