Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
Showing results for 
Search instead for 
Did you mean: 

Samba 3.0 with Active Directory net ads join problem

Jonas Back_2
Super Advisor

Samba 3.0 with Active Directory net ads join problem

We have a AD-domain using Windows 2003 servers. We want to join our RH ES3 Samba (3.0.0-14.3E that was shipped with ES3) to our AD-domain. We get no error when running kinit but when trying to join the domain with "net ads join -U username" we don't get any successful nor errormessage. If you look at the log at the DC we get the following:
Pre-authentication failed:
User Name: username
User ID: PPM\username
Service Name: krbtgt/DOMAIN.COM
Pre-Authentication Type: 0x0
Failure Code: 0x19
Client Address: 192.168.xx.xx
The user we're using is a Domain Admin. We've followed most of the guides on the net and it should simply work with net ads join. We have also tried pre-creating a computer account in the AD domain for the server. In the configfiles below we also tried specifying a password server = in and workgroup = DOMAIN in smb.conf. There's no info in the krb5-logs.

Any ideas?

default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
ticket_lifetime = 24000
default_realm = DOMAIN.COM
dns_lookup_realm = false
dns_lookup_kdc = false
kdc =
admin_server =
default_domain =
[domain_realm] = DOMAIN.COM = DOMAIN.COM
profile = /var/kerberos/krb5kdc/kdc.conf
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false

# Global parameters
netbios name = SAMBASERVER
server string = Linux Samba server
realm = DOMAIN.COM
security = ADS
password server = *
encrypt passwords = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 0
local master = No
read only = No
case sensitive = Yes
dos filetime resolution = Yes
log level = 2
Honored Contributor

Re: Samba 3.0 with Active Directory net ads join problem

I dont run ES3 or Samba 3

So I am afraid I am only able to search for some info that maybe of help ?

This is what a search on Failure code revealed, this is exactly like your problem but could help you along !

Hopefully this will help and others will be able to help you more .

Smile I will feel the difference