Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
Networking
cancel
Showing results for 
Search instead for 
Did you mean: 

HPUX CIFS server 3.2..7 failed to join domain:failed to connect to AD: NT_STATUS_NOT_SUPPORTED

zjDD719
Occasional Visitor

HPUX CIFS server 3.2..7 failed to join domain:failed to connect to AD: NT_STATUS_NOT_SUPPORTED

We plan to migrate HP cifs to another domain, while leaved old domain, we failed to join new domain, it warning  kinit succeeded but ads_sasl_spnego_krb5_bind failed: NT_STATUS_NOT_SUPPORTED, do you have any idea about it

DC is windows 2012 RWDC, and ldap server require singing

Krb5.conf

[libdefaults]

default_realm = XXX.COM

default_tkt_enctypes = DES-CBC-CRC RC4-HMAC DES-CBC-MD5

default_tgs_enctypes = DES-CBC-CRC RC4-HMAC DES-CBC-MD5

ccache_type = 2

clockskew = 1800000

 

[realms]

XXX.COM = {

kdc = abc..XXX.com:88

admin_server = abc..xxx.com

}

 [domain_realm]

.xxx.com = XXX.COM

xxx.com = XXX.COM

[logging]

kdc = FILE:/var/log/krb5kdc.log

admin_server = FILE:/var/log/kadmin.log

default = FILE:/var/log/krb5lib.log

Smb.conf

# Global parameters

[global]

        workgroup = XXX

        bind interfaces only = yes

        realm = XXX.COM

        server string = Samba Server

        interfaces = xxx.xxx.xxx.xxx

        security = ADS

        encrypt passwords = yes

        password server = abc.xxx.com

        kerberos method = dedicated keytab

        dedicated keytab file = /etc/krb5.keytab

        ssl cert path = /etc/opt/samba

        ldap ssl = off

        passdb backend = ldapsam:ldaps://abc.xxx.com

        client ldap sasl wrapping = sign