Visit The New, Modern Unix Linux Community


Samba: Authenticating and joining AD domain as a member


 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Samba: Authenticating and joining AD domain as a member
# 1  
Samba: Authenticating and joining AD domain as a member

Hi all,

I'm having some problems with joining an active directory domain as a member. My Linux servers using the same configuration across the board are all joining as domain controllers, which is bad.

I am running Samba 3.0.25b-0.4E.6 on all of my RHEL servers.

Here is my global stanza:
[global]
workgroup = DOMAIN
realm = DOMAIN.CA
server string = Samba Server
security = ADS
password server = passwordserver.DOMAIN.CA *
username map = None
log file = /var/log/samba/%m.log
domain logons = no
domain master = no
max log size = 1000
smb ports = 139
server signing = auto
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
wins server = 10.1.2.3
idmap uid = 1000-20000
idmap gid = 1000-20000
winbind use default domain = yes
short preserve case = No
preferred master = no
local master = no
log level = 4

Here's are the steps I am taking to join the domain:
# cat ktest
#!/bin/sh
# Destroy Kerberos Token
/usr/kerberos/bin/kdestroy
# Stop services
/etc/init.d/winbind stop
/etc/init.d/smb stop
# Log in to domain
/usr/kerberos/bin/kinit myusername@DOMAIN.CA
/usr/bin/net ads join -U myusername
# Start services
/etc/init.d/winbind start
/etc/init.d/smb start
# Check processes
/bin/ps -aef | grep -i winbind
/bin/ps -aef | grep -i smb

Verify Winbind
# wbinfo -t
Checking the trust secret via RPC calls succeeded
# wbinfo -m
EGI
DOMAIN.CA
# wbinfo -u
.. long list of AD users pulled down
# wbinfo -g
.. long list of AD groups

After the Linux server joins the domain, I check with the AD admins and the object for my Linux server always shows up as a "Domain Controller."

I've worked through this with the Oracle support, and with the relevant lines in [global], all that should have specified to the server not to let the Linux server join as a domain controller.

Is there something I'm missing?

Thanks,
# 2  
Bump - anyone? I'm still having problems with this. Has anyone else encountered the same thing? I've searched all the mailing lists (HPUX, RHEL, OEL, etc.) and I haven't found anything helpful at all.

Thanks...

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #444
Difficulty: Easy
Scientific Linux is an Enterprise Linux rebuild sponsored by Fermi National Accelerator Laboratory.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Joining the Linux server to a Windows AD domain

Hi , I have a domain contoso.com, which is created by Windows AD, i have a linux server which i want to join to this domain. Linux server-: RHEL 5.3 ******Info of the windows domain************* AD server- Windows 2008 r2 server. Please help me to join this linux server to the windows... (2 Replies)
Discussion started by: shroh
2 Replies

2. Windows & DOS: Issues & Discussions

Lost Domain Admin Privileges in Samba

Hello, I have apparently lost all domain admin privledges in Samba. I have had several problems ever since I installed the 1/31 Solaris patch cluster. I had to roll out one Samba update (146363-01), which denied all logons network access. However, this particular problem seems to have begun... (0 Replies)
Discussion started by: stringman
0 Replies

3. Debian

Testing a SAMBA Domain Controller

Hello,,, We have an existing(working) MS PDC in our office. I have already installed SAMBA with LDAP Authentication on a TEST machine (on same LAN). But, am unable to join a WinXP machine to this domain. in smb.conf i have: WORKGROUP = mydomain and tried to join the XP machine to... (0 Replies)
Discussion started by: coolatt
0 Replies

4. UNIX for Dummies Questions & Answers

Samba change domain controller

Hello people i have a samba and they changed domain controller from a windows 2003 to a windows 2008, there is a problem with the version of samba maybe incompatibilities i dont know what show me this domain_client_validate: unable to validate password for user xxxx in domain xxxx to Domain... (0 Replies)
Discussion started by: enkei17
0 Replies

5. Homework & Coursework Questions

cannot join xp or vista to samba domain (PDC)

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: I have a barebones XP Pro SP2 with no firewall. CentOS 5.xx running a Samba 3.xx Domain (PDC) The XP machine... (2 Replies)
Discussion started by: pogipants
2 Replies

6. Windows & DOS: Issues & Discussions

How to: Linux BOX in Windows Domain (w/out joining the domain)

Dear Expert, i have linux box that is running in the windows domain, BUT did not being a member of the domain. as I am not the System Administrator so I have no control on the server in the network, such as modify dns entry , add the linux box in AD and domain record and so on that relevant. ... (2 Replies)
Discussion started by: regmaster
2 Replies

7. UNIX for Dummies Questions & Answers

Joining UNIX to a Windows2003 Domain

Hey everyone, We have a Windows2003 Domain here at my workplace. I'm getting ready to switch over our bottom floor to the new domain. Will they still be able to see our UNIX machine that is setup now (on our workgroup) or will I need to join the UNIX machine to the domain. If that is the case... (4 Replies)
Discussion started by: Duki
4 Replies

8. UNIX for Advanced & Expert Users

Samba does not connect to domain

I have a samba server and a raid SAN which is actually running samba. Neither one lets me access anything on the samba unix side. I really do not know where to look anymore. there are no errors. When I try to connect to the samba server I get prompted with login and password repeatedly. Frank (4 Replies)
Discussion started by: frankkahle
4 Replies

9. UNIX for Dummies Questions & Answers

Samba / FreeBSD member server in MSFT 2003 AD domain

By following the Samba.org how-to's and various finds on groups.google.com I've succeeded in getting a FreeBSD (5.2.1-RELEASE) / Samb-3.0.0,1 server in to my MSFT 2003 Active Directory domain as a member server, but there is a little problem I'm having trouble resolving. Newly created user... (0 Replies)
Discussion started by: ccy
0 Replies

10. UNIX for Dummies Questions & Answers

Using Samba to join a win 2000 Domain

I am trying to set samba up to join my windows 2000 domain and I am having troubles If anyone if familiar with this help would be greatly appreciated I issue the following command # ./smbpasswd -j DOMAIN -r DOMAINCONTROLER And the following gets returned load_client_codepage: filename... (4 Replies)
Discussion started by: gennaro
4 Replies

Featured Tech Videos