I've got a home server running Ubuntu Server 9.04 and several machines running Ubuntu Desktop (9.04 and 8.04) and Windows (XP, Vista and 7). Now what I want to do is to create a domain and directory server similar in function to Windows Server w/ AD and join my other machines to the domain, but am not sure where to start. I already have file shares with Samba but now I want to setup a domain.
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
I was wondering if there is any way to enable an MS Windows client that is otherwise unable of joining a domain to join a domain controlled by (open)SUSE? Is that inability only for joining a Windows based domain but a client that runs XP Home Edition or similar domain- incapable version of Windows could join a domain if it was controlled by Linux?Pardon my newbie style, but answer doesn't have to be detailed step-by-step, just yes/no answer with some pointers would do. I am not new to linux but new to network services... search engines weren't friendly when asked this question at the search bar...
When i try to join my Ubuntu server to Microsoft Active Directory domain, i get the error message below.
Kinit failed: Clock skew too great Failed to join domain: Time difference at domain controller I know the reason is because of the time difference between my domain controller and the Ubuntu server. But what i want to know is that possible to join a domain without time synchronisation? Because my domain controller is working for another time zone, for another Country, so i can not synchronise it with my Ubuntu server.
But here is my problem... I have a windows 2003 server mini tower ATX running VMware workstation 7.0 that has a Ubuntu server 32-bit and a Ubuntu desktop; both versions are 10.04. Now, my ubuntu server edition joins active directory just fine, but my ubuntu desktop does not.
I have a centos 5 server joined to a win2003 active directory domain. It's a virtual machine, so i had to sync the date (ntpdate) because it was 12 minutes different. It worked, but not ntlm authentication is not working anymore. If i rejoin the domain i get:
net ads join -U administrator@MYDOMAIN.COM administrator@MYDOMAIN.COM's password: Failed to set password for machine account (NT_STATUS_DISK_FULL) Failed to join domain: NT_STATUS_DISK_FULL
Attach a Fedora/RHEL/CentOS system to an Active Directory DomainBelow is a step by step outline of how to configure a Linux Samba fileserver to use an Active Directory domain for authentication and authorization in place of flat files. Note that this configuration has been replicated using Fedora 10, RHEL 5.3 and CentOS 5 since they all more or less share the same code base.me of the example server in this document is erver1.domain.forest.org, substitute correctly where appropriate. At the very least following packages must also be installed:
sambasamba-commonsamba-clientkrb5-workstationopenldap-clientsIt would be prudent to understand the underlying concepts of how Kerberos and Samba work prior to deploying this type of server. I find that SE-Linux will interfere with Samba services, particularly with winbind. I usually set SE-Linux to be in a permissive mode. It is possible to update the SE-Linux policies but that is outside the scope of this document, i.e you're on your own. In some cases I turned SE-Linux off since it was causing winbind to stop responding.
1. Set NTP to use the correct server for your Active Directory domain:shell> system-config-timeSet the primary NTP server to be your domain/forest NTP server2. Make backups of and edit the following system configuration files:a. shell> cp /etc/resolv.conf /etc/resolv.conf.bakb. shell> vi /etc/resolv.conf
I have too many problems to join my OpenSuSE 11.2 with Samba 3.5.4 in a Windows 2008 Active directory Forest (MYDOMAIN.LOCAL). I have updated Samba to 3.5.4 after read that default 11.2 version have too many bugs. Now, when I try to join the Domain MYDOMAIN.LOCAL via yast i have only an undebuggable error "unknown error". For yast, my Suse is joined but i'm unable to authenticate, i can't see "MYDOMAIN.LOCAL" at KDM login and if i try to lookup forest i have this error:
Code: wbinfo -u Error looking up domain users but i'm able to retrive ticket via kinit Code: # kinit Administrator Password for Administrator@MYDOMAIN.LOCAL:
have you a samba version tested against Active Directory 2008? can you link me the repository or help me to solve this?
I would like to join SLES server to Microsoft Server 2008 Active Directory to enable domain authentication when accessing samba shares. When I run
net ads join -U administrator
I get the following error
"Failed to join domain: Improperly formed account name."
I tried the same samba configuration on another server (OpenSuse 11.2) without any problem, so I think it is somehow connected with the Samba version, but I'm not sure. Has anybody experienced this behaviour?
the package versions on SLES 10 SP2 (x86_64) are following
I've setup my samba pdc with ldap, and I can see my shared files (public), which i think is an indication that my samba is working. But I can't seems to get my win2k8 machine to join my domain.
My domain admin is : root system admin: root password for both domain admin and system admin are the same The message that I get from Win2k8 when I try to join a domain is "The specified computer account could not be found. Contact an administrator to verify the account is in the domain. If the account has been deleted unjoin, reboot, and rejoin the domain"
We've been running samba on linux for a while and everything was fine. All of a sudden when you add new clients to the domain you get the error message :Logon Failure:unknown user name or bad password. This to me seems like a windows error message and not a samba error. When you remove an existing machine (ie on domain) and then try to rejoin it to the domain you fail.
I'm fairly new to Linux and very new to Squid and am having authentication issues! I am using Oracle Enterprise Linux (which is basically Red Hat without the branding) and wanting to use Squid Proxy Server for web access with authentication to Active Directory. I've found a number of articles about this online and all of them say to use auth program squid_ldap_conf which should be in /usr/lib/squid/. I don't have a squid directory in /usr/lib for starters and my squid binaries are in /etc/squid but there is no squid_ldap_conf in there either. I have installed the latest version of Squid (3.0) to see if that helped but I still cannot find the authorisation program.
I will be migrating SLES-10-SP2 operating system to new hard drives. I will be cloning most of the file systems. I had downloaded openSeSU-11-3-gnome Live CD and burned an ISO image. I want to install new drives in the PC and use the Live CD to create partitions to use in a RAID system. I have seen on the web that the Live CD can be used to install the OS on a machine but I did not see any option that just give the ability to use YAST to partition and create RAID system. Thus my question is how can I use the Live CD just to prepare the disk without installing the OS?
I am attempting to setup a linux file server in active directory. It has been kind of an ongoing project(nightmare) for me... I have tried a few distributions of linux and I have to say I really enjoy openSUSE. YaST is my best friend. Now to the problem at hand.
I have samba installed and configured for the domain. I was able to successfully join the machine to the domain. I can even log on using domain user names and passwords (more than I was able to accomplish with other distros...). Where I am having a problem currently is I cannot see the suse machine from a windows machine. I can access shares from suse to windows though.
I have AD DS installed on Windows Server 2008 R2. Also, I've got SLES 10.3 as NFSv4 server, which will allow remote users to mount their /home partitions. What I need, is NFSv4 w/Kerberos. As AD server already has integrated Kerberos server, I need SLES to authenticate in it.Everything works good, but when it comes to svcgssd service activation, I receive an error.Here's the log:
/usr/sbin/rpc.svcgssd -f ERROR: GSS-API: error in gss_acquire_cred(): Miscellaneous failure - No principal in keytab matches desired name
I am trying out few stuff with Linux and Windows. I have a 'Postfix' mail server on CentOS 5.5 with 'dovecot' and 'squirrel' (webmail) working fine. I am just wondering, how can I create bulk mailboxes on CentOS 5.5 (for postscript) so that the the users can access their mail from the browser (squirrel mail)?
How can I integrate with Active Directory? I am also looking for techniques to automatically create bulk users (for example 100 users) on Active Directory with a default passwords (or random passwords if possible) that integrate with Postfix.
I would prefer to use a linux server for authentication but I will need the same configuration features.I have been looking for a good guide to setting up CentOS as an alternative to Active Directory, but have not found one yet.The features I want to see.
1. works with Windows clients. 2. Network Home folders (does not neessisarly need to hold profile information) 3. Logon scripts for clients. 4. shared printers 5. shared folders. 6. can log linux boxes in with the same credentials and logon scripts.
okay so we have multiple servers running CentOS and multiple people who need access to these machines for various tasks. i would like to be able to use the credentials from Active Directory (running on server 2008) to give them access to these servers without having to go through each server and add these people into permission groups. basically a single sign-on for all of these servers depending upon what permissions were granted in Active Directory. how do i go about doing this?
I am running Red Hat Enterprise Server 6.0 I am having issues getting kerberos configured as a client to join a domain. Im getting below error message. "Failed to join domain: failed to connect to AD: KDC has no support for encryption type"