Topic: Logging SME7 into Windows domain server

[brianr]

I need to run SME7 as a server on a windows domain with a Microsoft PDC.

I have found:

http://no.longer.valid/phpwiki/index.php/SME%20Domain%20Client%20Howto

which i have tried, but one of the template fragements is missing  - 11preferredmaster (should not make any difference?), and also the use of smbpassword results in a message to use "net join".  I have tried various version of this, the best (i think) being

net join -I 10.0.0.2 -U administrator (then it asks for the server admin password).

but I get various error messages:

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[2006/07/07 18:32:15, 0] libads/kerberos.c:ads_kinit_password(146)
  kerberos_kinit_password administrator@RAPID.LOCAL failed: Cannot find KDC for requested realm
[2006/07/07 18:32:15, 0] utils/net_ads.c:ads_startup(186)
  ads_connect: Cannot find KDC for requested realm
[2006/07/07 18:32:15, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
  cli_nt_setup_creds: request challenge failed
[2006/07/07 18:32:15, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
  cli_nt_setup_creds: request challenge failed
[2006/07/07 18:32:15, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319)
  Error domain join verification (reused connection): NT_STATUS_INVALID_COMPUTER_NAME
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


If I try to net join using the domain or server name, it seems unable to resolve it at all.

In the original config I put the PDC as the DNS server for the system.

Anyone done it on SME7?

[ryan]

I have joined Fedora C5 and Centos to a Active Directory (2003 native) domain.  This is easily done from the "authentication" module which has a gui.  It uses both winbind and kerberos membership.  If you have access to either a FC5 or Centos install to play with, you could get either working, then inspect the changes made to the samba and kerberos config files........

just a suggestion as this is how I would approach it if this discussion goes unanswered.  

good luck.

ryan

[ksc133]

u need to specify yr password server as your AD server.
u also need to install Krb5 if i'm not worng.
u also need to check the system clock of yr sme7 to sync with yr AD server esle it will not join correctly.

my 2cents

cheers!

[jester]

I've followed this howto from DarkMirage on my SME6.0.1 server which i recently updated to SME7 and it is still working, so i guess it should work for a fresh SME7 install as well.:
http://forums.contribs.org/index.php?topic=26380.0

BTW, if you add users to your domain on a Win server i believe you'll need te restart smb and winbind otherwise your users won't have access on your SME server. You can also use the server-manager and i think a re-save of the same 'workgroup' configuration does the trick as well.

Kind regards,
jester.

[brianr]

Jester, thanks for that link.

I've been trying the instructions from here:

http://www.enterprisenetworkingplanet.com/netos/article.php/3487081

and I've got it to login (apparently ok), and have started winbind, but  am still unable to see the SME7 shares from other PCs logged onto the domain.

anyone any ideas?

[jester]

have you configured the 'workgroup' in the server-manager?! You need to set the 'Windows workgroup' to your domain name for it to show up in your microsoft windows network. Did you set up a shared ibay? You should at least be able to connect to your server by typing: \\YOUR_SERVER_IP\ in Explorer.

jester.

[brianr]

Yes, workgroup is set-up, and I can see the server in Windows Explorer, but when I click on the symbol. it asks for Username and password, and rejects everything I put in (windows users, or SME7 users).

[jester]

Sorry brianr,

that's out of my league. If you can't even login with the admin account, you might have broken something, but like i said.... it's out of my league so i could well be wrong.

Kind regards,
jester.