Пытаюсь настроить связку Сквид+АД, на этапе ввода ФРИ в домен загнулся
Вот что имею :
Код: Выделить всё
bridg# cat /etc/krb5.conf
[libdefaults]
default_realm = NEWS2000.COM.UA
clockskew = 300
v4_instance_resolve = false
[realms]
NEWS2000.COM.UA = {
kdc = tcp/PHOTOBASE.NEWS2000.COM.UA
admin_server = PHOTOBASE.NEWS2000.COM.UA
}
[domain_realm]
.news2000.com.ua = NEWS2000.COM.UA
Код: Выделить всё
bridg# cat /usr/local/etc/smb.conf
[global]
workgroup = news2000
realm = news2000.com.ua
netbios name = bridg
server string = Proxy Server News2000
winbind separator = +
winbind use default domain = yes
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
log file = /var/log/samba/log.%m
max log size = 50
security = ADS
password server = news2000.com.ua
encrypt passwords = yes
dos charset = CP866
unix charset = KOI8-R
local master = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
Код: Выделить всё
#######################################
smbd_enable="YES"
samba_config="/usr/local/etc/smb.conf"
nmbd_enable="YES"
winbindd_enable="YES"
#######################################
Код: Выделить всё
bridg# kinit Administrator
Administrator@NEWS2000.COM.UA's Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
bridg#
первая попытка
Код: Выделить всё
bridg# net join -U Administrator
Administrator's password:
Using short domain name -- NEWS2000
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'BRIDG' in realm 'NEWS2000.COM.UA'
Failed to join domain: Type or value exists
ADS join did not work, falling back to RPC...
Unable to find a suitable server
Unable to find a suitable server
Код: Выделить всё
bridg# net join -U Administrator
Administrator's password:
[2009/04/15 22:52:18, 0] libads/kerberos.c:ads_kinit_password(228)
kerberos_kinit_password Administrator@NEWS2000.COM.UA failed: Preauthentication failed
Failed to join domain: Logon failure
ADS join did not work, falling back to RPC...
Unable to find a suitable server
Unable to find a suitable server
Код: Выделить всё
bridg# net join -U Administrator -S photobase.news2000.com.ua
Administrator's password:
Using short domain name -- NEWS2000
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'BRIDG' in realm 'NEWS2000.COM.UA'
Failed to join domain: Type or value exists
ADS join did not work, falling back to RPC...
Could not connect to server photobase.news2000.com.ua
The username or password was not correct.
Could not connect to server photobase.news2000.com.ua
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
Код: Выделить всё
group_compat: nis
hosts: files dns
networks: files
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
group: files winbind
passwd: files winbind
Может кто подскажет куда посмотреть что поправить ?
Заранее спасибо.