Bug 215648

Summary: net ads join or kerberos issue with fc6...
Product: [Fedora] Fedora Reporter: Need Real Name <bugzilla>
Component: sambaAssignee: Simo Sorce <ssorce>
Status: CLOSED NOTABUG QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: jplans, nutello, samba-bugs-list
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-05-22 09:40:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2006-11-15 00:54:47 UTC 
Description of problem:
net ads join fails to use kerberos ticket, or kinit perhaps isn't doing
something correct.

Version-Release number of selected component (if applicable):
samba-3.0.23c-2
krb5-workstation-1.5-7

How reproducible:
Always

Steps to Reproduce:
1. kinit Administrator.DOMAIN
2. net ads join
3.
  
Actual results:
net ads join prompts for root password

Expected results:
linux server joins win2k3 domain.

Additional info:

Same setup on my fc4 box works as expected, samba.conf and krb5.conf files are
exactly the same on fc6 box.

kinit prompts for password, and accepts it. (No errors)

klist shows:

Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator.DOMAIN

Valid starting     Expires            Service principal
11/14/06 16:45:57  11/15/06 02:47:22 
krbtgt/INTRANET.PRIVATE.DOMAIN.DOMAIN
        renew until 11/15/06 16:45:57


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
Comment 1 Rudi Chiarito 2006-11-24 18:51:32 UTC 
Could this be fixed in 3.0.23d, which was just released last week and has a
bunch of AD fixes? I am currently bitten by Samba bug 4095 (and was able to
workaround it by building a patched 3.0.23c). I don't see the new version in
Rawhide or updates-testing yet, it might help with a number of reports.
Comment 2 Guenther Deschner 2007-03-15 14:27:54 UTC 
Can you please verify with the latest update (3.0.24-1.fc6)?

Often the prompt during the net ads join is caused because "net" cannot find a
suitable DC. Could you, if the error still persists, upload the log level 10
stderr output (net ads join -d 10) ?
Comment 3 Guenther Deschner 2007-05-22 09:40:31 UTC 
Assuming the join is working now, so closing this bug. If it doesn't work,
please reopen this bug with a a log level 10 "net ads join" logfile.

Thanks for the report.