Description of problem:

Trying to use system-config-authentication to join an Active Directory domain,
the actual join fails since 'net ads join' tries to fetch a Kerberos ticket from
the wrong realm.


Version-Release number of selected component (if applicable):

samba-3.0.23c-2
samba-common-3.0.23c-2
authconfig-gtk-5.3.12-1.fc6



Steps to Reproduce:
1. Run system-config-authentication and enable winbind. Press Configure winbind
and supply details about your AD and use ads as security model.
2. Press "join domain" and supply details about username and password.
3. Press OK.
 
Actual results:

ADS join fails. Stdout/stderr of system-config-authentication reports this:

[/usr/bin/net join -w GUEST -S adserver.example.com -U Administrator]
Administrator's password:<...>
 
[2006/12/12 15:57:43, 0] libsmb/cliconnect.c:cli_session_setup_spnego(776)
  Kinit failed: Cannot resolve network address for KDC in requested realm
Failed to join domain!
ADS join did not work, falling back to RPC...
Joined domain GUEST.

Expected results:

ADS join success.

Additional info:

The reason for the failed join is that /etc/krb5.conf is incorrectly written. A
section for the ADS realm is added, but the realm is not set as default_realm
under [libdefaults]. This causes 'net ads join' to try to get tickets from the
EXAMPLE.COM domain, which fails.