Здравствуйте,
Вот возникла проблема с подключение сервера к домену win2008. На Ковчеге настроил самбу изменил настройки kb5, но не как не удается присоединить его к домену. Помогите пожалуйста решить эту траблу.
Команда kinit проходит успешно билет выдается.
Вот вывод klist
[root@host /]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: polovnikov@PPTK-MOS.RU
Valid starting Expires Service principal
11/23/10 11:37:03 11/23/10 18:17:03 krbtgt/PPTK-MOS.RU@PPTK-MOS.RU
Вот что получается при попытке подключения к домену.
[root@host /]# net ads join -U polovnikov
polovnikov's password:
[2010/11/23 11:36:19, 0] utils/net_ads.c:ads_startup_int(286)
ads_connect: No logon servers
Failed to join domain: No logon servers
krb5.conf
[logging]
default = FILE:/var/log/krb5/krb5libs.log
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = PPTK-MOS.RU
dns_lookup_realm = false
dns_lookup_kdc = false
[domain_realm]
.pptk-mos.ru = PPTK-MOS.RU
pptk-mos.ru = PPTK-MOS.RU
[dbdefaults]
ldap_kerberos_container_dn = "cn=kerberos,ou=kdcroot,dc=pptk-mos,dc=ru"
[dbmodules]
pptk-mos.ru = {
db_library = kldap
ldap_kdc_dn = cn=kdc,ou=kdcroot,dc=pptk-mos,dc=ru
ldap_kadmind_dn = cn=kadmin,ou=kdcroot,dc=pptk-mos,dc=ru
ldap_service_password_file = /var/lib/kerberos/krb5kdc/pptk-mos.ru.ldapkey
ldap_servers = ldap://localhost/
ldap_conns_per_server = 5
}
[realms]
PPTK-MOS.RU = {
kdc = 192.168.0.10:88
admin_server = 192.168.0.10:749
default_domain = pptk-mos.ru
}
[kdc]
profile = /etc/kdc.conf
Настройки самба.
[global]
workgroup = pptk-mos
netbios name = Samba
realm = PPTK-MOS.RU
server string = Samba server
security = ads
use kerberos keytab = Yes
password server = 192.168.0.10
log file = /var/log/samba/log.%m
max log size = 500
printcap name = cups
dns proxy = No
use sendfile = Yes
#dos charset = 866
unix charset = UTF-8
passdb backend = tdbsam
socket options = TCP_NODELAY
local master = no
domain master = no
preferred master = no
domain logons = no
os level = 0
encrypt passwords = yes
#display charset = 866
#passdb backend = ldapsam:ldap://127.0.0.1/
#ldap admin dn = cn=ldaproot,dc=pptk-mos,dc=ru
#ldap suffix = dc=pptk-mos,dc=ru
#ldap group suffix = ou=Group
#ldap user suffix = ou=People
winbind use default domain = yes
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
[share]
comment = Commonplace
path = /srv/share
read only = No
[homes]
comment = Home Directory for '%u'
browseable = no
writable = yes
