Comments on Configuring Samba 3.0 To Use The ADS Security Mode (CentOS)

Configuring Samba 3.0 To Use The ADS Security Mode (CentOS) The intent of this article is to show you how to configure your Linux machine and Samba server to participate in a Windows 2003 Active Directory domain as a Member Server using Kerberos authentication. This involves using the security = ADS security mode in Samba.

4 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By:

I was getting

ads_connect: Operations error

when trying to join the domain, it seems somehow related to the version of samba, 3.0.23.

You have to make sure your /etc/hosts file is correct, and that the domain (the FQDN) of your client machine is the same as of the domain of the ad machine.

Also, the client workgroup has to be the same as of the AD workgroup.

Finally, if instead of "net ads join" you use "net join" it will try ads then rpc join, and the last one was the one who worked for me.

Hope it helps. 

 

 

 

By:

When facing problems, check Time vs Kerberos. Both are silent killers, even after you've authenticated.

The easiest way to resolve user related issues, is to use Winbind. Once that is fixed, is ridiculously easy to get everything to work properly.

Follow the instructions here, then follow the instructions from SAMBA (with a little intelligent changes), will set you up. Here is the link.

http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html

By: Yann

Years afterward, still helps me ;)

Just encountered the error "Strong(er) authentication required" on last step : net ads join.

I solved it by installing  samba3x instead of samba.3.0 and added the following option to my smb.conf :

client ldap sasl wrapping = sign 

 

 

By: Jeremy Canfield

Although this was written for Windows Server 2003, I was able to get this to work on Windows Server 2012. Very easy to follow tutorial.