各位大大,
下午好!
今天在做Samba加入AD認識的時候發生如下問題,不知各位大大有沒有看出什麼問題:
我們有一台WINDOWS2003的SERVER存放賬號
环境:
Windows 2003 Server Linux Samba's Server(Fedora 10)
IP地址 192.168.0.2 192.168.0.169
DNS 192.168.1.1 192.168.1.1
hostname chao card
域 niss.com.cn
以下是SAMBA下的設置:
1./etc/hosts;/etc/sysconfig/network設置如下:
/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.169 card.niss.com.cn card
/etc/sysconfig/network
hostname=card.niss.com.cn
2.smb.conf設置
[global]
workgroup = niss
realm = niss.com.cn
netbios name = Data_Server
server string = Linux
security = ADS
password server = chao.niss.com.cn
encrypt passwords = yes
[home]
path = /home/%D/%U
browsable = no
writable = yes
create mask = 0664
directory mask = 0775
[tmp]
path = /tmp
public =yes
存檔離開
3.修改Kerberos 位置在 /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = NISS.COM.CN (請問此處是填:CHAO.NISS.COM.CN,還是:NISS.COM.CN) dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
NISS.COM.CN = {
kdc = 192.168.0.2:88
admin_server = 192.168.0.2:749
default_domain = NISS.COM.CN
}
[domain_realm]
.example.com = NISS.COM.CN
.example.com = NISS.COM.CN
4.修改 /var/kerberos/krb5kdc/kdc.conf
[root@lcard~]#vi /var/Kerberos/krb5kdc/kdc.conf
[kdcdefaults]
******
[realms]
NISS.COM.CN = {
Master_key_type = des-cdc-crc
Supported_enctypes = arcfour-hmac:normal arcfour-hma
5.同步時間正常 ntpdate 192.168.0.2
6.測試連線
[root@card~]# kinit pief@NISS.COM.CN (pief為WINDOWS2003 SERVER的其中一個賬號)
顯示正常會跳回命令提示字元
[root@card~]#
7.將Samba主機加入網域
[root@card~]# /etc/init.d/smb restart
[root@card~]# /etc/init.d/nmb restart
OK OK OK OK
[root@card~]# net ads join -U pief
Enter pief's password: (輸入密碼)
出現如下的錯誤信息:
Failed to join Domain: failed to find DC for domain NISS.COM.CN 請問各位大大,是不是我的設置錯了還是命令用錯了?
感謝~~~~~
已解決:用net rpc join -S xxxx.com.cn -U administrator