From: Guillermo Gutierrez on
You may just have to join it to the domain and then move it manually
into the OU through windows.

Unless you upgrade to a newer version of samba that supports that
feature.

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 5:15 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks for this. The problem appears to be that I can't create the
workstation in the OU. I can use my same credentials to log into the AD
and create a workstation in that OU through Windows but not through
Linux.

# net help ads join
net ads join [options]
Valid options:
createupn[=UPN] Set the userPrincipalName attribute during the
join.
The deault UPN is in the form
host/netbiosname(a)REALM.
createcomputer=OU Precreate the computer account in a specific OU.
The OU string read from top to bottom without RDNs
and delimited by a '/'.
E.g. "createcomputer=Computers/Servers/Unix"
NB: A backslash '\' is used as escape at multiple
levels and may
need to be doubled or even quadrupled. It is
not used as a separator


So when I try

# net ads join createcomputer="Servers/Windows/Computers/AD" -U
willy%password


Failed to pre-create the machine object in OU
createcomputers=Servers/Windows/Computers/AD.
[2008/01/28 20:15:30, 1] utils/net_ads.c:net_ads_join(1533)
error calling net_precreate_machine_acct: No such object
Failed to join domain: No such object
[2008/01/28 20:15:30, 2] utils/net.c:main(1032)
return code = -1


* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C]
Sent: Mon 1/28/2008 7:58 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks. I keep getting this error every time I log in now with the
options you've given below


[2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521)
Found SASL mechanism GSS-SPNEGO
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
ads_sasl_spnego_bind: got server principal name = nihdc$@NIH.GOV
[2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610)
ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew
[2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 29 Jan 2008 05:50:25 EST
Bad option: SEVERN
Failed to join domain: Invalid parameter
[2008/01/28 19:49:22, 2] utils/net.c:main(1032)
return code = -1






* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Mon 1/28/2008 4:57 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Whoops,

The trailing (") should be at the end of the OU path, in your case after
the 'AD'.

The computername is a separate value that you are feeding it.

net ads join createcomputer="Servers/Windows/Computers/AD" computername

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 1:59 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Is there a trailing quote (") after computer name ?


* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913


-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Monday, January 28, 2008 4:45 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You have to use the "createcomputer" parameter if you want to specify
the OUs.

Ex: net ads join createcomputer="Servers/Windows/Computers/AD
computername

-----Original Message-----
From: samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org
[mailto:samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org] On
Behalf Of Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 1:17 PM
To: samba(a)lists.samba.org
Subject: [Samba] joining an AD



Hi there -

I am trying to join the domain using the net ads join command but keep
getting a "

Bad option: Servers/Windows/Computers/AD
Failed to join domain: Invalid parameter

when I try to add the computer into the correct OU like so:

net ads join "Servers/Windows/Computers/AD



Is there a correct way to get this to work?

I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4



--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
From: Philipoff, Andrew on
In our AD environment, I pre-create computer records in our AD OU
computers container via a Windows system using the Active Directory
Users and Computers console. I then bind Samba domain members using "net
ads join -U domain_admin_login".

Andrew Philipoff
Programmer Analyst
Information Technology Services
Department of Medicine
University of California, San Francisco
Phone: 415-476-1344
Help Desk: 415-476-6827

-----Original Message-----
From: samba-bounces+aphilipoff=medicine.ucsf.edu(a)lists.samba.org
[mailto:samba-bounces+aphilipoff=medicine.ucsf.edu(a)lists.samba.org] On
Behalf Of Guillermo Gutierrez
Sent: Monday, January 28, 2008 5:59 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You may just have to join it to the domain and then move it manually
into the OU through windows.

Unless you upgrade to a newer version of samba that supports that
feature.

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 5:15 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks for this. The problem appears to be that I can't create the
workstation in the OU. I can use my same credentials to log into the AD
and create a workstation in that OU through Windows but not through
Linux.

# net help ads join
net ads join [options]
Valid options:
createupn[=UPN] Set the userPrincipalName attribute during the
join.
The deault UPN is in the form
host/netbiosname(a)REALM.
createcomputer=OU Precreate the computer account in a specific OU.
The OU string read from top to bottom without RDNs
and delimited by a '/'.
E.g. "createcomputer=Computers/Servers/Unix"
NB: A backslash '\' is used as escape at multiple
levels and may
need to be doubled or even quadrupled. It is
not used as a separator


So when I try

# net ads join createcomputer="Servers/Windows/Computers/AD" -U
willy%password


Failed to pre-create the machine object in OU
createcomputers=Servers/Windows/Computers/AD.
[2008/01/28 20:15:30, 1] utils/net_ads.c:net_ads_join(1533)
error calling net_precreate_machine_acct: No such object
Failed to join domain: No such object
[2008/01/28 20:15:30, 2] utils/net.c:main(1032)
return code = -1


* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C]
Sent: Mon 1/28/2008 7:58 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks. I keep getting this error every time I log in now with the
options you've given below


[2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521)
Found SASL mechanism GSS-SPNEGO
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
ads_sasl_spnego_bind: got server principal name = nihdc$@NIH.GOV
[2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610)
ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew
[2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 29 Jan 2008 05:50:25 EST
Bad option: SEVERN
Failed to join domain: Invalid parameter
[2008/01/28 19:49:22, 2] utils/net.c:main(1032)
return code = -1






* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Mon 1/28/2008 4:57 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Whoops,

The trailing (") should be at the end of the OU path, in your case after
the 'AD'.

The computername is a separate value that you are feeding it.

net ads join createcomputer="Servers/Windows/Computers/AD" computername

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 1:59 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Is there a trailing quote (") after computer name ?


* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913


-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Monday, January 28, 2008 4:45 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You have to use the "createcomputer" parameter if you want to specify
the OUs.

Ex: net ads join createcomputer="Servers/Windows/Computers/AD
computername

-----Original Message-----
From: samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org
[mailto:samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org] On
Behalf Of Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 1:17 PM
To: samba(a)lists.samba.org
Subject: [Samba] joining an AD



Hi there -

I am trying to join the domain using the net ads join command but keep
getting a "

Bad option: Servers/Windows/Computers/AD
Failed to join domain: Invalid parameter

when I try to add the computer into the correct OU like so:

net ads join "Servers/Windows/Computers/AD



Is there a correct way to get this to work?

I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4



--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
From: Calderon, Willy (NIH/NINDS) [C] on
I tried that. I created the machine in the correct OU but this when I
try to do this I get various errors:


# net ads join -U username
username's password:
Using short domain name -- DOMAIN
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'SERVERNAME' in realm 'DOMAIN'
Failed to join domain: Constraint violation



When I look back in the OU I find that the server has been removed.



* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913

-----Original Message-----
From: Philipoff, Andrew [mailto:aphilipoff(a)medicine.ucsf.edu]
Sent: Monday, January 28, 2008 11:00 PM
To: Guillermo Gutierrez; Calderon, Willy (NIH/NINDS) [C];
samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

In our AD environment, I pre-create computer records in our AD OU
computers container via a Windows system using the Active Directory
Users and Computers console. I then bind Samba domain members using "net
ads join -U domain_admin_login".

Andrew Philipoff
Programmer Analyst
Information Technology Services
Department of Medicine
University of California, San Francisco
Phone: 415-476-1344
Help Desk: 415-476-6827

-----Original Message-----
From: samba-bounces+aphilipoff=medicine.ucsf.edu(a)lists.samba.org
[mailto:samba-bounces+aphilipoff=medicine.ucsf.edu(a)lists.samba.org] On
Behalf Of Guillermo Gutierrez
Sent: Monday, January 28, 2008 5:59 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You may just have to join it to the domain and then move it manually
into the OU through windows.

Unless you upgrade to a newer version of samba that supports that
feature.

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 5:15 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks for this. The problem appears to be that I can't create the
workstation in the OU. I can use my same credentials to log into the AD
and create a workstation in that OU through Windows but not through
Linux.

# net help ads join
net ads join [options]
Valid options:
createupn[=UPN] Set the userPrincipalName attribute during the
join.
The deault UPN is in the form
host/netbiosname(a)REALM.
createcomputer=OU Precreate the computer account in a specific OU.
The OU string read from top to bottom without RDNs
and delimited by a '/'.
E.g. "createcomputer=Computers/Servers/Unix"
NB: A backslash '\' is used as escape at multiple
levels and may
need to be doubled or even quadrupled. It is
not used as a separator


So when I try

# net ads join createcomputer="Servers/Windows/Computers/AD" -U
willy%password


Failed to pre-create the machine object in OU
createcomputers=Servers/Windows/Computers/AD.
[2008/01/28 20:15:30, 1] utils/net_ads.c:net_ads_join(1533)
error calling net_precreate_machine_acct: No such object
Failed to join domain: No such object
[2008/01/28 20:15:30, 2] utils/net.c:main(1032)
return code = -1


* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C]
Sent: Mon 1/28/2008 7:58 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks. I keep getting this error every time I log in now with the
options you've given below


[2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521)
Found SASL mechanism GSS-SPNEGO
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
ads_sasl_spnego_bind: got server principal name = nihdc$@NIH.GOV
[2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610)
ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew
[2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 29 Jan 2008 05:50:25 EST
Bad option: SEVERN
Failed to join domain: Invalid parameter
[2008/01/28 19:49:22, 2] utils/net.c:main(1032)
return code = -1






* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Mon 1/28/2008 4:57 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Whoops,

The trailing (") should be at the end of the OU path, in your case after
the 'AD'.

The computername is a separate value that you are feeding it.

net ads join createcomputer="Servers/Windows/Computers/AD" computername

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 1:59 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Is there a trailing quote (") after computer name ?


* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913


-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Monday, January 28, 2008 4:45 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You have to use the "createcomputer" parameter if you want to specify
the OUs.

Ex: net ads join createcomputer="Servers/Windows/Computers/AD
computername

-----Original Message-----
From: samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org
[mailto:samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org] On
Behalf Of Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 1:17 PM
To: samba(a)lists.samba.org
Subject: [Samba] joining an AD



Hi there -

I am trying to join the domain using the net ads join command but keep
getting a "

Bad option: Servers/Windows/Computers/AD
Failed to join domain: Invalid parameter

when I try to add the computer into the correct OU like so:

net ads join "Servers/Windows/Computers/AD



Is there a correct way to get this to work?

I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4



--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
From: Calderon, Willy (NIH/NINDS) [C] on
The error I got "Failed to set servicePrincipalNames. Please ensure that the DNS domain of this server matches the AD domain, Or rejoin with using Domain Admin credentials" seems to point to the way that Kerberos requires a flat namespace to function. SO I would have to make sure the DNS name the server is DOMAIN.COM instead of SUB.DOMAIN.COM, which is going to be a problem.




-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C]
Sent: Tue 1/29/2008 9:16 AM
To: Philipoff, Andrew; Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

I tried that. I created the machine in the correct OU but this when I
try to do this I get various errors:


# net ads join -U username
username's password:
Using short domain name -- DOMAIN
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'SERVERNAME' in realm 'DOMAIN'
Failed to join domain: Constraint violation



When I look back in the OU I find that the server has been removed.



* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913

-----Original Message-----
From: Philipoff, Andrew [mailto:aphilipoff(a)medicine.ucsf.edu]
Sent: Monday, January 28, 2008 11:00 PM
To: Guillermo Gutierrez; Calderon, Willy (NIH/NINDS) [C];
samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

In our AD environment, I pre-create computer records in our AD OU
computers container via a Windows system using the Active Directory
Users and Computers console. I then bind Samba domain members using "net
ads join -U domain_admin_login".

Andrew Philipoff
Programmer Analyst
Information Technology Services
Department of Medicine
University of California, San Francisco
Phone: 415-476-1344
Help Desk: 415-476-6827

-----Original Message-----
From: samba-bounces+aphilipoff=medicine.ucsf.edu(a)lists.samba.org
[mailto:samba-bounces+aphilipoff=medicine.ucsf.edu(a)lists.samba.org] On
Behalf Of Guillermo Gutierrez
Sent: Monday, January 28, 2008 5:59 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You may just have to join it to the domain and then move it manually
into the OU through windows.

Unless you upgrade to a newer version of samba that supports that
feature.

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 5:15 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks for this. The problem appears to be that I can't create the
workstation in the OU. I can use my same credentials to log into the AD
and create a workstation in that OU through Windows but not through
Linux.

# net help ads join
net ads join [options]
Valid options:
createupn[=UPN] Set the userPrincipalName attribute during the
join.
The deault UPN is in the form
host/netbiosname(a)REALM.
createcomputer=OU Precreate the computer account in a specific OU.
The OU string read from top to bottom without RDNs
and delimited by a '/'.
E.g. "createcomputer=Computers/Servers/Unix"
NB: A backslash '\' is used as escape at multiple
levels and may
need to be doubled or even quadrupled. It is
not used as a separator


So when I try

# net ads join createcomputer="Servers/Windows/Computers/AD" -U
willy%password


Failed to pre-create the machine object in OU
createcomputers=Servers/Windows/Computers/AD.
[2008/01/28 20:15:30, 1] utils/net_ads.c:net_ads_join(1533)
error calling net_precreate_machine_acct: No such object
Failed to join domain: No such object
[2008/01/28 20:15:30, 2] utils/net.c:main(1032)
return code = -1


* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C]
Sent: Mon 1/28/2008 7:58 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Thanks. I keep getting this error every time I log in now with the
options you've given below


[2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521)
Found SASL mechanism GSS-SPNEGO
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
ads_sasl_spnego_bind: got server principal name = nihdc$@NIH.GOV
[2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610)
ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew
[2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 29 Jan 2008 05:50:25 EST
Bad option: SEVERN
Failed to join domain: Invalid parameter
[2008/01/28 19:49:22, 2] utils/net.c:main(1032)
return code = -1






* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913



-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Mon 1/28/2008 4:57 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Whoops,

The trailing (") should be at the end of the OU path, in your case after
the 'AD'.

The computername is a separate value that you are feeding it.

net ads join createcomputer="Servers/Windows/Computers/AD" computername

-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow(a)ninds.nih.gov]
Sent: Monday, January 28, 2008 1:59 PM
To: Guillermo Gutierrez; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

Is there a trailing quote (") after computer name ?


* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913


-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez(a)marketscan.com]
Sent: Monday, January 28, 2008 4:45 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba(a)lists.samba.org
Subject: RE: [Samba] joining an AD

You have to use the "createcomputer" parameter if you want to specify
the OUs.

Ex: net ads join createcomputer="Servers/Windows/Computers/AD
computername

-----Original Message-----
From: samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org
[mailto:samba-bounces+ggutierrez=marketscan.com(a)lists.samba.org] On
Behalf Of Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 1:17 PM
To: samba(a)lists.samba.org
Subject: [Samba] joining an AD



Hi there -

I am trying to join the domain using the net ads join command but keep
getting a "

Bad option: Servers/Windows/Computers/AD
Failed to join domain: Invalid parameter

when I try to add the computer into the correct OU like so:

net ads join "Servers/Windows/Computers/AD



Is there a correct way to get this to work?

I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4



--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba