[cifs-discuss] Joining NT4 domain fails

Jim Klimov jimklimov at cos.ru
Wed May 28 06:59:24 PDT 2008 

I believe I've seen a number of notes that NT4 domains are not yet supported by CIFS service; indeed joining a domain fails ("hitech" below is the NT4 domain; "cos.ru" is the DNS domain):

[root at thumper /]# smbadm join -u jim hitech
Enter domain password: 
Joining 'hitech' ... this may take a minute ...
failed to join domain 'hitech' (INVALID_PARAMETER)
[root at thumper /]# smbadm join -u hitech\jim HITECH
Enter domain password: 
Joining 'HITECH' ... this may take a minute ...
[root at thumper /]# smbadm join -u Administrator HITECH.cos.ru
Enter domain password: 
Joining 'HITECH.cos.ru' ... this may take a minute ...
failed to join domain 'HITECH.cos.ru' (INVALID_PARAMETER)
[root at thumper /]# smbadm join -u Administrator HITECH.
Enter domain password: 
Joining 'HITECH.' ... this may take a minute ...
failed to join domain 'HITECH.' (INVALID_PARAMETER)
[root at thumper /]# smbadm join -u Administrator HITECH
Enter domain password: 
Joining 'HITECH' ... this may take a minute ...
failed to join domain 'HITECH' (INVALID_PARAMETER)

Setting WINS servers and PDC also did not help:

[root at thumper /]# sharectl get smb
system_comment=Sun x4500 FilerServer
max_workers=64
netbios_scope=
lmauth_level=4
keep_alive=5400
wins_server_1=194.67.186.67
wins_server_2=194.67.131.167
wins_exclude=
signing_enabled=false
signing_required=false
restrict_anonymous=false
pdc=194.67.186.67
ads_site=
ddns_enable=false
autohome_map=/etc


When I tried to set "domain HITECH" line in /etc/resolv.conf, smbadm went iterating search-domains for kerberos names (i.e. _kerberos._udp.COS.RU).

We don't plan on upgrading from NT4 to AD soon, so what options do I have?

Is there any trick to try with SMF service options, sharectl, etc?

One more idea we've had - if we set up Sun DSEE 6.x as LDAP login system for our Solaris boxes, and sync DSEE password data to NT4 PDC some way, will these passwords work for Windows users to access this Solaris CIFS server (i'm referring to the pam_smb ilne that must be added, and passwd re-run, for Unix passwords to be okay)?

Obviously I can still use the original Samba if Solaris one fails, but we wanted to take advantage of the latest tech at least somewhere :)
--
This messages posted from opensolaris.org

More information about the cifs-discuss mailing list