[CentOS] Problems joining Samba toa w2000 AD PDC

Wed Apr 6 10:19:57 UTC 2005
Mário Gamito <lists at tuxdoit.com>

Hi,

I have this (Linux) Samba file server, that indeed is a client of a 
Windows 2000 Server PDC, using Active Directory.

I am the Samba machine admin, but not the Windows one.

I have to join the Samba machine to the PDC on the 2000 server.

I ask the Windows 2000 server admin to come to my Samba machine and 
insert his login and password to join my machine, but i always get the 
same error (after my signature, along with other relevant data).

I tried:

# net ads join -Uzbr at dte.ua.pt

What could be causing the error ?

Another question.:
In the moment of joining the Samba machine to the PDC on the Windows 
2000 Server, the Samba daemons must be up or down (i've read 
contraditory things about this issue) ?

Any help would be apreciated.

Warm Regards,
Mário Gamito
------------
[root at tux moreira]# # net ads join -Uzbr at dte.ua.pt
foobar at foobar.pt's password:
[2005/04/06 09:24:16, 0]
   ads_connect: Cannot find KDC for requested realm
[root at tux moreira]#

- DTE is the domain name in question.
- My Samba server FQDN is tux.dte.ua.pt
- My Samba server Netbios name is SRV-TUX-DTE
- Windows 2000 server FQDN is srv-dte.dte.ua.pt
- Windows 2000 server Netbios name is SRV-DTE
- Command i'm using to join the Samba server to w2000 AD PDC:
# net ads join -Uzbr at dte.ua.pt (zbr at dte.ua.pt has rights on w2000 to 
join machines to the domain).

My smb.conf:
----------------------------------------
[global]
   workgroup = DTE
   netbios name = SRV-DTE-TUX
   password server = SRV-DTE
   realm = DTE.UA.PT
   #os level = 4
   #preferred master = yes
   #domain master = yes
   local master = yes
   #KDC server = 193.137.84.81
   security = ADS
   encrypt passwords = yes

#  domain logons = yes

   smb passwd file = /usr/local/samba/lib/passwd

   wins support = no
   #dns proxy = yes
   #wins server = 193.136.80.7
   wins server = 193.136.172.4
   wins proxy = yes

   #winbind separator = +
   #idmap uid = 10000-20000
   #idmap gid = 10000-20000
   #winbind enum users = yes
   #winbind enum groups = yes

   #winbind use default domain = yes

   unix char set = ISO-8859-15

   log file = /var/log/samba/%m

[homes]
   comment = Areas pessoais.
   browseable = yes
   read only = no
   guest ok = no
   create mask = 600
   directory mask = 700

[Docentes]
   comment = Area partilhada para Docentes.
   path = /home/Docentes
   writeable = yes
   guest ok = no
   force group = profs
   create mask = 660
   directory mask = 770

[Secretaria]
   comment = Area partilhada para os funcionário da secretaria.
   path=/home/Secretaria
   writeable = yes
   guest ok = no
   force group = secretaria
   create mask = 660
   directory mask = 770

[Comum]
   comment = Area partilhada para funcionários e Docentes.
   path = /home/Comum
   writeable = yes
   guest ok = no
   create mask = 666
   directory mask = 777
------------------------------------