Bug 3773 - new net ads fails
Summary: new net ads fails
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: net utility (show other bugs)
Version: 3.0.23
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact: Samba QA Contact
Depends on:
Reported: 2006-05-13 05:15 UTC by Volker Lendecke
Modified: 2006-06-22 14:55 UTC (History)
0 users

See Also:

with pw_noexp (21.06 KB, application/octet-stream)
2006-05-13 05:16 UTC, Volker Lendecke
no flags Details
failing to set dNSHostName (200.01 KB, application/octet-stream)
2006-05-13 05:18 UTC, Volker Lendecke
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Volker Lendecke 2006-05-13 05:15:08 UTC
Jerry, opening a bug as the sniffs are too large for the mailing list

Just tried the new ADS join code against Windows 2000. In my
domain creating a workstation with ACB_PWNOEXP fails with
NT_STATUS_INVALID_PARAMETER, see invalid.cap. Removing that
parameter I get a lot further but I still get an error

delphin:~ # net ads join -U administrator%geheim
Using short domain name -- W2000AD
Failed to set servicePrincipalNames.
Only NTLM authentication will be possible.
Joined 'DELPHIN' to realm 'W2KAD.W2K3AD.ORG'

Apparently I can't set dNSHostName in this domain. See
Comment 1 Volker Lendecke 2006-05-13 05:16:56 UTC
Created attachment 1899 [details]
with pw_noexp
Comment 2 Volker Lendecke 2006-05-13 05:18:29 UTC
Created attachment 1900 [details]
failing to set dNSHostName
Comment 3 Gerald (Jerry) Carter (dead mail address) 2006-05-13 07:33:40 UTC
Win2k gets the same failure when the server's fqdn is outside 
of the Windows domain.  WinXP gets around this by simply removning the 
1.2.840.113556.1.4.1413 control from the modify.  I'll reproduce 
your test and code up a patch.  Thanks for the testing.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2006-06-22 14:55:05 UTC