--1ccMZA6j1vT5UqiK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 17, 2004 at 03:38:38PM -0500, Netbsdmail@aol.com wrote:
  | I keep getting this error "ADS support not compiled in" when I try to u=
se =20
  | the net ads join command.  My smb.conf looks as followes: workgroup =3D=
 =20
  | DOMAIN.COM, security =3D ADS , and encrypt password =3D yes. =20

You should be using:
	workgroup =3D DOMAIN
	realm =3D DOMAIN.COM
(using the "short name" in the "workgroup" parameter).


  | Also when I use the kinit username command I get the following error:=
=20
  | kinit:=20
  | krb5_get_init_creds: unable to reach any KDC in realm DOMAIN.COM

This is highly dependent upon your krb5.conf settings, your DNS setup, etc.=
=20

For example, on a test network where I'm using WIndows 2003 Server (W2K3S)
to provide Active Directory Services (Kerberos 5 and LDAP), and DNS.
The NetBSD host running Samba3 uses the W2K3S server for DNS & krb5 with:

	    * /etc/resolv.conf
	nameserver	ipaddress-of-w2k3s
	search		domain.com

	    * /etc/krb5.conf
	[libdefaults]
		krb4_get_tickets =3D no

Note that takes advantage of the W2K3S DNS server providing
SRV records for "_kerberos._tcp" and "_kerberos._udp" in the
current domain.

With that,  "kinit administrator@domain.com"  just works.

Which samba release are you trying to use?
Which NetBSD release are you trying it on?

--1ccMZA6j1vT5UqiK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iD8DBQFBw6VVpBhtmn8zJHIRAjwdAJ0WhviCVDMenhZqT0kZ4+FQdLP9JwCgrF4r
hE7UvmQN9YNmxPUlw9hYz0U=
=B5+d
-----END PGP SIGNATURE-----

--1ccMZA6j1vT5UqiK--