Environment
Novell Open Enterprise Server 11 SP2 (OES11SP2)
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Domain Services for Windows
DSfW
Situation
Linux workstations/servers error out while trying to join a DSfW domain
Using net ads join -U adminstrator to join the workstation(SLED) to dsfw domain giving error-"Failed to join domain: failed to lookup DC info for domain 'Domain name'over rpc: Logon failure"
When trying to join the domain, either with SLED or CentOS, via the command
line (or yast2 samba-client on the SLED box), various errors are encountered;
however, it appears that a join partially completes.
From the workstation/server trying to join the DSfW domain do the following:
[root@centos samba]# net ads join -U adminstrator
Enter adminstrator's password:
Failed to join domain: failed to lookup DC info for domain 'LAB.NOVELL.COM'
over rpc: Logon failure
[root@centos samba]# net ads join -U DSFWDOMAIN\\administrator
Enter DSFWDOMAIN administrator's password:
Failed to join domain: failed to lookup DC info for domain 'LAB.NOVELL.COM' over rpc: Logon failure
---------
Using kerberos directly the partial join works with errors:
[root@centos samba]# kinit administrator
Password for administrator@LAB.NOVELL.COM:
[root@centos samba]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator@LAB.NOVELL.COM
Valid starting Expires Service principal
10/09/13 13:41:30 10/09/13 23:41:30 krbtgt/LAB.NOVELL.COM@LAB.NOVELL.COM
renew until 10/10/13 13:41:28
[root@centos samba]# net ads join -U administrator -k
Enter administrator's password:
Using short domain name -- DSFWDOMAIN
Joined 'CENTOS' to dns domain 'lab.novell.com'
DNS Update for centos.lab.novell.com failed: ERROR_DNS_INVALID_MESSAGE
DNS update failed!
Resolution
Fixed in March 2014 Maintenance Patch
Cause
The net ads command (net ads join -U administrator) is failing because the domain name is passed as null while code is taking the domain name.