** Description changed: Binary package hint: likewise-open Package: likewise-open Architecture: amd64 Version: 5.4.0.42111-1 uname: Linux 2.6.32-18-generic #27-Ubuntu SMP I am unable to join an AD domain. This machine was upgraded from 9.04 to 9.10, after that update, I was able to join the domain and things worked fine. I upgraded to 10.04, and the likewise-open upgrade failed. I cleaned the old likewise-open install, reinstalled likewise-open and was unable to join the domain. I also tried using the suggestions offered in Bug #543963, but that resulted in the same outcome which follows: sudo domainjoin-cli --loglevel verbose join mydomain.com adminuser Joining to AD Domain: mydomain.com With Computer DNS Name: mycomputer.mydomain.com adminu...@mydomain.com's password: (at this point the program pauses for 30 seconds to a minute) Error: Lsass Error [code 0x00080047] 59 (0x3B) ERROR_UNEXP_NET_ERR - Unknown error The last few syslog entries: Mar 30 10:19:07 mycomputer lwiod[17879]: GSS-API error calling gss_init_sec_context: 589824 (Invalid token was supplied) Mar 30 10:19:07 mycomputer lwiod[17879]: GSS-API error calling gss_init_sec_context: 100003 () Mar 30 10:19:11 mycomputer lwiod[17879]: GSS-API error calling gss_init_sec_context: 589824 (Invalid token was supplied) Mar 30 10:19:11 mycomputer lwiod[17879]: GSS-API error calling gss_init_sec_context: 100003 () Mar 30 10:19:12 mycomputer lwiod[17879]: GSS-API error calling gss_init_sec_context: 589824 (Invalid token was supplied) Mar 30 10:19:12 mycomputer lwiod[17879]: GSS-API error calling gss_init_sec_context: 100003 () Mar 30 10:19:17 mycomputer lsassd[17901]: 0x7fee6ae8a710:Failed to run provider specific request (request code = 8, provider = 'lsa-activedirectory-provider') -> error = 59, symbol = ERROR_UNEXP_NET_ERR, client pid = 17933 + + == SRU Report == + Impact: + It's impossible to use Likewise Open in lucid to join a domain with Windows 2000 Domain controllers. This is a regression from karmic and hardy. + + Development branch fix: + Maverick synced to Debian's 1.8.1+dfsg-5, which has the fix from upstream trunk backported. + + Minimal patch: + http://src.mit.edu/fisheye/changelog/krb5/?cs=24075 + This patch was proposed by the Likewise team and committed to krb5 upstream trunk. + + TEST CASE: + $ sudo apt-get install likewise-open + $ sudo domainjoin-cli join <DOMAIN> <ADMINUSER> + Affected version fails to join the domain. + Fixed version joins the domain OK. + + Regression potential: + The patch is quite sensitive, though the special handling seems limited to Windows 2000 duplicate response tokens. It has been thoroughly discussed between the Likewise developers, the Debian maintainer of krb5, and upstream. It's been applied in upstream krb5 and in the current debian version.
-- likewise-open fails to join Windows 2000 SP4 domain https://bugs.launchpad.net/bugs/551901 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
