AD Domain join fails with "Failed to set servicePrincipalNames" (SAMBA)

http://www.novell.com/support/kb/doc.php?id=3842088

This document (3842088) is provided subject to the disclaimer at the end of this document.

Environment

Novell SUSE Linux Enterprise Server 10
Novell SUSE Linux Enterprise Desktop 10
Novell SUSE Linux Enterprise Server 9

Situation

You are trying to join an AD Domain with Samba using the proper command. But it fails similar to this:

1
2
3
4
5
6
7
nil:# net ads join -U USERNAME
USERNAME's password:
Using short domain name -- MIRACLE-WORKERS
Failed to set servicePrincipalNames (Type or value exists). Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
nil:#

Resolution

This behaviour can have two reasons:

Option 1: there is a setting for netbios name that differs from the hostname

e.g. the hostname of the machine would be “rumburak” and the netbios name in smb.conf would be set to”grumpfelpumpfel”

Correction: unset the netbios name or set it to the hostname

Option 2: the FQHN of the machine resolves different to the IP

.e.g. the hostname of”rumburak.miracle-workers.com” resolves to 10.10.0.1, the reverse lookup of 10.10.0.1 resolves to “bielefeld.deutschland.de”

Correction: correct the Name Server entries

Alternative: use /etc/hosts to ensure correct Name resolution and reverse lookup. In the above example the line in /etc/hosts would read

10.10.0.1 rumburak.miracle-workers.com rumburak

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.