I have opeError cannot use the workgroup ‘xxx’ for Linux authentication
Enter a domain or disable using SMB for Linux authentication
nSUSE 12.1 working fine on the local network, 192.168.10.0/24, but do not seem to be able to get this machine connected to the Windows 2008 R2 domain. Domain controller winHost=192.168.10.5.
The configuration I have done so far is:
YaST -> Network services -> Network devicesNIC, edit -> Statically assigned IP address
YaST -> Network services -> Windows Domain membershipDomain or workgroup: myDomain.local
Enable: use SMB information for Linux Authentication
I get a ‘Verifying AD domain membership’ message, then the error:
Cannot use the workgroup ‘myDomain.local’ for Linux authentication, enter a domain or disable using SMB for Linux authentication.
Any idea why this is not letting me join this computer to the domain?
Thanks Carlos, at least I now know why this simply didn’t work. What effect will it have if I stop the avahi and autoconf services?
This is a bit of a major show stopper, many of the Windows networks I work with are called xxx.local, this is probably because this is a bit of a Microsoft standard way of naming domains. I’m surprised that this issue isn’t flagged as a critical bug.
> Thanks Carlos, at least I now know why this simply didn’t work. What
> effect will it have if I stop the avahi and autoconf services?
I don’t know. Maybe finding printers (besides samba) will be more difficult
to find in the network. I don’t know what exact advantages this service
provides.
> This is a bit of a major show stopper, many of the Windows networks I
> work with are called xxx.local, this is probably because this is a bit
> of a Microsoft standard way of naming domains. I’m surprised that this
> issue isn’t flagged as a critical bug.
I don’t know if the fault is with Microsoft or with the autoconf service.
Both want to use .local, I guess.
The documentation bug I pointed you to lists another bug with Ubuntu with
perhaps some background information.
It says:
+++·······················
I confirm it doesn’t work out of the box if the domain you try to join is
named “something.local”. This is the result of a war between Microsoft and
Apple over the .local domain, with Ubuntu siding with Apple:
Ubuntu (like Apple) uses Zeroconf for simple service discovery on LAN, and
this makes use of the .local domain. On the other hand, Microsoft AD won’t
work correctly if its domain name is not served by its own DNS. Using
…local for a domain name is therefore a recipe for trouble [1].
If for some reason you have to join an AD domain called “something.local”,
then you want to disable Zeroconf because the two won’t work together. You
want the .local DNS domain to be served primarily by the Microsoft DNS and
not by Zeroconf. So you edit the /etc/nsswitch.conf file accordingly.
On 2012-06-22 12:36, Nick C wrote:
>
> So is this likely to affect any other Linux distros as well or just
> openSUSE?
Didn’t I say that the original report was for Ubuntu?
Didn’t I say that I reported it for openSUSE?
So it affects both at least, and it would affect any other distro using
zeroconf.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)