Hi,
I need to be able to create computer objects with vastool instead of being forced to log in to a windows server, run a vbs, and then drag'n'drop the object to the correct OU (OU varies alot).
It seems like vastool create should be able to help me out, but I can't get it to produce objects that can be joined to without password.
I've created a AD user (unixbuild) that has permissions to create computer objects, and to create the object I run this command:
#> vastool -u unixbuild create -o -c "OU=JavaServerPlatform,OU=SolarisServer,OU=Production,DC=deploylab,DC=bj" computer testzone
Password for unixbuild@DEPLOYLAB.BJ:
Computer testzone created
#>
If I check in AD I can see the new object in the correct OU, but when I then try to join it using:
root@testzone:~# vastool -u host/ -w testzone join -f -n testzone.deploylab.bj deploylab.bj
I get:
Checking whether computer is already joined to a domain ... no
ERROR: Could not authenticate as host/. Invalid username or password.
VAS_ERR_KRB5: Failed to obtain credentials. Client: TESTZONE$@DEPLOYLAB.BJ, Service: krbtgt/DEPLOYLAB.BJ@DEPLOYLAB.BJ, Server: bj-labdc-01.deploylab.bj
Caused by:
KRB5KDC_ERR_PREAUTH_FAILED (-1765328360): Preauthentication failed
ERROR: Could not join to the domain
So this seems like the "default" computer object password has not been set correctly, is there an option to the vastool create command I need to use, or do I need to specify my own "default" password (also needed to be put in the join script)?
Please help me in my quest for not needing to "use" a windows server when deploying and using my Solaris servers!
BR // Andreas Bjorshammar
Message was edited by: anbj_562
I need to be able to create computer objects with vastool instead of being forced to log in to a windows server, run a vbs, and then drag'n'drop the object to the correct OU (OU varies alot).
It seems like vastool create should be able to help me out, but I can't get it to produce objects that can be joined to without password.
I've created a AD user (unixbuild) that has permissions to create computer objects, and to create the object I run this command:
#> vastool -u unixbuild create -o -c "OU=JavaServerPlatform,OU=SolarisServer,OU=Production,DC=deploylab,DC=bj" computer testzone
Password for unixbuild@DEPLOYLAB.BJ:
Computer testzone created
#>
If I check in AD I can see the new object in the correct OU, but when I then try to join it using:
root@testzone:~# vastool -u host/ -w testzone join -f -n testzone.deploylab.bj deploylab.bj
I get:
Checking whether computer is already joined to a domain ... no
ERROR: Could not authenticate as host/. Invalid username or password.
VAS_ERR_KRB5: Failed to obtain credentials. Client: TESTZONE$@DEPLOYLAB.BJ, Service: krbtgt/DEPLOYLAB.BJ@DEPLOYLAB.BJ, Server: bj-labdc-01.deploylab.bj
Caused by:
KRB5KDC_ERR_PREAUTH_FAILED (-1765328360): Preauthentication failed
ERROR: Could not join to the domain
So this seems like the "default" computer object password has not been set correctly, is there an option to the vastool create command I need to use, or do I need to specify my own "default" password (also needed to be put in the join script)?
Please help me in my quest for not needing to "use" a windows server when deploying and using my Solaris servers!
BR // Andreas Bjorshammar
Message was edited by: anbj_562