Domain Authorization
Mike Brodbelt
m.brodbelt at acu.ac.uk
Wed Apr 5 11:22:46 GMT 2000
John Evans wrote:
>
> One last bit of information. According to DOMAIN_MEMBER.txt I
> needed to run the following command: smbpasswd -j COS -r CPSRV1
> That command returned the following:
> cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
> cli_nt_setup_creds: auth2 challenge failed
> modify_trust_password: unable to setup the PDC credentials to machine
> CPSRV1. Error was : NT_STATUS_ACCESS_DENIED.
> 2000/04/04 16:15:48 : change_trust_account_password: Failed to change
> password for domain COS.
> Unable to join domain COS.
>
> Could this be the cause of my problems? The box used to be an NT
> machine (until I "upgraded" it to Linux yesterday) and it already had a
> machine account setup with the PDC. If this is the root of my pain, how do
> I work around this?
That's your problem all right. Go to the PDC, and, using server manager,
delete the machine account for PRODMARK. Then, recreate the account.
This will create the machine account with a known initial password.
After that, you'll be able to run "smbpasswd -j COS -r CPSRV1" to join
the domain, and this should then work. After that, you'll need to change
a couple of things in smb.conf. You should make sure "security = domain"
- everything else alreasy seems to be OK in your smb.conf.
HTH
Mike.
More information about the samba
mailing list