NT Domain and netbios aliases

Dwight Tovey dtovey at itd.state.id.us
Tue Jan 22 12:07:22 GMT 2002 

Hi all.

I am attempting to set up Samba on some DEC/Compaq systems that are
clustered together and am having mixed results.  I'm hoping that I can
get some advice from the collective wisdom.  

As part of my setup, I need to have some Virtual Servers defined.  From
what I have seen in the documentation, I should be able to do this with
the 'netbios aliases' option, and with 'security = server', this does
indeed work.  However, when I attempt to join the existing NT Domain
with a Windows 2K PDC, I only seem to be able to get the name specified
by the original 'netbios name' option to be accepted.  For example, my
'smb.conf' has the following lines:
	netbios name = alpha9
	netbios aliases = dev_svc
	security = domain
	workgroup = ITD
	password server = hqisdc01
	...
After running 'smbpasswd -j ITD -r HQISDC01 -U <admin>%<password>' and
then starting the daemon, I can access the 'alpha9' name from a Windows
client, but if I attempt to access the 'dev_svc' name, I get an error
popup about "Access is denied".  In addition, my 'log.smbd' file shows
  rpc_client/cli_netlogon.c:cli_net_auth2(160)
     cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
  rpc_client/cli_login.c:cli_nt_setup_creds(72)
     cli_nt_setup_creds: auth2 challenge failed
  smbd/password.c:connect_to_domain_password_server(1372)
     connect_to_domain_password_server: unable to setup the PDC
     credentials to machine HQISDC01. Error was : 
     NT_STATUS_NO_TRUST_SAM_ACCOUNT.
  smbd/password.c:domain_client_validate(1591)
     domain_client_validate: Domain password server not available.

I tried defining 'netbios name = dev_svc' and re-running the smbpasswd
command to join the domain, and while it reported that the join was
successfull, I still can't access the virtual name.  I'm guessing that
the NIC address is already registered under the original name and NT
won't allow a different name on that NIC.

So, is there any way to get Virtual Servers to work in an NT Domain?

Thanks in advance
	/dwight

-- 
Dwight N. Tovey                     Unix System Administrator /
Developer
League of American Bicyclists       Idaho Transportation Dept.
     Certified Instructor #750-K-C  3311 W. State St.
Email: dwight at dtovey.net            Boise, ID.  83702
http://www.dtovey.net/dwight        (208)334-8166 / fax: (208)334-8121
---
A professor is one who talks in someone else's sleep.

More information about the samba mailing list