[Samba] samba pdc problem

[Andrew Bartlett]

> Ian Campbell wrote:
> 
> Hi,
> 
> I am running samba as a pdc on redhat 7.3. Everything has been going
> fine. I have a mix of win2k, winxp and winnt4 clients. The problem is
> with a few machines that I joined to the domain early on when I was
> testing. They have since been removed from the domain and have had
> their computer name changed. Now when I try to join the domain again I
> get an error about using a computer account to join the domain instead
> of a valid user name.

Yes, the error code we give back in this situation is complate crap, and
has been fixed in HEAD.  Meanwhile, it actually means that the account
you are trying to change the password on doesn't exist.

Thats becouse when you 'join' a domain, you are actually just changeing
the password on the machine$ account, from 'machine' to somthing
random.  So add it with 'smbpasswd -a -m' first.  (Becouse you renamed
the machine, the old accounts were not of any use).

Better still, join with the 'create computer account in domain' option,
and the root password.  (This requires the add user script to be setup
etc).  This creates an account 'on the fly' without the race condition -
sombody might join before you.

> So, I'm thinking the sam or something must be hidden away somewhere on
> the samba server from when I originally joined the domain in the
> testing phase. So... I found the old entry in my smbpasswd and passwd
> files and removed it, but I still get the problem!!!

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net