[Samba] Samba as PDC - No mapping between account names and security IDs was done.

Amadej Bukorovic amadej at minet.si
Tue Jul 23 08:26:02 GMT 2002 

Hello everyone,
I’m trying to set Samba as a primary NT domain controller in my small home network. I’ve been going step by step trough the HOW TO on Samba PDC. When I got to the part where I should log a client (a windows 2000 workstation, no SPs installed) into the domain (called HOME) I keep getting “No mapping between account names and security IDs was done.”. I guess I forgot to do something or I did it the wrong way so if someone could help me out and explain to me what my problem is I’d appreciate it.

Here’s what I’ve done so far:

a) created the directory /usr/local/samba/private/netlogon
b) created the directory /export/smb/ntprofile
c) added appropriate settings to smb.conf for Samba to act as a domain controller
d) added a username to my Linux machine to represent a trusted machine account:
    /usr/sbin/useradd –g 100  -d /dev/null –c “Mobus” –s /bin/false Mobus$ 
    passwd –l Mobus$
e) then created the samba account:
    smbpasswd –a –m Mobus
f) logged into my windows 2000 workstation with the administrator account, tried to join the domain and got prompt for a password. I entered root as the username and the appropriate password (and yes the root account (should be) is working ... readded the password with smbpasswd several times)

And then instead of being logged into the domain I get a pop up box saying “No mapping between account names and security IDs was done.”
Now either I was suppose to jump down the Samba HOW TO and do some other configuration as well before trying to join in or I did something wrong.
Can someone clear up what my problem is? Do I need to export the profiles first into the profiles service in Samba before I can log into the domain or
Is /usr/local/samba/private/netlogon not suppose to be empty or what? :)

Also here's my smb.conf:

[global]
    workgroup = HOME
    netbios name = Gatekeeper
    server string = ADSL Router
    hosts allow = 127.0.0.1 10.1.1.0/255.255.255.0
    bind interfaces only = yes
    encrypt passwords = yes
    log file = /usr/local/samba/var/log.%m
    log level = 2
    max log size = 200
    security = user
    interfaces = 10.1.1.1 127.0.0.1
    bind interfaces only = yes
    username map = /usr/local/samba/lib/user.map
    local master = yes
    domain master = yes
    preferred master = yes
    os level = 64
    domain logons = yes
    domain admin group = root
    logon path = \\%N\profiles\%u
    logon drive = X:
    logon home = \\homeserver\%u
    dont descend = /dev,/proc,/root,/etc,/var,/lib
    socket options = TCP_NODELAY SO_RCVBUF=4096 SO_SNDBUF=4096
    case sensitive = no
    default case = lower
    preserve case = yes
    short preserve case = yes
    character set = iso8859-2
    valid chars = 200:232 169:185 174:190
    wins support = yes
        
[homes]
     comment = Home Directory
     guest ok = no
     writable = yes
     browseable = no
     valid users = %S

[netlogon]
     path = /usr/local/samba/lib/netlogon
     read only = yes
     write list = root, ntadmin, administrator, Administrator

[profiles]
    path = /export/smb/ntprofile
    read only = no
    create mask = 0600
    directory mask = 0700

More information about the samba mailing list