[Samba] Redhat 8.0 Samba as BDC

Yeri Swamy yswamy at iternalinc.com
Tue Apr 15 13:55:57 GMT 2003 

Ladner, Eric (Eric.Ladner) wrote:

>This status code could be the root problem:
>NT_STATUS_NO_TRUST_SAM_ACCOUNT
>
>I do not have much experience setting up trusts with Samba, however.  If
>you would, forward that message below with the log file information to
>the whole list.  I'm sure someone can lend a hand!
>
>Eric
>
>-----Original Message-----
>From: Yeri Swamy [mailto:yswamy at iternalinc.com] 
>Sent: Friday, April 11, 2003 08:13
>To: Ladner, Eric (Eric.Ladner)
>Subject: Re: [Samba] Redhat 8.0 Samba as BDC
>
>
>Thanks for replying so fast, actually i was on vacation here is my log 
>file contents in /var/log/samba
>
>iserver1 is my pdc server(Windows NT4) 
>
>/var/log/samba/log.smbd
>---------------------------------
>
>[2003/04/07 12:51:43, 0] smbd/server.c:main(707)
>  smbd version 2.2.5 started.
>  Copyright Andrew Tridgell and the Samba Team 1992-2002
>
>
>/var/log/samba/log.nmbd
>---------------------------------
>
>[2003/04/07 12:51:43, 0] nmbd/nmbd.c:main(794)
>  Netbios nameserver version 2.2.5 started.
>  Copyright Andrew Tridgell and the Samba Team 1994-2002 [2003/04/07
>12:51:43, 0] nmbd/nmbd_logonnames.c:add_logon_names(155)
>  add_domain_logon_names:
>  Attempting to become logon server for workgroup ITERNAL on subnet 
>192.168.1.102
>[2003/04/07 12:51:47, 0] 
>nmbd/nmbd_logonnames.c:become_logon_server_success(114)  
>become_logon_server_success: Samba is now a logon server for workgroup 
>ITERNAL on subnet 192.168.1.102
>[2003/04/07 12:51:47, 0] 
>nmbd/nmbd_responserecordsdb.c:find_response_record(235)  
>find_response_record: response packet id 10789 received with no matching
>
>record.
>[2003/04/07 12:51:47, 0] 
>nmbd/nmbd_responserecordsdb.c:find_response_record(235)  
>find_response_record: response packet id 10790 received with no matching
>
>record.
>
>
>/var/log/samba/log.iserver1(iserver1 is my pdc name)
>------------------------------------
>
>[2003/04/07 13:07:45, 0] smbd/password.c:domain_client_validate(1585)
>  domain_client_validate: Domain password server not available.
>[2003/04/07 13:07:55, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
>  cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT [2003/04/07
>13:07:55, 0] rpc_client/cli_login.c:cli_nt_setup_creds(74)
>  cli_nt_setup_creds: auth2 challenge failed
>[2003/04/07 13:07:55, 0] 
>smbd/password.c:connect_to_domain_password_server(1360)  
>connect_to_domain_password_server: unable to setup the PDC credentials 
>to machine ISERVER1. Error was : NT_STATUS_OK.
>[2003/04/07 13:07:55, 0] smbd/password.c:domain_client_validate(1585)
>  domain_client_validate: Domain password server not available.
>
>
>/var/log/samba/log.winbindd
>--------------------------------------
>
>[2003/04/07 13:10:22, 0]
>libsmb/cli_netlogon.c:new_cli_nt_setup_creds(210)
>  new_cli_nt_setup_creds: auth2 challenge failed 
>NT_STATUS_NO_TRUST_SAM_ACCOUNT
>[2003/04/07 13:10:22, 0] nsswitch/winbindd_cm.c:cm_get_netlogon_cli(797)
>  error connecting to domain password server:
>NT_STATUS_NO_TRUST_SAM_ACCOUNT
>
>
>with Best Regards
>Yeri
>
>Ladner, Eric (Eric.Ladner) wrote:
>
>  
>
>>What does it print in the log file for them when they try to connect? 
>>Usually it provides some good hints as to where the failure is 
>>occuring.
>>
>>Eric
>>
>>-----Original Message-----
>>From: Yeri Swamy [mailto:yswamy at iternalinc.com]
>>Sent: Monday, April 07, 2003 11:38
>>To: samba at lists.samba.org
>>Subject: [Samba] Redhat 8.0 Samba as BDC
>>
>>
>>Hi
>>
>>
>>I havee been trying to setup my Redhat 8.0 Linux as BDC, i have NT4 as
>>my PDC.
>>My smb.conf
>>
>>[global]
>>workgroup=ITERNAL
>>netbios name=TRIC
>>server string=server Samba
>>load printers=no
>>printcap name=cups
>>printing=cups
>>print command=lp -d %p %s; rm %s
>>invalid users=root
>>log file=/var/log/samba/log.%m
>>max log size=1000
>>syslog=0
>>smbpasswd file=/etc/samba/smbpasswd
>>security=DOMAIN
>>encrypt passwords=yes
>>socket options=TCP_NODELAY
>>dns proxy=no
>>passwd program=/usr/bin/passwd %u 
>>interfaces=192.168.1.102/255.255.255.0
>>socket address=192.168.1.102
>>hosts allow=192.168.1.0/255.255.255.0, 192.168.1.155/255.255.255.0
>>passwd chat=*Enter\snew\sUNIX\spassword:* %n\n 
>>*Retype\snew\sUNIX\spassword:* %n\n .
>>obey pam restrictions=yes
>>winbind separator=+
>>winbind uid=10000-20000
>>winbind gid=10000-20000
>>template homedir=/home/%D/%U
>>winbind enum users=Yes
>>winbind enum groups=Yes
>>password server=*
>>preserve case=yes
>>template shell=/bin/bash
>>case sensitive=no
>>domain logons=Yes
>>domain master=No
>>short preserve case=yes
>>os level=20
>>
>>
>>i did
>>
>>*/#smbpasswd -j workgroup -r PDC -U Administrator/*
>>
>>i entered the password
>>
>>After that i get a message that i joined the domain successful
>>
>>/*#/etc/init.d/smb start*/
>>
>>/*#winbindd*/
>>
>>
>>when i do
>>/*#getent passwd
>>#getent group*/
>>
>>i see all the users in a domain with + symbol between workgroup name &
>>user name
>>
>>But after this when somebody tries to log's  into samba server using 
>>Win
>>
>>NT/2000/98
>>They get access denied
>>
>>i have seup /*/etc/pam.d/system-suth, /etc/pam.d/login /etc/pam.d/samba
>>*/with winbind
>>
>>What i have to do to fix this problem...
>>
>>
>>with Best Redgards
>>YS
>>
>>
>>
>> 
>>
>>    
>>
>
>
>
>
>
>  
>

More information about the samba mailing list