[Samba] 'net rpc join -U Administrator' on Samba + LDAP PDC

Sun Jul 11 17:55:33 GMT 2004

--- Craig White <craigwhite at azapple.com> wrote:
> On Sat, 2004-07-10 at 22:54, abebe lsslp wrote:
> > I am having trouble joining a Samba + LDAP PDC.
> Here
> > are the steps I took and the results I have
> received. 
> > 
> > General Information:
> > . Fedora Core 1 machine
> > . Samba 3.0.0
> > . Openldap 2.1.22-8
> > . Netbios Name: EAGLEX
> > . Domain name: AGUILAS 
> > 
> > Symptoms:
> > Step 1:
> > [root at eaglex root]# net rpc join
> > -UAdministrator%xxxxxx 
> > The username or password was not correct.
> > 
> > '/var/log/messages':
> > Jul 10 12:30:47 eaglex smbd[9253]: [2004/07/10
> > 12:30:47, 0]
> rpc_server/srv_netlog_nt.c:get_md4pw(201)
> > Jul 10 12:30:47 eaglex smbd[9253]:   get_md4pw:
> > Workstation EAGLEX$: no account in domain

Hey Craig,
You know, You have given me detailed steps for me to
take. I really appreciate that! It is still not
working though. Do you have any other ideas? See below
for more information :). If anybody else have any idea
how to fix this, pealse give it a try. 

> It's so much easier to have LDAP working and
> understood prior to
> integration with samba.
> 
> #1 what does...
> ldapsearch -x -h localhost -D 'binddn' -W
> '(uid=Administrator)'
> give you (replace binddn with your binddn)

[root at eaglex etc]# ldapsearch -x -h localhost -D
"cn=Manager,dc=wbcoll,dc=edu" -W '(uid=Administrator)'

# Administrator, Users, wbcoll.edu
dn: uid=Administrator,ou=Users,dc=wbcoll,dc=edu
cn: Administrator
sn: Administrator
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 512
uid: Administrator
uidNumber: 0
homeDirectory: /home/
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 1089477540
sambaHomePath: \\EAGLEX\home\%U
sambaHomeDrive: H:
sambaPrimaryGroupSID:
S-1-5-21-952094410-1508517273-1204454084-512
sambaSID:
S-1-5-21-952094410-1508517273-1204454084-2996
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaPwdMustChange: 2147483647
sambaAcctFlags: [U          ]
sambaPwdLastSet: 1089477540
sambaLMPassword: C7D36D999A7B2082AAD3B435B51404EE
sambaNTPassword: 2176503CCD06D05BBCE3E934465C555A
userPassword::
e1NNRDV9SnpzQmYxTHg0Q0ExMlVpSExnamp0ODRhRTRNPQ==

> 
> #2 if uidNumber of Administrator is not 0, you will
> probably have to use
> root to add new users/machines (make sure that root
> has SambaSamAccount
> in this case)

I guess #1 takes care of this step. 
> 
> #3 Much easier to join domain directly from an
> NT/Win2K/XP Professional
> machine. (see note 2)

I removed all the log files from '/var/log/samba/'
directory and tried to join Win XP pro (xppro) to the
domain. Two log files were created for the xp machine:
192.168.1.18.log and xppro.log. xppro.log is empty,
but 192.168.1.18.log contains the following

[2004/07/11 00:34:26, 1]
smbd/process.c:process_smb(1085)
[2004/07/11 00:34:26, 0]
lib/util_sock.c:get_peer_addr(1000)
  getpeername failed. Error was Transport endpoint is
not connected
  Connection denied from 0.0.0.0
[2004/07/11 00:34:26, 0]
lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Connection
reset by peer
[2004/07/11 00:34:26, 0]
lib/util_sock.c:write_socket(455)
  write_socket: Error writing 5 bytes to socket 22:
ERRNO = Connection reset by peer
[2004/07/11 00:34:26, 0] lib/util_sock.c:send_smb(647)
  Error writing 5 bytes to client. -1. (Connection
reset by peer)

> 
> #4 upgrade samba - samba/fedora core 1 is up to
> 3.0.4

I upgraded samba 3.0.0 to samba 3.0.5

> 
> #5 if EAGLEX is the PDC, it doesn't need to join
> domain

Ok,thanks :)

Ambex

__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail