[Samba] Machine failing to keep its trust with Domain Controller
Masopust, Christian
christian.masopust at siemens.com
Fri Jan 27 06:42:32 GMT 2006
I had the same problem on my RHEL 4 system.
after setting "machine password timeout = 0" the problems have
gone away.
chris
> -----Original Message-----
> From:
> samba-bounces+christian.masopust=siemens.com at lists.samba.org
> [mailto:samba-bounces+christian.masopust=siemens.com at lists.sam
> ba.org] On Behalf Of Dukhan, Meir
> Sent: Tuesday, January 24, 2006 8:15 PM
> To: samba at lists.samba.org
> Cc: Dukhan, Meir
> Subject: [Samba] Machine failing to keep its trust with
> Domain Controller
>
> Hi,
>
> We have a Linux (RHEL 3.0, update 3) Samba 3 server which worked fine
> for months
> but suddently have trouble to keep its trust with the DC server.
>
> The only way to recover is to reset the machine account from
> the Windows
> DC side
> and do a "net join" to the domain from the Linux side. The
> Linux machine
> is able to
> keep its "trust" with the domain exactly 7 days, which, AFAIU, is the
> default in Samba and
> also in the DC side.
>
> It is somewhat surprizing since this Linux Samba server w/o
> problems for
> months.
> >From the Windows DC side, the only thing which was done just
> before this
> problem
> appeared, was to patch the DC to SP1 as far as I remember.
>
> Below are the messages we can see in the
> /var/log/samba/samba.log file:
>
> [2006/01/18 10:49:57, 0]
> smbd/change_trust_pw.c:change_trust_account_password(45)
> Can't get IP for PDC for domain MY_DOMAIN
> [2006/01/18 10:49:57, 0]
> smbd/change_trust_pw.c:change_trust_account_password(93)
> 2006/01/18 10:49:57 : change_trust_account_password: Failed
> to change
> password for domain MY_DOMAIN.
>
> Linux Kernel: 2.4.21-20.ELsmp
> Samba:
> samba-3.0.4-6.3E
> samba-common-3.0.4-6.3E
>
> /etc/smb.conf: see below
>
> Tia
>
> -- Meir
> /etc/smb.conf
> # Global parameters
>
> [global]
> workgroup = MY_DOMAIN
> netbios name = Samba_Server
> server string = Samba Server
> security = DOMAIN
> encrypt passwords = Yes
> password server = mydc-server.com
> log file = /var/log/samba/samba.log
> log level = 1
> max log size = 0
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> dns proxy = No
> wins server = our_wins
> kernel oplocks = No
> create mask = 0775
> directory mask = 0775
> oplocks = No
> username map = /etc/samba/username.map
> case sensitive = no
> preserve case = yes
> local master = no
> use sendfile = no
>
> [homes]
> comment = Home Directories
> valid users = %S
> read only = No
> create mask = 0664
> browseable = No
>
>
>
>
>
> **************************************************************
> *********************
> This email message and any attachments thereto are intended
> only for use by the addressee(s) named above, and may contain
> legally privileged and/or confidential information. If the
> reader of this message is not the intended recipient, or the
> employee or agent responsible to deliver it to the intended
> recipient, you are hereby notified that any dissemination,
> distribution or copying of this communication is strictly
> prohibited. If you have received this communication in error,
> please immediately notify the postmaster at nds.com and destroy
> the original message.
> **************************************************************
> *********************
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list