[Samba] net rpc testjoin error

John G. Heim jheim at math.wisc.edu
Thu Dec 22 14:56:37 MST 2011 

Okay, I have determined that the problem is with the BDC. I shutdown samba
on the BDC and was able to log into the domain. So perhaps the ldap
replication isn't working.

Should 'net getlocalsid' on a BDC show a SID that matches the SID on the
PDC? I ran 'net rpc getsid' on the BDC and it said it was storing the SID in
secrets.tdb. when I ask for the localsid, it gives me a mismatched SID.

root at gracie:~# net rpc getsid
Storing SID S-1-5-21-1546634795-1778232220-242194531 for Domain UW-MATH in
secre
ts.tdb
root at gracie:~# net getlocalsid



From: "Gaiseric Vandal" <gaiseric.vandal at gmail.com>
To: <samba at lists.samba.org>
Sent: Thursday, December 22, 2011 1:43 PM
Subject: Re: [Samba] net rpc testjoin error


> Did you make the required registry changes
>
> http://wiki.samba.org/index.php/Windows7
>
>         HKLM\System\CCS\Services\LanmanWorkstation\Parameters
>             DWORD  DomainCompatibilityMode = 1
>             DWORD  DNSNameResolutionRequired = 0
>
>
>
> Do you have problems with XP machines?
>
>
>
>
> On 12/22/2011 02:28 PM, John G. Heim wrote:
>> I have a PDC running debian wheezy with samba 3.5.11 . If I run 'net rpc 
>> testjoin' on my PDC, it does this:
>>
>> # net rpc testjoin
>> get_schannel_session_key: could not fetch trust account password for 
>> domain 'UW-MATH'
>> net_rpc_join_ok: failed to get schannel session key from server HUBBLE 
>> for domain UW-MATH. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO
>> Join to domain 'UW-MATH' is not valid: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
>>
>> The backend is openldap and I can find the name of my PDC in the ldap 
>> database. It appears to have a valid machine trust account based on the 
>> ldap record.
>>
>> The main problem I'm having is that after I joined a Win7 machine to the 
>> domain, I can't log in as a domain user. It says "The trust relationship 
>> between this workstation and the domain failed."
>>
>
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list