tavis at mahler.econ.columbia.edu
Fri May 15 03:15:51 GMT 1998
Thanks for looking at this. So what is the DOMAIN.MACHINE.mac file? A list
of servers in the domain? A list of workstations for which previous
authentication can be trusted? What's the format? Do we have to create
it if we use security = domain, or is it automatically created?
On Thu, 14 May 1998, Jeremy Allison wrote:
> Tavis Barr wrote:
> > I take it back. It's no longer in the new version. My machines are now
> > failing because I get errors like this for the domain server MARKOV when
> > I try to connect workstations to the domain:
> > Domain=[SOCIOLOGY] NativeOS=[Windows NT 1381] NativeLanMan=
> > sesssetupX:name=[tavis]
> > get_trust_account_password: Malformed trust password file (wrong length).
> > domain_client_validate: unable to read the machine account password for
> > machine MARKOV in domain SAMBADC.
> You've got 'security=domain' set on the Samba machine you
> want to be a PDC, haven't you.
> The trust account password message is a giveaway.
> You should only set 'security=domain' if you're adding
> a Samba server into a domain as a *member* of a domain,
> not as the PDC.
> I'll add code to make smbd die if you have it set as
> a PDC and 'security=domain' as people are obviously
> confusing the two.
> When Samba is a PDC there should be no DOMAIN.MACINE.mac
> file for the domain that Samba is serving as a PDC for.
> There will be a DOMAIN.MACINE.mac file on a Samba server
> acting as a server in a domain.
> There should always be a MACHINE.sid file.
> Delete the DOMAIN.MACINE.mac file, and change the
> 'security=domain' line to 'security=user' on the
> machine you want to act as the PDC.
More information about the samba-ntdom