Problems setting up a tng-BDC

[Jim Levie]

I have a Samba-TNG PDC set up, whcih seems to work normally. I can
succesfully join the domain with NT workstations, but I can't seem to
get a second Samba-TNG system to join the domain. I suspect that I'm
missing some crucial step, but I can't seem to figure out what.

What I've done:

1) Create a workstation account on the PDC with rpcclient.
2) Created "root" user on the PDC with an SMB encrypted passwd
3) Used the procedure on
http://www.kneschke.de/projekte/samba_tng/faq/samba_bdc.php3 to set up
the BDC and attempt to join the domain (well close to it, as it's not
quite up to date).

The transaction on the BDC looks like:

root> bin/rpcclient -S chimera -U root%xxxxx -W COMPCNTR
added interface ip=192.168.64.2 bcast=192.168.64.255
nmask=255.255.255.0
added interface ip=192.168.128.22 bcast=192.168.128.255
nmask=255.255.255.0
added interface ip=192.168.129.22 bcast=192.168.129.255
nmask=255.255.255.0
Server: \\CHIMERA:      User:   root    Domain: COMPCNTR
Connection:     socket connect to /tmp/.smb.0/agent failed: No such
file or directory
session setup ok
Domain=[COMPCNTR] OS=[Unix] Server=[Samba TNG-alpha]
OK
[COMPCNTR\root at CHIMERA]$ createuser asgard$ -s -j compcntr
createuser asgard$ -s -j compcntr

SAM Create Domain User
Domain: COMPCNTR Name: asgard$ ACB: [S          ]
socket connect to /tmp/.smb.0/agent failed: No such file or directory
Create Domain User: OK
Join ASGARD to Domain COMPCNTR
LSA_OPENSECRET: unknown error
LSA_OPENSECRET: unknown error
Set $MACHINE.ACC: FAILED
[COMPCNTR\root at CHIMERA]$

In the BDC's log.lsarpc I see:
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=60001, egid=60001

Why? And more importantly, how do I fix it?

-- 
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
 Jim Levie                                  email:
Jim.Levie at dynetics.com
 Dynetics Inc,  Huntsville, Al              Ph.    256.964.4337
 The opinions expressed above are just that...