still can't join domain

Wed May 10 20:16:09 GMT 2000

Hallo everyone,

when trying to join a NT4SP5 controlled Domain with samba-TNG from yesterday evening
it looks lie this:

./rpcclient -S ASTERIX -U root -W HOMENET.OAA -n GARNIX
added interface ip=192.168.1.6 bcast=192.168.1.255 nmask=255.255.255.0
Enter Password:
Server: \\ASTERIX:      User:   root    Domain: HOMENET.OAA
Connection:     error connecting to 192.168.1.1:445 (Connection refused)
session setup ok
Domain=[HOMENET.OAA] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0]
OK
[HOMENET.OAA\root at ASTERIX]$ lsaquery
lsaquery

LSA Query Info Policy
Domain Member     - Domain: HOMENET.OAA SID: S-and_so_on
Domain Controller - Domain: HOMENET.OAA SID: S-and_so_on

[HOMENET.OAA\root at ASTERIX]$ use \\GARNIX -U ROOT -W GARNIX
use \\GARNIX -U ROOT -W GARNIX

Enter Password:
Server: \\GARNIX:       User:   ROOT    Domain: GARNIX
Connection:     error connecting to 192.168.1.6:445 (Connection refused)
session setup ok
Domain=[HOMENET.OAA] OS=[Unix] Server=[Samba TNG-alpha]
OK
[GARNIX\ROOT at ASTERIX]$ createuser GARNIX$ -s -j HOMENET.OAA
createuser GARNIX$ -s -j HOMENET.OAA

SAM Create Domain User
error connecting to 192.168.1.1:445 (Connection refused)
Domain: HOMENET.OAA Name: garnix$ ACB: [S          ]
Create Domain User: OK
Join GARNIX to Domain HOMENET.OAA
LSA_OPENSECRET: NT_STATUS_ACCESS_DENIED
Set $MACHINE.ACC: OK

Connecting to the TNG-WKSTA fails with the following in the log:

cli_nt_setup_creds: auth2 challenge failed.  status: c000018b
domain_client_validate: credentials failed (\\ASTERIX)
SMB LM/NT Password did not match!

what does this error-code mean?

Attached is the smb.conf.
If logfile is needed, I can send it.

THX, Osama
---
Fachhochschule für Technik Esslingen
Außenstelle Goeppingen

-------------- next part --------------
# /etc/smb.conf.TNG
# Configuration File for Samba-Server on garnix.homenet.oaa
# 08/12/99 Osama Abu-Aish

#
# globale Einstellungen
#
	[global]
#	workgroup=HOMENET.OAA.TNG
   workgroup=HOMENET.OAA
   netbios name=GARNIX
	announce as = NT
	announce version = 4.2
	share modes = yes
	server string = Samba Server on \\%h (v%v)
	interfaces = 192.168.1.6/255.255.255.0
   bind interfaces only = yes
	time server = no
   nt pipe support = yes
   nt smb support = yes
   client ntlmv2 = yes
   server ntlmv2 = yes
   unix realname = yes
   force create mode = 644
   force directory mode = 755
#
# Domain-Einstellungen
#
   domain logons = yes
   domain master = no

#
# Security Options
#
	security = domain
	password server = asterix
#	smb passwd file = /etc/samba-TNG/smbpasswd
#   sam directory = /etc/samba-TNG
	encrypt passwords = yes
   domain group map =/usr/local/samba-TNG/etc/domaingroup.map
   domain user map  =/usr/local/samba-TNG/etc/domainuser.map
   local group map =/usr/local/samba-TNG/etc/localgroup.map
	hosts allow = 192.168.1. 192.168.2. 127.0.0.1
	guest account = nobody
	follow symlinks = yes
	null passwords = no
   hide dotfiles = yes

#
# DOS <-> UNIX Conversions
#
	dos filetimes = yes
	character set = iso8859-1
	client codepage = 850
	hide dotfiles = no
	preserve case = yes
	mangle case = no
	case sensitive = no
	default case = lower

#
# Einstellungen für den WINS-Server
#
	wins proxy = no
	wins support = no
	local master = no
	preferred master = no
	domain master = no
	browse list = yes
	os level = 31
	remote announce = 192.168.1.1 192.168.1.5
   wins server = 192.168.1.5
   name resolve order = wins lmhosts hosts bcast

#
# logging und auditing
#
	debug level = 1
	log level = 1
	max log size = 10000
	log file = /usr/local/samba-TNG/var/log.TNG.%m
	status = yes

#
# Tuning Options
#
	read raw = yes
	writeraw = yes
	read prediction = yes
	getwd cache = yes
	wide links = no
	socket options = TCP_NODELAY

#
# File locking
#
   blocking locks = no

#
# File-shares
#
	[homes]
	path = /autohome/%S
	writable = yes
	comment = Home-Directory
	guest ok = no

   [root]
	path = /root
	writable = yes
	browseable = no
	comment = Home-Dir root
	guest ok = no
	user = root

	[root_fs]
	path = /
	writable = yes
	browseable = no
	comment = Root-Filesystem
	user = root
	guest ok = no

	[MSOffice]
	path = /share/msoffice
	writable = no
	write list = root
	browseable = yes
	guest ok = no
	comment = M$ Office 7.0

	[Tools]
	path = /share/tools
	writable = no
	write list = root
	browseable = yes
	guest ok = no
	comment = Tools und Programme

   [Admin]
	path = /share/admin
	writable = yes
	browseable = yes
	guest ok = no
	comment = Administrations-Tools
	user = root

	[cdrom1]
	path = /cdrom1
   fstype = CDFS
	writable = no
	browseable = yes
	guest ok = no
	comment = 6speed-CDROM

	[cdrom2]
	path = /cdrom2
   fstype = CDFS
	writable = no
	browseable = yes
	guest ok = no
	comment = Doublespeed - da geht was !!!

#
# File-Share für Druckertreiber
#
	[PRINT$]
	path=/etc/samba/printers
	public=no
	writable=no
	browseable=no

   [W32X86]
   path=/etc/samba/printers/W32X86
   public=no
   writable=no
   browseable=no

#
# Printer-shares
#
# Port 1
	[AGFA1]
	path = /tmp/spool.samba
	browseable = yes
   comment = NUR FUER TEST - NICHT BENUTZEN!
	printable = yes
	printer = raw
	public = yes
	guest ok = yes
	printing = BSD
	lpq command = /usr/bin/lpq -Praw

	[LaserJet]
	path = /tmp/spool.samba
	browseable = yes
   comment = HP LaserJet 6P
	printable = yes
	printer = raw
	public = yes
	guest ok = yes
	printing = BSD
	lpq command = /usr/bin/lpq -Praw
   print command = /usr/bin/lpr -Praw -m -r %s

#	[FAX-Printer]
#	path = /tmp/spool.samba
#	browseable = yes
#	comment = FAX-Modem
#	printable = yes
#	printer = fax
#	public = no
#	guest ok = no

	[PDF-Writer]
	path = /tmp/spool.samba
	browseable = yes
	comment = PDF-Schreiber
	printable = yes
	print command = echo File: %s >> /tmp/print.log; ps2pdf %s `pdfname %s %H %U %m`; rm %s
	public = no
	guest ok = no