NT_STATUS_NO_TRUST_SAM_ACCOUNT

Steve Gonzales gonzo at eng.lsu.edu
Thu Oct 26 12:51:55 GMT 2000 

Your NT Administrator needs to delete the reference to your machine, re-add
it, and then let you know.  Once he does that, then you can perform the
Smbpasswd -j corporate -r vldpdc1.  You can explain to him that the current
machine listed in the Server Manager has a different SID (Security ID) than
your current Linux machine.  This process solved the problem for me.

As always, if you have any questions, please contact me.

Steven C. Gonzales, MCSE, MCP+I, CNA
Louisiana State University		gonzo at eng.lsu.edu
Division of Engineering Services	225.388.6069 (v)
3216G CEBA					225.388.5990 (f)
Baton Rouge, LA  70803

-----Original Message-----
From: samba-ntdom-admin at lists.samba.org
[mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of Melon, Jack
Sent: Wednesday, October 25, 2000 12:55 PM
To: 'samba-ntdom at lists.samba.org'
Subject: NT_STATUS_NO_TRUST_SAM_ACCOUNT

I'm using samba-2.0.4b-19990519 and am trying to become a member of an NT
domain. I've read the Samba, smbpasswd, & smb.conf man pages, NTDomain FAQ
and the documents that accompany Samba-2 (i.e. DOMAIN_MEMBER.txt, Win95.txt,
WinNT.txt).

When I try to Log-on the CORPORATE domain by:
# /etc/rc.d/init.d/smb stop
Shutting down SMB services: smbd nmbd
# smbpasswd -j CORPORATE   [or smbpasswd -j CORPORATE -r VLDPDC1]

I get:
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine
VLDPDC1. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
2000/10/25 13:31:28 : change_trust_account_password: Failed to change
password for domain CORPORATE
Unable to join domain CORPORATE

When I asked the NT Admin to add "Linux" to the NT domain on the PDC using
Server Manager for Domains, his response was, "Linux is already in my Server
Manager list as a Windows NT 4.2 Server with a description of Linux smb
Server in Engineering." He has also made a reference to the older MS Lan
Manager Client and that he's had problems in some cases where he had to have
IPX installed (802.3 frame type) in addition to TCP/IP before domain logon
was successful.

My smb.conf includes:
workgroup = CORPORATE
server string = Linux smb Server in Engineering
printing = bsd
printcap name = /etc/printcap
load printers = yes
guest account = nobody
log file = /var/log/samba-log%m
max log size = 50
short preserve case = yes
preserve case = yes
lock directory = /var/lock/samba
locking = yes
strict locking = yes
share modes = yes
security = domain
password server = VLDPDC1
socket options = TCP_NODELAY
wins server = 10.102.7.71
;====== Share Declarations (snipped for this message, but...) =====
; [netlogon]
; All lines below [netlogon] are commented out - JDM


Any help is appreciated.

Jack

More information about the samba-ntdom mailing list