samba wats to join w2k domain

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Fri Feb 16 21:51:33 GMT 2001 

Varga,
One other thing - make sure that before doing this, you REMOVE the account
on the win2k server that you've been trying with, and recreate it using the
steps below, to make sure the machine password is at the default that samba
is expecting when it tries to join the domain.
Don
-----Original Message-----
From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall at hp.com]
Sent: Friday, February 16, 2001 4:38 PM
To: 'Varga Daniel (QI/RZS43) *'; Samba-Ntdom (E-Mail)
Subject: RE: samba wats to join w2k domain


Hello Varga,
I just did this myself, to verify that it works:
1. on your win2k pdc, run "Active Directory Users and Computers"
2. choose Actions/New/New Computer
3. type in the computer name that you specify in your smb.conf file 
   'netbios name= " parameter
4. make sure you check the "Allow pre-Windows 2000 computers to use this
account"

Then
5. On you Samba server, bring down samba
6. in your smb.conf file make sure that you have the following entries:
   - security = domain
   - workgroup = <win2k domain name>
   - password server = <win2k PDC>
   - encrypt passwords = yes
   - domain logons = no
7. run smbpasswd to join the domain:
   - smbpasswd -j <win2k domain name> -r <win2k PDC>
Then
8. bring up samba, and test by doing the following command:
   - smbclient -L <sambaservername> -U <win2k user>
   (make sure that the user you specify has an entry in your /etc/passwd
    file as well)

This works for me.
Don

-----Original Message-----
From: Varga Daniel (QI/RZS43) * [mailto:Daniel.Varga at de.bosch.com]
Sent: Friday, February 16, 2001 11:47 AM
To: Samba-Ntdom (E-Mail)
Subject: samba wats to join w2k domain


Hi,

I read trhu the archives but couldn't find an exact answer to my question:
- How do I join a samba into a w2k domain (active dir., native mode)?

A computer account exists in the w2k-domain for me I just can't join...
I run Debian 2.2 (potato) with samba-2.0.7 and kernel 2.2.17
I tried it with samba-2.2.0-alpha2, too.

here's the error message:
felinux:~# smbpasswd  -j DE -D 4
resolve_hosts: Attempting host lookup for name SI21930<0x20>
Connecting to IP_of_PDC at port 139
cli_net_req_chal: LSA Request Challenge from SI21930 to FELINUX:
51AEDE2BBDD665C5
cred_session_key
cred_create
cli_net_auth2: srv:\\SI21930 acct:FELINUX$ sc:2 mc: FELINUX chal
1FB52C464A2206D3 neg: 1ff
cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine
SI21930. Error was : NT_STATUS_ACCESS_DENIED.
2001/02/16 17:43:29 : change_trust_account_password: Failed to change
password for domain DE.
Unable to join domain DE.

here's my config:
   security = domain
   domain logons = no
   password server = SI21930
   netbios name = FELINUX
   workgroup = DE
   socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
   encrypt passwords = yes
   os level = 24
   local master = No

What do I do wrong?
thanx
--
Daniel

More information about the samba-ntdom mailing list