Thoughts on problems with W2K joining ...

Hazen Valliant-Saunders hazen at
Tue Jan 2 18:46:14 GMT 2001

	Hey I'm using w2k sp1 with a cvs'd version of 2.2.0-prealpha and its
working fine now. The only thing that i've noticed is that a lot of people
either aren't creating root accounts, or don't read all the documentation.
(Myself included!)  This is not mentioned anywhere in the FAQ's or HOW-To's
	1. After following the PDC faq's and How-to's all the other mounds of doc's
(Readme's INSTALL'S etc. etc.)
	2. Now create your test accounts (test, Blah, Joe shmoe, Foobar) whatever
your prefrence is then Do the following CREATE A ROOT ACCOUNT!!!
(#smbpasswd -a root) followed by the root password and you may want to keep
them the same for admin purposes, and sanity too.
	3. Test your local W2K logon using the same test accounts on both the w2k
box and the nix box (makes administration much easier)
	4. OK so your Windoze box works now when you attempt a domian logon in w2k
use THE ROOT Account, you should be prompted for an account with permissions
to logon to the domain, use the ROOT account, then grab yourself a coffe or
sanck and wait (takes about 2 or 3 minutes usually) if you end up waiting
any longer than five minutes then if i where you i'd go back to step 3 and

Here are some notes
	The domain logon aspect of 2.2.0 emulates "trust relations" there is not
any plans now or in the near future to do so, however from what i have seen
you can use a work around (I'm still testing this one) by modifying the
group (users and ADMIN or admin)in conjunction with domain admin = @admin ->
smb.conf, However this is not how microsoft implements the same idea, Trust
relation on any ms box mean that even your file creation and permissions are
the same across each machiene (if you are an administrator then you have
admin previalages across all machines within that domain. ) however i figure
the samba team will be working on this hopefully.

	The user manager only aceses the moment?  Good one
	If anyone could enlighten me as to the "proper" function of the user
manager with samba is it the moment or what? and on that note,

	Does anyone know How or if it is possible to map local passwords to the
domain controller?
	ie: a change on a local workstation to the profile local password would be
mapped to the domain controller.??

Thanks again all

-----Original Message-----
From: samba-ntdom-admin at
[mailto:samba-ntdom-admin at]On Behalf Of David Bannon
Sent: Tuesday, January 02, 2001 6:25 AM
To: Alexander Lobodzinski
Cc: samba-ntdom at
Subject: Re: Thoughts on problems with W2K joining ...

At 12:29 AM 2/1/2001 +0100, Alexander Lobodzinski wrote:
>() With so many people having problems joining a W2K to samba 2.2 domain
>() [Message D]
>() "No mapping between account names and security ID was done."
>in your recipe how to deliberately provoke various error messages the
>last one [D] was not listed.  So what did you do to get it?

There have been so many changes to the cvs since then, I'm not sure my post
about those error is still valid. Are you using W2k SP1 ? If so, it don't
work ! (see the FAQ).

I don't have access to my test setup any more, have changed jobs and have
not set up anything at the new one yet. Sorry, cannot help for at least 3
or 4 weeks. Right now I'm struggling with True64 on a Compaq super
computer. Its fun !

David Bannon                      D.Bannon at
School of Biochemistry            Phone 61 03 479 2197
La Trobe University, Plenty Rd,   Fax   61 03 479 2467
Bundoora, Vic, Australia, 3083
..... Humpty Dumpty was pushed !

More information about the samba-ntdom mailing list