LDAP PDC and 100% pure TNG tested

Luke Kenneth Casson Leighton lkcl at samba.org
Mon Jan 10 11:33:33 GMT 2000


i've been trying to code this up in smbpasswd, but the code is unfamiliar
to me.

for now, use rpcclient to do the same job.  you _must_ have a trust
acccount for the PDC, despite what smbpasswd thinks.

unix-root-user% rpcclient -S . -U root%rootpassword -l log
[root at .$] lsaquery
[root at .$] createuser sambaserver$ -j
created user: OK
joined domain: OK

you _may_ find that the SAM account for sambaserver$ is disabled, and you
_may_ have to edit the SAM account manually and activate it.  i will be
tracking this down, later (it's related to a bug i found in NT and i had
to deactivate some code to change ACB bits).

an account is disabled if the ACB bits are:[WD      ].  remove the D:
replace it with a space do NOT shorten the ACB bits field, it MUST be
exactly 14 bytes long (or whatever).

> 2. The second problem is about the file private/<domain>.<hostname>.mac:
> The logs shows:
> > [2000/01/08 12:45:55, 0] passdb/smbpassfile.c:trust_password_lock(78)
> > trust_password_lock: cannot open file /usr/local/etc/samba/private/CTI-SMB-DEV.BILBO.mac - Error was No such file or directory.
> the server "bilbo" has an account (as the README says), but I can't use
> "smbpasswd -j" because bilbo is a PDC.
> The samba runs perfectly, I suppose this is a warning.
> Ignacio
> -- 
> ____________________________________________________
> Ignacio Coupeau, Ph.D.     e-mail: icoupeau at unav.es
> CTI, Director              fax:    948 425619
> University of Navarra      voice:  948 425600
> Pamplona, SPAIN            http://www.unav.es/cti/

More information about the samba-technical mailing list