samba-TNG unable to join domain

Lanny Baron lnb at freebsdsystems.com
Tue Jan 25 22:32:13 GMT 2000


Hello,
I have followed the instructions at
http://www.kneschke.de/projekte/samba_tng/samba_bdc.php3 for BDC. No matter
what I try (i.e. smbpasswd -a -m wired$ etc..) in those instructions, what the
site says should happen when running the command below, the desired (and
reported on the site as being, create trust account: OK
join domain: OK.) does not happen. What it does is shown below.

satan# rpcclient -S WIRED -U administrator%hidden -W FREEBSD
params.c:Parameter() - Ignoring badly formed line in configuration file: server
string is the equivalent of the NT Description field
Added interface ip=216.183.2.6 bcast=216.183.2.127 nmask=255.255.255.128
[FREEBSD\administrator at WIRED]$
[FREEBSD\administrator at WIRED]$ lsaquery
lsaquery
Got a positive name query response from 216.183.2.3 ( 216.183.2.3 )
socket connect to /tmp/.smb.0/agent failed: No such file or directory
error connecting to 216.183.2.3:445 (Invalid argument)
session setup ok
Domain=[FREEBSD] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0]
LSA Query Info Policy
Domain Member     - Domain: FREEBSD SID:
S-1-5-21-1174881380-1575684945-2048475684
Domain Controller - Domain: FREEBSD SID:
S-1-5-21-1174881380-1575684945-2048475684
[FREEBSD\administrator at WIRED]$

[FREEBSD\administrator at WIRED]$ createuser SATAN$ -s -j
createuser SATAN$ -s -j
SAM Create Domain User
Domain: FREEBSD Name: SATAN$ ACB: [W          ]
Create Domain User: OK

[FREEBSD\administrator at WIRED]$ samsync
samsync
Got a positive name query response from 216.183.2.3 ( 216.183.2.3 )
socket connect to /tmp/.smb.0/agent failed: No such file or directory
error connecting to 216.183.2.3:445 (Invalid argument)
session setup ok
Domain=[FREEBSD] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0]
cli_nt_setup_creds: auth2 challenge failed.  status: c000018b
[FREEBSD\administrator at WIRED]$

[FREEBSD\administrator at WIRED]$ enumgroups
enumgroups
SAM Enumerate Groups
Group RID:      200  Group Name: Domain Admins
Group RID:      202  Group Name: Domain Guests
Group RID:      201  Group Name: Domain Users
Group RID:      3fe  Group Name: fluffy
Group RID:      3fd  Group Name: samba
Group RID:      3f9  Group Name: unix
[FREEBSD\administrator at WIRED]$


The thing that I seen when going to the console at the Doze NT box is a user
called SATAN with account disabled checked (I have no idea why it does that) 
and in the event viewer there are a ton of errors about trust account and
access denied from both SATAN and satan$ (in case you are confused, satan is my
FreeBSD/Samba server). The other strange thing is, although i have added SATAN
as a backup with UserManager for Domains, double click of SATAN produces network
password is incorrect. One question that comes to mind is,  why am I able to add
groups on the NT box? I added fluffy, unix and samba as groups (i am not sure
if they are global or local) and then did a smbclient //wired/C$ -U lnb and was
in. 

Thanks in advance for your help (and some fine tuning),


Lanny Baron
----------------------------------
Date: 25-Jan-00
Time: 17:32:13

Silverman's Law:
	If Murphy's Law can go wrong, it will.

----------------------------------


More information about the samba-technical mailing list