smbpasswd problems in 2.2

Esh, Andrew AEsh at tricord.com
Tue Jan 15 10:51:24 GMT 2002


I don't think this is right.

In #1, the remote machine name is "*". Which to me means "connect to all
hosts". That doesn't make any sense. Is this shorthand for "the hostname of
whatever host is the PDC"? I don't think that will work.

In #2, no remote machine name is given, so the local machine is assumed. The
results are as expected.

In #3, the arguments are correct, but only if there is a freshly created
trust account for this host on the PDC. If an account has not been created,
then a user account with Administrator privileges must also be supplied, so
smbpasswd can create the trust account itself. Since this wasn't done, and
it doesn't appear as though a trust account already exists, then these
results are correct.

The correct thing to do is a combination of #2 and #3:

	smbpasswd -j MYDOMAIN -r MYPDC -U administrator%howdy

This gives the domain name, the PDC name, and the admin user account needed
to create the trust account on the PDC, and join the domain.

-----Original Message-----
From: ZINKEVICIUS,MATT (HP-Loveland,ex1)
[mailto:matt_zinkevicius at hp.com]
Sent: Monday, January 14, 2002 5:27 PM
To: samba-technical at lists.samba.org
Subject: smbpasswd problems in 2.2


Hi all,
We are experiencing 3 new problems when attemping to join a domain, using a
recent samba 2.2.3-pre snapshot (1/3/2002).

1) PDC discovery is not working

% smbpasswd -j MYDOMAIN -U administrator%howdy -r *
Could not resolve name *
Unable to join domain MYDOMAIN.

2) smbpasswd is not using the "password server" option from smb.conf (seems
to default to acting locally).

% smbpasswd -j MYDOMAIN -U administrator%howdy
error creating domain user: NT_STATUS_ACCESS_DENIED
Unable to join domain MYHOSTNAME. <-- This is this machines hostname

3) Unable to join an existing computer account created on the PDC.

% smbpasswd -j MYDOMAIN -r MYPDC
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine MYPDC.
Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
2002/01/14 16:23:21 : change_trust_account_password: Failed to change
password for domain MYDOMAIN.
Unable to join domain MYDOMAIN.

Any clues why this broke so bad recently?

Matt Zinkevicius
Software Engineer
Network Storage Array Solutions
Hewlett-Packard

-------------- next part --------------
HTML attachment scrubbed and removed


More information about the samba-technical mailing list