What's left for 3.0.21 final release?
hideo takeuchi
takeuchi at miraclelinux.com
Wed Nov 16 02:25:30 GMT 2005
> Waiting for feedback.....
The problem is talking about a trusted AD domains on a Samba DC.
Use Samba Version: samba-3.0.21pre1、samba-3.0.21rc1
example:
AD server name TAKEHIDE1
AD Domain name TAKEADS
Samba PDC name SMB-ML21
For samba-3.0.14a:
# wbinfo -u
TAKEADS\administrator
TAKEADS\agrex
TAKEADS\guest
TAKEADS\krbtgt
TAKEADS\takeuchi1
# wbinfo -m
TAKEADS
# wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
Could not check secret
after updating to samba-3.0.20pre1 and samba-3.0.21rc1:
# wbinfo -u
Error looking up domain users
# wbinfo -m
TAKEADS
# wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
Could not check secret
Then we got the log file that did not exist in samba-3.0.14a was made.
# /var/log/samba/takehide1.log
[2005/11/16 09:54:23, 0] libsmb/credentials.c:creds_server_check(159)
creds_server_check: credentials check failed.
[2005/11/16 09:54:23, 0]
rpc_server/srv_netlog_nt.c:_net_sam_logon(638)
_net_sam_logon: creds_server_step failed. Rejecting auth request
from client TAKEHIDE1 machine account TAKEADS$
[2005/11/16 09:54:23, 2] auth/auth.c:check_ntlm_password(317)
check_ntlm_password: Authentication for user [SMB-ML21$] ->
[SMB-ML21$] FAILED with error NT_STATUS_NO_SUCH_USER
smb.conf:
[global]
dos charset = CP932
unix charset = EUCJP-MS
display charset = EUCJP-MS
workgroup = ML21TEST
netbios name = SMB-ML21
server string = %L : Samba %v on %h
passdb backend = ldapsam
guest account = Guest
log file = /var/log/samba/%m.log
log level = 0 auth:2
max log size = 10000
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
local master = Yes
wins support = Yes
ldap suffix = dc=ml21,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap admin dn = uid=Administrator,ou=Users,dc=ml21,dc=com
ldap passwd sync = Yes
admin users = Administrator
printing = lprng
dos filemode = Yes
dos filetimes = Yes
dos filetime resolution = Yes
idmap uid = 10000-20000
idmap gid = 20001-30000
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://localhost
inherit acls = Yes
logon path =
logon home =
Best Regards,
More information about the samba-technical
mailing list