Add Machine to Domain failed using NT4SP6-Wrk
A. Pohl
pohl at vegu.de
Thu Mar 30 07:41:32 GMT 2006
Hi all,
I'm testing Samba3.0.21c with OpenLDAP/IDEALX-Scripts. When I add a WinNT4 machine to the domain I get an error "The computer
account doesn't exists...". The same with a WinXP machine has no problems.
Here is a piece of client-log:
for NT4:
[2006/03/30 09:26:36, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2006/03/30 09:26:36, 3] smbd/uid.c:push_conn_ctx(393)
push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2006/03/30 09:26:36, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/03/30 09:26:36, 5] auth/auth_util.c:debug_nt_user_token(433)
NT user token: (NULL)
[2006/03/30 09:26:36, 5] auth/auth_util.c:debug_unix_user_token(454)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/03/30 09:26:36, 5] lib/smbldap.c:smbldap_search_ext(1099)
smbldap_search_ext: base => [ou=Groups,dc=IMUede,dc=de], filter => [(&(objectC
lass=sambaGroupMapping)(sambaSID=S-1-5-21-2134219367-4279175790-25907577-513))],
scope => [2]
[2006/03/30 09:26:36, 2] passdb/pdb_ldap.c:init_group_from_ldap(2202)
init_group_from_ldap: Entry found for group: 513
[2006/03/30 09:26:36, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/30 09:26:37, 3] groupdb/mapping.c:smb_set_primary_group(1041)
smb_set_primary_group: Running the command `/opt/IDEALX/sbin/smbldap-usermod -
g "Domain Users" "testus$"' gave 0
[2006/03/30 09:26:37, 4] passdb/pdb_ldap.c:ldapsam_update_sam_account(1846)
ldapsam_update_sam_account: user testus$ to be modified has dn: uid=testus$,ou
=Computers,dc=IMUede,dc=de
[2006/03/30 09:26:37, 2] passdb/pdb_ldap.c:init_ldap_from_sam(1064)
init_ldap_from_sam: Setting entry for user: testus$
[2006/03/30 09:26:37, 5] lib/smbldap.c:smbldap_modify(1273)
smbldap_modify: dn => [uid=testus$,ou=Computers,dc=IMUede,dc=de]
[2006/03/30 09:26:37, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1648)
ldapsam_modify_entry: Failed to modify user dn= uid=testus$,ou=Computers,dc=IM
Uede,dc=de with: No such attribute
modify/delete: sambaPrimaryGroupSID: no such value
[2006/03/30 09:26:37, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1873)
ldapsam_update_sam_account: failed to modify user with uid = testus$, error: m
odify/delete: sambaPrimaryGroupSID: no such value (Success)
[2006/03/30 09:26:37, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/30 09:26:37, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 samr_io_r_set_userinfo
[2006/03/30 09:26:37, 5] rpc_parse/parse_prs.c:prs_ntstatus(762)
0000 status: NT_STATUS_ACCESS_DENIED
[2006/03/30 09:26:37, 5] rpc_server/srv_pipe.c:api_rpcTNP(2277)
api_rpcTNP: called samr successfully
the same with WinXP:
[2006/03/29 16:16:06, 5] auth/auth_util.c:debug_unix_user_token(454)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/03/29 16:16:06, 5] lib/smbldap.c:smbldap_search_ext(1099)
smbldap_search_ext: base => [dc=IMUede,dc=de], filter => [(&(sambaSID=S-1-5-21
-2134219367-4279175790-25907577-3066)(objectclass=sambaSamAccount))], scope => [
2]
[2006/03/29 16:16:06, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
init_sam_from_ldap: Entry found for user: testus1$
[2006/03/29 16:16:06, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/29 16:16:06, 5] rpc_server/srv_samr_nt.c:_samr_set_userinfo(3258)
_samr_set_userinfo: does possess sufficient rights
[2006/03/29 16:16:06, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/03/29 16:16:06, 3] smbd/uid.c:push_conn_ctx(393)
push_conn_ctx(101) : conn_ctx_stack_ndx = 0
[2006/03/29 16:16:06, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/03/29 16:16:06, 5] auth/auth_util.c:debug_nt_user_token(433)
NT user token: (NULL)
[2006/03/29 16:16:06, 5] auth/auth_util.c:debug_unix_user_token(454)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/03/29 16:16:06, 5] rpc_server/srv_samr_nt.c:set_user_info_23(3079)
Attempting administrator password change (level 23) for user testus1$
[2006/03/29 16:16:06, 5] rpc_server/srv_samr_nt.c:set_user_info_23(3099)
Changing trust account or non-unix-user password, not updating /etc/passwd
[2006/03/29 16:16:06, 4] passdb/pdb_ldap.c:ldapsam_update_sam_account(1846)
ldapsam_update_sam_account: user testus1$ to be modified has dn: uid=testus1$,
ou=Computers,dc=IMUede,dc=de
[2006/03/29 16:16:06, 2] passdb/pdb_ldap.c:init_ldap_from_sam(1064)
init_ldap_from_sam: Setting entry for user: testus1$
[2006/03/29 16:16:06, 5] lib/smbldap.c:smbldap_modify(1273)
smbldap_modify: dn => [uid=testus1$,ou=Computers,dc=IMUede,dc=de]
[2006/03/29 16:16:06, 2] passdb/pdb_ldap.c:ldapsam_update_sam_account(1879)
ldapsam_update_sam_account: successfully modified uid = testus1$ in the LDAP d
atabase
[2006/03/29 16:16:06, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/29 16:16:06, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 samr_io_r_set_userinfo
[2006/03/29 16:16:06, 5] rpc_parse/parse_prs.c:prs_ntstatus(762)
Can someone test it against NT4? What is wrong? Is it impossible to use NT4 with Samba3?
Thanks,
Andreas Pohl
pohl at vegu.de
--------------------------------------------------
INTERMET Ueckermünde
D-17373 Ueckermünde, Eggesiner Str. 11
Tel.: +49 (0) 39771 2120, Fax: +49 (0) 39771 21210
More information about the samba-technical
mailing list