problem in "net rpc join"

Moshe Yosevshvili moshe.yosevshvili at
Sun May 21 13:55:52 GMT 2006

hi all,
I'm using samba-3.0.20 and when i run 'net rpc join' i look at the
traces and see that the machine account is created with expirable
password. I'd like to change this behavior so that the machine will
join the domain as a workstation with non-expirable password.
when i look into the relevant code i see the following:
in net_rpc_join::net_rpc_join_newstyle() there's a variable:
uint32 acb_info = ACB_WSTRUST;
later on this variable is used in the following calls:
cli_samr_create_dom_user(), init_sam_user_info16().

when i try to do the following:
result = cli_samr_create_dom_user(cli, mem_ctx,
       acb_info | ACB_PWNOEXP, // this is my change...
       0xe005000b, &user_pol,

i get error: invalid argument (from DC in Ethereal traces).
why should this call fail?
if i have the option in SamrCreateUser2InDomain
to create a user with non-expirable password why should my call fail?
however when i call cli_samr_create_dom_user() with regular params
(i.e. don't set the non-expirable password bit)
and only change the following:
init_sam_user_info16(&16, acb_info | ACB_PWNOEXP);

i see in traces that all succeeds.
i fail to understand why the change of calling
cli_samr_create_dom_user() with ACB that says "password doesn't
as i understand in 'net ads join' this is the default option but i
need the rpc option and i try to understand what's the
correct way to do this.

More information about the samba-technical mailing list