(HELLLP!) Samba-2.0.3 + NT4sp4 + domain

Edward Brotsman Dreger eddy at intc.net
Sun Mar 28 13:39:47 GMT 1999


Hello,



Here's the backgroup:

- Samba 2.0.3
- Samba is domain controller
- Win9x machines log on to domain just fine
- PROBLEM: WinNT sp4 machine (name: LR-P400) cannot join domain

Other relevant info:

- smb.conf: domain logons = yes
- smb.conf: encrypt passwords = yes
- smb.conf: security = user

- even tried EnablePlainTextPassword registry mod on the NT machine



My goal is to have all machines, including the new NT beast, log on to
'DOMAIN' using the Samba server for authentication.

I've included a typical section of Samba log file below.  (NT machine
only; I log on a per-machine basis.)

This log file corresponds to when, from [ Control Panel > Identification >
Change ] on the NT beast, I attempt to switch from workgroup 'BLAH' to
domain 'BLAH'.

I have tried both simply joining the domain also and 'Create a Computer
Account in the Domain' from the NT box.  Each reports access denied (see
Samba logfile below), or that I am already a member of the domain and must
disconnect.

>From NT Explorer, I can access shared non-public drives without problem.
It appears that I am logging on, just that I can't join the domain.



--- begin note ---

I changed the NT admin user from 'Administrator' to 'Admin' -- the
same name as the Samba admin user.  They also use the same password.

Could it be that the NT machine is attempting to perform the domain
authentication, then connect to the Samba server, and Samba is complaining
about the lack of a trust relationship for the NT machine?

This is, not, however, the behavior I am attempting to create.  I want
Samba to validate domain logons, not NT.

--- end note ---



I've read all the relevant Samba docs I could find, so I hope that I'm not
asking a simple, basic question.

AAAIIIYYYEEEEEE!!!  What have I missed?



Huge TIA,
Eddy

P.S. -- Please re or cc privately.  Thanks from a digest member!

*-----------------------------\_/~~\_/----------------------------------*
  Edward Brotsman Dreger                 "Your Success is Our Success    
  Network & Systems Manager            Our Expertise is Your Advantage"  
  Brian's Consulting Services /~\__/~\   www.brics.com * 316-794-8922    
_________________________________________________________________________
SPAMbot bait:  abuse at localhost  postmaster at localhost  blacklist at brics.com

--- begin logfile snippet ---

[1999/03/28 06:45:14, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 06:45:15, 0] smbd/reply.c:session_trust_account(403)
  session_trust_account: Trust account LR-P400$ user doesn't exist
[1999/03/28 06:45:25, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 06:45:25, 0] smbd/reply.c:session_trust_account(403)
  session_trust_account: Trust account LR-P400$ user doesn't exist
[1999/03/28 06:50:32, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 06:50:32, 0] smbd/reply.c:session_trust_account(403)
  session_trust_account: Trust account LR-P400$ user doesn't exist
[1999/03/28 06:51:27, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 06:51:27, 0] rpc_server/srv_samr.c:api_samr_unknown_32(1427)
  trouble!
[1999/03/28 06:59:12, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 06:59:29, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 07:00:19, 0] smbd/service.c:make_connection(320)
  admin logged in as admin user (root privileges)
[1999/03/28 07:00:19, 0] rpc_server/srv_samr.c:api_samr_unknown_32(1427)
  trouble!

--- end logfile snippet ---



More information about the samba mailing list