win2k joining Samba 2.2.2 PDC problems.

Phil Chambers P.A.Chambers at exeter.ac.uk
Mon Dec 10 04:07:07 GMT 2001


> > > [2001/12/07 04:13:10, 10] passdb/pdb_smbpasswd.c:startsmbfilepwent(168)
> > >   startsmbfilepwent_internal: opening file /usr/local/private/smbpasswd
> > > [2001/12/07 04:13:10, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(171)
> > >   startsmbfilepwent_internal: unable to open file /usr/local/private/smbpasswd.
> > > Error was Permission denied
> > > [2001/12/07 04:13:10, 0] passdb/pdb_smbpasswd.c:pdb_getsampwrid(1459)
> > >   unable to open passdb database.
> >
> > I had just reached this same position myself when trying to work out why W2k will
> > not authenticate against my SAMBA PDC.  I have had several permissions problems with
> > SAMBA and have had to make various directories and files world-readable.  However, I
> > understand that smbpasswd needs to be tightly restricted for security concerns, so
> > have not tried to solve this problem by making it world-readable.
> >
> > So, any help will be appreciated by at least two of us!
> 
> You need to join the domain as root (as specified in the Samba-PDC-HOWTO.

Thanks for the reply.  I have re-read the Samba-PDC-HOWTO twice more and cannot find 
any reference to needing root to join a client to a domain!  My copy is that 
supplied with 2.2.2 and is dated Jul 31 2001.  I created the machine trust account 
manually and was logged in as root to do that.

When trying to join the client I used a username which is listed in my "domain admin 
group" list.  Surely the point of this parameter is to provide non-root access in 
just this situation.  The last thing I want to have to do is use my Unix root 
password to join a client to the domain!

Phil.
---------------------------------------
Phil Chambers (postmaster at exeter.ac.uk)
University of Exeter





More information about the samba mailing list