domain level authentication?

MCCALL,DON (HP-USA,ex1) don_mccall at
Tue Mar 13 18:35:12 GMT 2001

Hi Mjo,
Try removing the machine account for samba on your pdc and re-adding it,
add the line "password server = *" after your security=domain  line in the
file, and then do the smbpasswd -j command again.
BTW, what is your NT PDC - Win2k or WinNT 40.  And what version is you Samba
server?  (find out by typing smbd -V).
Hope this helps,

-----Original Message-----
From: mjo [mailto:mjo at]
Sent: Tuesday, March 13, 2001 12:39 PM
To: samba at
Subject: domain level authentication?

I'm trying to set up a samba server, such that 60 or so win 98 users can log
into the linux box and be plopped into their respective home directories on
 I don't want them to be promted for passwords, I want the PDC, an NT box,
take care that in such a wy that I do not need a smbpasswd file. I know
nothing about NT, but the server running works just fine, and will let
authenticate into samba as long as I set it up authenticating against a
smbpasswd file.

Here is the relevant part of the smb.conf file I'm using:
        netbios name = MYNBNAME
        workgroup = MYDOMAIN
        server string = Samba %v on (%L)
        log level= 1
        max log size = 1000
        encrypt passwords = yes
        security = domain
        brosweable = yes
        map archive = yes

        path = /data
        comment = data drive
        volume = Data-Drive
        writeable = yes

MYNBNAME is listed in the NT box's server manager.
I shut down samba, type
smbpasswd -j MYDOMAIN -r MYPDC
Here is the error I get:

cli_net_req_chal: Error NT_STATUS_NOT_SUPPORTED
cli_nt_setup_creds: request challenge failed
modify_trust_password: unable to setup the PDC credentials to machine MYPDC.
Error was : NT_STATUS_NOT_SUPPORTED. 2001/03/13 11:03:37 :
change_trust_account_password: Failed to change password for domain
Unable to join domain MYDOMAIN.        

I have also tried setting setting sercurity=server.

Any thoughts?  Thanks!

To unsubscribe from this list go to the following URL and read the

More information about the samba mailing list