Please help with winbind setup

Kevin kevin at mpcf.com
Thu Nov 8 11:25:02 GMT 2001


Aha, the man pages contain the wisdom.  The "secret" is
created when the machine is added to the domain.

I see what you are saying in regards to the samba
server does not seem to be joined to the domain (even
though it shows up as a domain member in MS Server
Manager and getent works fine).  Do you think i should
remove the machine from the domain using server manager
and try re-adding it?

Thanks again,
VeKTeReX

Kevin wrote:
> 
> wbinfo -t states that:
> "Secret is bad
> 0xc00000e5"
> 
> What does this mean?  What is the secret used for?  And
> of course, how do i make it good :)
> 
> Thanks a million,
> VeKTeReX
> 
> David Brodbeck wrote:
> >
> > I'm sorry, that's right...no matter what the "domain seperator" is set to in
> > winbind's configuration, you always use \ under Windows.  I forgot about
> > that.  The + seperator only applies on the UNIX side.
> >
> > It looks to me like the Samba machine is not properly joined to the
> > MPCFDOMAIN domain.  What I can't figure out is that if that's true, it seems
> > to me that 'getent passwd' shouldn't work either (or rather, should return
> > only local users.)  Maybe someone on the list has an idea.
> >
> > Does 'wbinfo -t' return 'Secret is good'?
> >
> > -----Original Message-----
> > From: Kevin [mailto:kevin at mpcf.com]
> > Sent: Friday, November 16, 2001 1:46 PM
> > To: David Brodbeck
> > Cc: samba at lists.samba.org
> > Subject: Re: Please help with winbind setup
> >
> > I have tried specifying the login name as
> > TESTDOM+larry, and it still does not work.  WinXP will
> > not even let you try it with a "+" as a separator.  It
> > just keeps saying the correct syntax is "TESTDOM\larry"
> > (what a PITA).  I've tried it from WIn2K and NT 4.0
> > boxes too with no success.  When i type in just
> > administrator or TESTDOM\administrator, it thinks for a
> > moment then spits the username:password prompt back at
> > me with no extra messages.  When i try with
> > TESTDOM+administrator from a Win2K, WinNT or WinXP box
> > all three say that the specified username is invalid.
> >
> > I checked the log.ntserver (my PDC and test client for
> > now) since i bumped up the log level one notch and now
> > i am getting some error messages.  I have attached the
> > log file to this message.  It says something to the
> > effect that it could not fetch trust account password
> > for the MPCFDOMAIN (my real domain name).  The it
> > appears to try the more traditional authentication
> > methods.
> >
> > Thanks for the help,
> > VeKTeReX
> >
> > David Brodbeck wrote:
> > >
> > > Hmm...that's interesting.  Are you seeing any error messages at all when
> > you
> > > attempt to log in?  You should be able to get something, though it may
> > take
> > > increasing the logging level a bit to see it.  Also, if you have seperate
> > > logs for each machine, it may be turning up there instead of in the main
> > > logfile.
> > >
> > > Have you tried manually specifying the domain?  You shouldn't have to, if
> > > both machines are joined to the same domain, but you might want to try it
> > > just to be sure.  For example, if your domain seperator is +, try
> > > "DOMAIN+joe" at the username prompt instead of just "joe".
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba




More information about the samba mailing list