Please help with winbind setup
DavidB at mail.interclean.com
Thu Nov 8 11:28:02 GMT 2001
That means you aren't properly joined to the domain. Try removing the Samba
server's account on the PDC (with NT's server manager), re-creating it, then
joining again. (See the -j option in the smbpasswd manpage.) Make sure that
smbd and nmbd are *not* running when you do this, or it won't work.
From: Kevin [mailto:kevin at mpcf.com]
Sent: Friday, November 16, 2001 2:12 PM
To: David Brodbeck
Cc: samba at lists.samba.org
Subject: Re: Please help with winbind setup
wbinfo -t states that:
"Secret is bad
What does this mean? What is the secret used for? And
of course, how do i make it good :)
Thanks a million,
David Brodbeck wrote:
> I'm sorry, that's right...no matter what the "domain seperator" is set to
> winbind's configuration, you always use \ under Windows. I forgot about
> that. The + seperator only applies on the UNIX side.
> It looks to me like the Samba machine is not properly joined to the
> MPCFDOMAIN domain. What I can't figure out is that if that's true, it
> to me that 'getent passwd' shouldn't work either (or rather, should return
> only local users.) Maybe someone on the list has an idea.
> Does 'wbinfo -t' return 'Secret is good'?
> -----Original Message-----
> From: Kevin [mailto:kevin at mpcf.com]
> Sent: Friday, November 16, 2001 1:46 PM
> To: David Brodbeck
> Cc: samba at lists.samba.org
> Subject: Re: Please help with winbind setup
> I have tried specifying the login name as
> TESTDOM+larry, and it still does not work. WinXP will
> not even let you try it with a "+" as a separator. It
> just keeps saying the correct syntax is "TESTDOM\larry"
> (what a PITA). I've tried it from WIn2K and NT 4.0
> boxes too with no success. When i type in just
> administrator or TESTDOM\administrator, it thinks for a
> moment then spits the username:password prompt back at
> me with no extra messages. When i try with
> TESTDOM+administrator from a Win2K, WinNT or WinXP box
> all three say that the specified username is invalid.
> I checked the log.ntserver (my PDC and test client for
> now) since i bumped up the log level one notch and now
> i am getting some error messages. I have attached the
> log file to this message. It says something to the
> effect that it could not fetch trust account password
> for the MPCFDOMAIN (my real domain name). The it
> appears to try the more traditional authentication
> Thanks for the help,
> David Brodbeck wrote:
> > Hmm...that's interesting. Are you seeing any error messages at all when
> > attempt to log in? You should be able to get something, though it may
> > increasing the logging level a bit to see it. Also, if you have
> > logs for each machine, it may be turning up there instead of in the main
> > logfile.
> > Have you tried manually specifying the domain? You shouldn't have to,
> > both machines are joined to the same domain, but you might want to try
> > just to be sure. For example, if your domain seperator is +, try
> > "DOMAIN+joe" at the username prompt instead of just "joe".
More information about the samba