Trouble registering Samba Server in an NT domain
Zaleski, Matthew (M.E.)
mzaleski at ford.com
Mon Oct 29 18:40:05 GMT 2001
I've looked thru the Howto's and a bunch of the list archives but can't find an answer to my exact problem:
I'm trying to switch my Samba server (version 2.2.1a on Mandrake 8.1) from a share level security to domain authentication. (My company has had NT domain servers for about 2 years and I think they have all the bugs worked out.) I'm assuming (maybe incorrectly) that as long as I have a valid (unoccupied) NetBIOS machine name acceptable for a NT workstation, then Samba can step into its shoes to request domain level user authentication.
When I type as root (names are changed to protect the innocent):
smbpasswd -j MYDOMAIN
I have "password server = *" and that seems to negate the need to specify my password server on the command above. Is that correct?
I get a flurry of debug messages from my high log level setting. From them I can see Samba contact the WINS server to locate the PDC and is successful. It then connects to the PDC, but eventually fails with a NT_STATUS_NO_TRUST_SAM_ACCOUNT error. What does this mean?
Here is the revelant snippet from my debug session:
Got a positive name query response from 220.127.116.11 ( 18.104.22.168 )
Connecting to 22.214.171.124 at port 139
LSA Open Policy
LSA Query Info Policy
LSA_QUERYINFOPOLICY (level 5): domain:MYDOMAIN domain sid:S-1-5-21-1078229911-1189946983-1225219381
cli_net_req_chal: LSA Request Challenge from ECCNA101 to AV2443: 658B07A562883C61
cli_net_auth2: srv:\\ECCNA101 acct:AV2443$ sc:2 mc: AV2443 chal FB1E53C79AF322C0 neg: 1ff
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine ECCNA101. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
2001/10/29 17:28:37 : change_trust_account_password: Failed to change password for domain MYDOMAIN.
Unable to join domain MYDOMAIN.
More information about the samba