Trouble registering Samba Server in an NT domain
Zaleski, Matthew (M.E.)
mzaleski at ford.com
Tue Oct 30 13:29:05 GMT 2001
I have no control over the domain. That's somewhere in the IT department and I don't want to chase it down if I don't have to. I'm still unclear what is being done on the Windows server side. If I have a company-issued machine name and we already have NT workstations in the area, doesn't that meet the requirements?
Matthew Zaleski
> -----Original Message-----
> From: Joseph [mailto:jolt at nicholasofmyra.org]
> Sent: Tuesday, October 30, 2001 10:21 AM
> To: Zaleski, Matthew (M.E.)
> Cc: samba at lists.samba.org
> Subject: Re: Trouble registering Samba Server in an NT domain
>
>
> Have you added the machine to the domain using server
> manager? If you
> have, have you tried removing it and adding it again?
>
> Zaleski, Matthew (M.E.) wrote:
>
> >I've looked thru the Howto's and a bunch of the list
> archives but can't find an answer to my exact problem:
> >
> >I'm trying to switch my Samba server (version 2.2.1a on
> Mandrake 8.1) from a share level security to domain
> authentication. (My company has had NT domain servers for
> about 2 years and I think they have all the bugs worked out.)
> I'm assuming (maybe incorrectly) that as long as I have a
> valid (unoccupied) NetBIOS machine name acceptable for a NT
> workstation, then Samba can step into its shoes to request
> domain level user authentication.
> >
> >When I type as root (names are changed to protect the innocent):
> >smbpasswd -j MYDOMAIN
> >
> >I have "password server = *" and that seems to negate the
> need to specify my password server on the command above. Is
> that correct?
> >
> >I get a flurry of debug messages from my high log level
> setting. From them I can see Samba contact the WINS server
> to locate the PDC and is successful. It then connects to the
> PDC, but eventually fails with a
> NT_STATUS_NO_TRUST_SAM_ACCOUNT error. What does this mean?
> >
> >Here is the revelant snippet from my debug session:
> ><SNIP>
> >Got a positive name query response from 99.99.99.99 ( 99.99.88.88 )
> >Connecting to 99.99.88.88 at port 139
> >LSA Open Policy
> >LSA Query Info Policy
> >LSA_QUERYINFOPOLICY (level 5): domain:MYDOMAIN domain
> sid:S-1-5-21-1078229911-1189946983-1225219381
> >LSA Close
> >cli_net_req_chal: LSA Request Challenge from ECCNA101 to
> AV2443: 658B07A562883C61
> >cred_session_key
> >cred_create
> >cli_net_auth2: srv:\\ECCNA101 acct:AV2443$ sc:2 mc: AV2443
> chal FB1E53C79AF322C0 neg: 1ff
> >cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
> >cli_nt_setup_creds: auth2 challenge failed
> >modify_trust_password: unable to setup the PDC credentials
> to machine ECCNA101. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
> >2001/10/29 17:28:37 : change_trust_account_password: Failed
> to change password for domain MYDOMAIN.
> >Unable to join domain MYDOMAIN.
> ></SNIP>
> >
> >
> >Matthew Zaleski
> >
>
>
More information about the samba
mailing list