[Samba] Re-Join NT Domain after Samba Upgrade
Ben Griffith
bgriffit at email.unc.edu
Wed Apr 10 10:21:02 GMT 2002
Hello,
I was running samba 2.2.1a. The client was a member of an NT domain and
did domain authentication for allowing users to connect to shares.
I upgraded to 2.2.3a. Before the install, I backed up the MACHINE.SID and
secrets.tdb files. After installing 2.2.3a, I copied the backed up MACHINE
and secrets files back to the proper locations. After starting 2.2.3a, I
am no longer allowed to do domain authentication.
smbclient -L localhost -U <valid domain user>
Password: <valid user password>
session setup failed: NT_STATUS_LOGON_FAILURE
I thought that the MACHINE.SID file and the secrets.tdb file were the
"important secret files" that the samba client and the PDC worked out when
the client joined the domain. If these have not changed, how is the
account now invalid? How is this any different than stopping and
re-starting the samba server? Especially on a minor version upgrade.
All of the postings about re-joining a domain talk about having to access
the NT PDC and delete/re-create the machine accont for my samba server. As
I don't have that kind of access on our PDC, and our PDC admins are a
little prickly, I would like to not hassle them.
Have I missed something, or does my samba client look different to the PDC
now even though ( what I thought were ) the identifying files have not
changed?
Is deleting and re-creating the machine account the only way to fix this?
Is having to re-create the NT machine account for samba upgrades a common
practice?
--Ben--
-----------------------
Ben Griffith
bgriffit at email.unc.edu
-----------------------
More information about the samba
mailing list