[Samba] w2k pro no longer trusted by 2.2.3 pdc
mitchbnj at excite.com
mitchbnj at excite.com
Tue Aug 13 12:48:01 GMT 2002
Hi. I am still having problems:
Quick synopsis:
NT workstation cannot have machine acccount successfully trusted by PDC.
---------Here’s my problem------(LONG)------------------
I have several W2k Workstations, with a SAMBA 2.2.3 PDC.
I screwed up something, and removed all of the important parts of the server validation.
Here's the story: OUTLAND is domain, W2k/ clients are milo and lola
They WERE working fine on the domain. I did SOMETHING (??) and now I get a message that says
** Error Message 1**
(when I try and log on: The system cannot log you on to this domain because the system computer account in its primary domain is missing or the password on that account is incorrect.
++Step 1++: I tried to delete the machine accounts (milo$ and lola$) using userdel and smbpasswd -x to eliminate all traces.
++Step 2++: Tried to change out of domain, changed machine name, log in: still no good, same messages.
++Step 3++: Tried the same thing, but this time also deleted the secrets.tdb file, and the MACHINE file. Then did a smbpasswd to add the root account again. STILL same problem.
++Step 4++: Then changed the machine name and (domain) out of the outland domain. So I changed the name of the client to stevedallas, and the workgroup to temp. That change worked ok. After this, I logged in, ok (as admin), and was then able to change back to the outland domain.
++Step 5++: Next logged in as workstation/administator and I added new user/browse and it did see the outland domain. Then, clicked my outland domain name, and next and
next error message was
** Error Message ** : The user could not be added because the following error has occurred. The trust relationship between this workstation and the primary domain failed.
SO I am stuck without getting any user logins (at least I can login as admin. please point me in the right direction??? thanks
Step 6: REINSTALLED WIN2k.. SAME results.
Step 7: Posted the SMB.conf, as well as the machine logs and rejects to List.
GOT No responses whatsoever.
Step 8: I am desperate.. I tried the following:
Stopped all clients, and server.
Removed SMB.conf and brought it to almost clean state.
THEN removed smbpasswd , secrets,tdb as well as the MACHINE file
Then started up.
Same series of messages.
NOTE: I deleted all comments from here for brevity (ha...)
===== NEW (still failing ) SMB.conf file =====
#Mitch SMB.conf 8/13/02
[global]
workgroup = OUTLAND
netbios name = OUTLANDSVR
server string = Samba Server %v %U
log file = /var/log/samba/log.%m
max log size = 50
hosts allow = 192.168.10.0
hosts deny = 68.0.0.0
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 66
domain master = yes
preferred master = yes
domain logons = yes
logon script = %m.bat
logon script = welcome.bat
logon path = \\%L\Profiles\%U
; logon home = \\%L\%U\.profile
add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u
domain admin group = root @wheel @admins mbruntel
name resolve order = wins lmhosts bcast
wins support = yes
dns proxy = yes
#=======Share Definitions ============
[homes]
comment = Home Directories
browseable = no
writable = yes
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
read list = @family
write list = mbruntel ntadmin @admins @family
force group = @family
guest ok = yes
writable = no
[Profiles]
comment = samba roaming profiles here
path = /var/lib/samba/profiles
browseable = yes
guest ok = yes
[mbruntel]
comment = Mitch's Home Stuff
path = /home/mbruntel/dosroot/realroot
valid users = mbruntel
writable = yes
max connections = 8
browseable = yes
[cbruntel]
comment = Cheryl's Home Stuff
path = /home/cbruntel/dosroot/realroot
valid users = cbruntel mbruntel
writable = yes
max connections = 8
[software]
comment = SW shared directory
path = /software
valid users = cbruntel mbruntel @family zbruntel moogirl
writable = yes
[bigfiles]
comment = Files directory
path = /files
valid users = cbruntel mbruntel @family zbruntel moogirl
writable = yes
force group = @family
guest ok = Yes
read only = No
[files]
comment = Files directory
path = /files
valid users = cbruntel mbruntel @family zbruntel moogirl
writable = yes
force group = @family
guest ok = Yes
read only = No
inherit permissions = Yes
[mail]
comment = Mail Home directory
path = /var/spool/mail
valid users = cbruntel mbruntel
admin users = cbruntel mbruntel
sync always = Yes
strict sync = Yes
writable = Yes
force group = @family
guest ok = Yes
read only = No
inherit permissions = Yes
=== End of (still failing ) SMB.conf file ===
===Start machine log : Stevedallas:
(before changing to domain outland)===
[2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
get_md4pw: Workstation stevedallas$: no account in domain
[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248)
stevedallas (192.168.10.184) couldn't find service bigfiles
[2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[root at mitchbnj1 samba]#
===ENDmachine log : Stevedallas:
(before changing to domain outland)===
===Start machine log : lola:
(after changing to domain outland)===
[2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
get_md4pw: Workstation stevedallas$: no account in domain
[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248)
stevedallas (192.168.10.184) couldn't find service bigfiles
[2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
[2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381)
mbruntel logged in as admin user (root privileges)
***Start NMBD file ***
This is Mitch's NMBD file:
Netbios nameserver version 2.2.3a started.
Copyright Andrew Tridgell and the Samba Team 1994-2002
[2002/08/13 15:47:37, 0] nmbd/asyncdns.c:start_async_dns(148)
started asyncdns process 1381
[2002/08/13 15:47:37, 0] libsmb/namequery.c:getlmhostsent(514)
getlmhostsent: too many columns in lmhosts file (obsolete syntax)
[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156)
add_domain_logon_names:
Attempting to become logon server for workgroup OUTLAND on subnet 192.168.10.187
[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156)
add_domain_logon_names:
Attempting to become logon server for workgroup OUTLAND on subnet UNICAST_SUBNET
[2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(339)
become_domain_master_browser_wins:
Attempting to become domain master browser on workgroup OUTLAND, subnet UNICAST_SUBNET.
[2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(352)
become_domain_master_browser_wins: querying WINS server at IP 192.168.10.187 for domain master browser name OUTLAND on workgroup OUTLAND
[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(114)
become_logon_server_success: Samba is now a logon server for workgroup OUTLAND on subnet UNICAST_SUBNET
[2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115)
*****
Samba server OUTLANDSVR is now a domain master browser for workgroup OUTLAND on subnet UNICAST_SUBNET
*****
[2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291)
become_domain_master_browser_bcast:
Attempting to become domain master browser on workgroup OUTLAND on subnet 192.168.10.187
[2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(304)
become_domain_master_browser_bcast: querying subnet 192.168.10.187 for domain master browser on workgroup OUTLAND
[2002/08/13 15:47:41, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(114)
become_logon_server_success: Samba is now a logon server for workgroup OUTLAND on subnet 192.168.10.187
[2002/08/13 15:47:41, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(236)
find_response_record: response packet id 23895 received with no matching record.
[2002/08/13 15:47:41, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(236)
find_response_record: response packet id 23896 received with no matching record.
[2002/08/13 15:47:45, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115)
*****
Samba server OUTLANDSVR is now a domain master browser for workgroup OUTLAND on subnet 192.168.10.187
*****
[2002/08/13 15:48:00, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(404)
*****
Samba name server OUTLANDSVR is now a local master browser for workgroup OUTLAND on subnet 192.168.10.187
***** ***END of NMBD file ***
*** log.smbd
[2002/08/13 15:07:23.870957, 3, effective(0, 0), real(0, 0)] smbd/server.c:exit_server(492)
Server exit (caught signal)
[2002/08/13 15:47:36, 0] smbd/server.c:main(698)
smbd version 2.2.3a started.
Copyright Andrew Tridgell and the Samba Team 1992-2002
[root at mitchbnj1 samba]# _[K
*** log.smbd
------------------------------------------------
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
More information about the samba
mailing list