[Samba] w2k pro no longer trusted by 2.2.3 pdc
Rasmus Reinholdt Nielsen
rasmus at narani.dk
Wed Aug 14 00:16:00 GMT 2002
Hi
Try this line for useradd script, add user script = /usr/sbin/adduser -n -g
100 -c %m -d /dev/null -s /bin/false %m$
Since you %u add's the username instead of the machinename.
What OS are you using?
Rasmus
At 17:47 13-08-2002 -0400, mitchbnj at excite.com wrote:
>Hi. I am still having problems:
>Quick synopsis:
>NT workstation cannot have machine acccount successfully trusted by PDC.
>
> ---------Here's my problem------(LONG)------------------
>
>I have several W2k Workstations, with a SAMBA 2.2.3 PDC.
>I screwed up something, and removed all of the important parts of the
>server validation.
> Here's the story: OUTLAND is domain, W2k/ clients are milo and lola
>They WERE working fine on the domain. I did SOMETHING (??) and now I get
>a message that says
>** Error Message 1**
> (when I try and log on: The system cannot log you on to this domain
> because the system computer account in its primary domain is missing or
> the password on that account is incorrect.
>
>++Step 1++: I tried to delete the machine accounts (milo$ and lola$) using
>userdel and smbpasswd -x to eliminate all traces.
>++Step 2++: Tried to change out of domain, changed machine name, log in:
>still no good, same messages.
>++Step 3++: Tried the same thing, but this time also deleted the
>secrets.tdb file, and the MACHINE file. Then did a smbpasswd to add the
>root account again. STILL same problem.
>++Step 4++: Then changed the machine name and (domain) out of the outland
>domain. So I changed the name of the client to stevedallas, and the
>workgroup to temp. That change worked ok. After this, I logged in, ok
>(as admin), and was then able to change back to the outland domain.
>
>++Step 5++: Next logged in as workstation/administator and I added new
>user/browse and it did see the outland domain. Then, clicked my outland
>domain name, and next and
>next error message was
>** Error Message ** : The user could not be added because the following
>error has occurred. The trust relationship between this workstation and
>the primary domain failed.
>
>SO I am stuck without getting any user logins (at least I can login
>as admin. please point me in the right direction??? thanks
>
>Step 6: REINSTALLED WIN2k.. SAME results.
>
>Step 7: Posted the SMB.conf, as well as the machine logs and rejects to
>List.
>GOT No responses whatsoever.
>
>Step 8: I am desperate.. I tried the following:
>Stopped all clients, and server.
>
>Removed SMB.conf and brought it to almost clean state.
>THEN removed smbpasswd , secrets,tdb as well as the MACHINE file
>
>Then started up.
>
>Same series of messages.
>
>NOTE: I deleted all comments from here for brevity (ha...)
>
>===== NEW (still failing ) SMB.conf file =====
>#Mitch SMB.conf 8/13/02
>[global]
>workgroup = OUTLAND
>netbios name = OUTLANDSVR
>server string = Samba Server %v %U
>
>log file = /var/log/samba/log.%m
>
>max log size = 50
>
>hosts allow = 192.168.10.0
>hosts deny = 68.0.0.0
>
>security = user
>encrypt passwords = yes
>smb passwd file = /etc/samba/smbpasswd
>
>unix password sync = Yes
>passwd program = /usr/bin/passwd %u
>passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
>*passwd:*all*authentication*tokens*updated*successfully*
>
>socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
>local master = yes
>os level = 66
>domain master = yes
>preferred master = yes
>domain logons = yes
>
>logon script = %m.bat
>logon script = welcome.bat
>
>logon path = \\%L\Profiles\%U
>
>; logon home = \\%L\%U\.profile
>
>add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine
>Account' -s /bin/false -M %u
>domain admin group = root @wheel @admins mbruntel
>
>name resolve order = wins lmhosts bcast
>
>wins support = yes
>
>dns proxy = yes
>
>
>#=======Share Definitions ============
>[homes]
>comment = Home Directories
>browseable = no
>writable = yes
>
>[netlogon]
>comment = Network Logon Service
>path = /var/lib/samba/netlogon
>read list = @family
>write list = mbruntel ntadmin @admins @family
>force group = @family
>guest ok = yes
>writable = no
>
>
>[Profiles]
>comment = samba roaming profiles here
>path = /var/lib/samba/profiles
>browseable = yes
>guest ok = yes
>
>[mbruntel]
>comment = Mitch's Home Stuff
>path = /home/mbruntel/dosroot/realroot
>valid users = mbruntel
>writable = yes
>max connections = 8
>browseable = yes
>
>[cbruntel]
>comment = Cheryl's Home Stuff
>path = /home/cbruntel/dosroot/realroot
>valid users = cbruntel mbruntel
>writable = yes
>max connections = 8
>
>[software]
>comment = SW shared directory
>path = /software
>valid users = cbruntel mbruntel @family zbruntel moogirl
>writable = yes
>
>[bigfiles]
>comment = Files directory
>path = /files
>valid users = cbruntel mbruntel @family zbruntel moogirl
>writable = yes
>force group = @family
>guest ok = Yes
>read only = No
>
>[files]
>comment = Files directory
>path = /files
>valid users = cbruntel mbruntel @family zbruntel moogirl
>writable = yes
>force group = @family
>guest ok = Yes
>read only = No
>inherit permissions = Yes
>
>[mail]
>comment = Mail Home directory
>path = /var/spool/mail
>valid users = cbruntel mbruntel
>admin users = cbruntel mbruntel
>sync always = Yes
>strict sync = Yes
>writable = Yes
>force group = @family
>guest ok = Yes
>read only = No
>inherit permissions = Yes
>
>=== End of (still failing ) SMB.conf file ===
>
>===Start machine log : Stevedallas:
> (before changing to domain outland)===
>
>[2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
> get_md4pw: Workstation stevedallas$: no account in domain
>[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248)
> stevedallas (192.168.10.184) couldn't find service bigfiles
>[2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[root at mitchbnj1 samba]#
>===ENDmachine log : Stevedallas:
> (before changing to domain outland)===
>
>
>===Start machine log : lola:
> (after changing to domain outland)===
>
>[2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
> get_md4pw: Workstation stevedallas$: no account in domain
>[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248)
> stevedallas (192.168.10.184) couldn't find service bigfiles
>[2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>[2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381)
> mbruntel logged in as admin user (root privileges)
>
>
>***Start NMBD file ***
>
>This is Mitch's NMBD file:
>
> Netbios nameserver version 2.2.3a started.
> Copyright Andrew Tridgell and the Samba Team 1994-2002
>[2002/08/13 15:47:37, 0] nmbd/asyncdns.c:start_async_dns(148)
> started asyncdns process 1381
>[2002/08/13 15:47:37, 0] libsmb/namequery.c:getlmhostsent(514)
> getlmhostsent: too many columns in lmhosts file (obsolete syntax)
>[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156)
> add_domain_logon_names:
> Attempting to become logon server for workgroup OUTLAND on subnet
> 192.168.10.187
>[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156)
> add_domain_logon_names:
> Attempting to become logon server for workgroup OUTLAND on subnet
> UNICAST_SUBNET
>[2002/08/13 15:47:37, 0]
>nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(339)
> become_domain_master_browser_wins:
> Attempting to become domain master browser on workgroup OUTLAND, subnet
> UNICAST_SUBNET.
>[2002/08/13 15:47:37, 0]
>nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(352)
> become_domain_master_browser_wins: querying WINS server at IP
> 192.168.10.187 for domain master browser name OUTLAND on workgroup OUTLAND
>[2002/08/13 15:47:37, 0]
>nmbd/nmbd_logonnames.c:become_logon_server_success(114)
> become_logon_server_success: Samba is now a logon server for workgroup
> OUTLAND on subnet UNICAST_SUBNET
>[2002/08/13 15:47:37, 0]
>nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115)
> *****
>
> Samba server OUTLANDSVR is now a domain master browser for workgroup
> OUTLAND on subnet UNICAST_SUBNET
>
> *****
>[2002/08/13 15:47:37, 0]
>nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291)
> become_domain_master_browser_bcast:
> Attempting to become domain master browser on workgroup OUTLAND on
> subnet 192.168.10.187
>[2002/08/13 15:47:37, 0]
>nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(304)
> become_domain_master_browser_bcast: querying subnet 192.168.10.187 for
> domain master browser on workgroup OUTLAND
>[2002/08/13 15:47:41, 0]
>nmbd/nmbd_logonnames.c:become_logon_server_success(114)
> become_logon_server_success: Samba is now a logon server for workgroup
> OUTLAND on subnet 192.168.10.187
>[2002/08/13 15:47:41, 0]
>nmbd/nmbd_responserecordsdb.c:find_response_record(236)
> find_response_record: response packet id 23895 received with no
> matching record.
>[2002/08/13 15:47:41, 0]
>nmbd/nmbd_responserecordsdb.c:find_response_record(236)
> find_response_record: response packet id 23896 received with no
> matching record.
>[2002/08/13 15:47:45, 0]
>nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115)
> *****
>
> Samba server OUTLANDSVR is now a domain master browser for workgroup
> OUTLAND on subnet 192.168.10.187
>
> *****
>[2002/08/13 15:48:00, 0]
>nmbd/nmbd_become_lmb.c:become_local_master_stage2(404)
> *****
>
> Samba name server OUTLANDSVR is now a local master browser for
> workgroup OUTLAND on subnet 192.168.10.187
>
> ***** ***END of NMBD file ***
>
>*** log.smbd
>
>[2002/08/13 15:07:23.870957, 3, effective(0, 0), real(0, 0)]
>smbd/server.c:exit_server(492)
> Server exit (caught signal)
>[2002/08/13 15:47:36, 0] smbd/server.c:main(698)
> smbd version 2.2.3a started.
> Copyright Andrew Tridgell and the Samba Team 1992-2002
>[root at mitchbnj1 samba]# _[K
>
>*** log.smbd
>
>
>
>------------------------------------------------
>Join Excite! - http://www.excite.com
>The most personalized portal on the Web!
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list