[Samba] Method to verify existance of trust account?

Gerald Carter jerry at samba.org
Wed Jun 19 07:02:02 GMT 2002

On Mon, 17 Jun 2002, Michael Sloan wrote:

> I'm still fighting with getting a Samba server (RH Linux 7.2, kernel
> 2.4.9-21, samba 2.2.4) to join an NT domain (NT 4.0, SP6). Everything I've
> read in the documentation indicates that this works well and readily, but I
> cannot get it to work.
> The error message received when attempting to join a domain is:
> ./smbpasswd -j TESTDOMAIN -r SMBTEST
> cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
> cli_nt_setup_creds: auth2 challenge failed
> modify_trust_password: unable to setup the PDC credentials to machine
> 2002/06/17 10:54:21 : change_trust_account_password: Failed to change
> password
> for domain TESTDOMAIN.
> Unable to join domain TESTDOMAIN.

Is SMBTEST the PDC for TESTDOMAIN?  Did you manually create the
trust account in Server Manager on the PDC ?  if not you 
will need to the -U optiont o smbpasswd (see man page for details).

> This creates a /etc/samba/secrets.tdb file, but 'wbinfo -t' reports: 'Secret
> is bad'. The samba server has been added to the NT server using Server
> Manager. The PDC is the only server in this domain, and was set up
> exclusively for getting the quirks worked out with attempting to add the
> server to our production NT domain.
> I have the following in the [Global] section of my smb.conf file:
>   workgroup = testdomain
>   encrypt passwords = yes
>   security = server

Don't you mean "security = domain" ?

cheers, jerry
 Hewlett-Packard                                     http://www.hp.com
 SAMBA Team                                       http://www.samba.org
 --                                            http://www.plainjoe.org
 "Sam's Teach Yourself Samba in 24 Hours" 2ed.      ISBN 0-672-32269-2
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

More information about the samba mailing list