PLEASE!!! FW: [Samba] Joining XP Pro Client to Samba Domain- Was working, not anymore

Con Harte sysadmin at gfm.co.uk
Thu Jun 27 04:50:06 GMT 2002 

Hi,

I'm assuming you're using the smbpasswd file for authentication,
based on what I see in your conf file.  Let me know if that's not
the case...

Just an idea, but can you check if the force user and force group
is setting the user as soon as the client attempts the connection,
ie. before authentication.

Assuming the Sign or Seal registry edit has been done, then the best
course of action (AFAIK) is to
1) set the machine as a member of a different _workgroup_,
2) remove the machinename$ from the smbpasswd file,
3) remove the machinename$ from the /etc/passwd file,
4) manually create the machinename$ entry in /etc/passwd file,
5) manually allow the machine to join domain by smbpasswd -a -m machinename,
6) ensure you have an entry for user root in smbpasswd,*
7) Try to move the machine from workgroup to domain, using root
    and root's smbpasswd password.
*If you do not normally have this then put it in temporarily. Use of a
password different from the machine's normal root account is _strongly_
advised. You can avoid this but if you're having problems this is the best
way to avoid more whilst sorting it out.

It's a lot of manual fiddling, but I have found this back to basics approach
work for a lot of problems.  It's all obvious stuff but it's easy to overlook
something.

As for changing the machine's ID, do you mean it's Security Identifier, etc.?
I would _really try_ to avoid tampering with those.  There are always better
alternatives.

Regards,
Con.


At 05:22 27/06/02, you wrote:
>Anyone please!!!
>
>-----Original Message-----
>From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org] On 
>Behalf Of Timothy Kersten
>Sent: Wednesday, 26 June 2002 1:12 PM
>To: samba at lists.samba.org
>Subject: [Samba] Joining XP Pro Client to Samba Domain- Was working, not 
>anymore
>
>I have searched for 2 days on the net and can't find an answer.  I am 
>trying to joing a winXP machine to a domain. I have previously done this 
>but since a samba upgrade and perhaps other upgrades to the system (Kernel 
>upgrade?) it no longer works. Previously the auto script creation process 
>successfully created the machine trust account, but not anymore. I tried 
>creating the trust account manually and even if I try to change a 
>machine's ID to an ID that was successfully created when it was working, 
>but it still gives the same error. I get the result "access denied" after 
>entering the username, and there is nothing helpful in the machine 
>specific log's. I think the most helpful messages are in messages which say:
>
>
>Jun 26 12:43:32 server smbd[2027]: [2002/06/26 12:43:32, 0] 
>passdb/pdb_smbpasswd.c:pdb_getsampwrid(1416)
>Jun 26 12:43:32 server smbd[2027]:   unable to open passdb database.
>
>
>I have/am:
>
>*Installed all available registry patches recommended for XP.
>*Using root as the user for an account with permissions to join the domain.
>*Using samba 2.2.4
>*Redhat 7.2  2.4.9-34
>
>
>Can you please help me!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>
>
>
>
>smb.conf details:
>
>[global]
>         workgroup = RHWOLLONGONG
>         netbios name = RHSERVER
>         server string = Samba Server (FILE SERVER)
>         interfaces = eth1 ppp+
>         encrypt passwords = Yes
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* 
> %n\n *passwd:*all*authentication*tokens*updated*successfully*
>         unix password sync = Yes
>         log file = /var/log/samba/log.%m
>         max log size = 50
>         time server = Yes
>         socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
>         domain admin group = @adm
>         add user script = /usr/sbin/useradd -d /dev/null -g 100 -s 
> /bin/false -M %u
>         logon script = logon.bat
>         domain logons = Yes
>         os level = 255
>         preferred master = True
>         domain master = True
>         dns proxy = No
>         wins proxy = Yes
>         wins support = Yes
>         printer admin = @staff
>         force user = samba
>         force group = samba
>         read only = No
>         create mask = 0770
>         directory mask = 0770
>         min print space = 20000
>         printing = lprng
>         print command = /usr/bin/lpr -b -h -r -P%p %s
>         debug level = 10
>
>
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba mailing list