PLEASE!!! FW: [Samba] Joining XP Pro Client to Samba Domain- Was working, not anymore

Timothy Kersten tim at
Thu Jun 27 18:13:02 GMT 2002

Thankyou greatly for your message. As I knew it had worked automatically
before and tried manually creating the entries myself, I knew something
else must have been wrong. It was:
force user = 
force group =
in the smb.conf. This was creating all the headaches. I thought I would
save adding individual force user and group directives to each share by
putting them globally but that is obviously not the way. Thank you so
much!!! You really saved me.
As for the machine ID. What I meant was the "computer name" part of XP's
Thanks again.
-----Original Message-----
From: samba-admin at [mailto:samba-admin at]
On Behalf Of Con Harte
Sent: Thursday, 27 June 2002 9:49 PM
To: Timothy Kersten; samba at
Subject: Re: PLEASE!!! FW: [Samba] Joining XP Pro Client to Samba
Domain- Was working, not anymore


I'm assuming you're using the smbpasswd file for authentication,
based on what I see in your conf file.  Let me know if that's not
the case...

Just an idea, but can you check if the force user and force group
is setting the user as soon as the client attempts the connection,
ie. before authentication.

Assuming the Sign or Seal registry edit has been done, then the best
course of action (AFAIK) is to
1) set the machine as a member of a different _workgroup_,
2) remove the machinename$ from the smbpasswd file,
3) remove the machinename$ from the /etc/passwd file,
4) manually create the machinename$ entry in /etc/passwd file,
5) manually allow the machine to join domain by smbpasswd -a -m
6) ensure you have an entry for user root in smbpasswd,*
7) Try to move the machine from workgroup to domain, using root
   and root's smbpasswd password.
*If you do not normally have this then put it in temporarily. Use of a
password different from the machine's normal root account is _strongly_
advised. You can avoid this but if you're having problems this is the
way to avoid more whilst sorting it out.

It's a lot of manual fiddling, but I have found this back to basics
work for a lot of problems.  It's all obvious stuff but it's easy to

As for changing the machine's ID, do you mean it's Security Identifier,
I would _really try_ to avoid tampering with those.  There are always


At 05:22 27/06/02, you wrote:

Anyone please!!!
-----Original Message-----
From: samba-admin at [mailto:samba-admin at]
On Behalf Of Timothy Kersten
Sent: Wednesday, 26 June 2002 1:12 PM
To: samba at
Subject: [Samba] Joining XP Pro Client to Samba Domain- Was working, not

I have searched for 2 days on the net and can't find an answer.  I am
trying to joing a winXP machine to a domain. I have previously done this
but since a samba upgrade and perhaps other upgrades to the system
(Kernel upgrade?) it no longer works. Previously the auto script
creation process successfully created the machine trust account, but not
anymore. I tried creating the trust account manually and even if I try
to change a machine's ID to an ID that was successfully created when it
was working, but it still gives the same error. I get the result "access
denied" after entering the username, and there is nothing helpful in the
machine specific log's. I think the most helpful messages are in
messages which say:
Jun 26 12:43:32 server smbd[2027]: [2002/06/26 12:43:32, 0]
Jun 26 12:43:32 server smbd[2027]:   unable to open passdb database. 
I have/am: 
*Installed all available registry patches recommended for XP.
*Using root as the user for an account with permissions to join the
*Using samba 2.2.4   
*Redhat 7.2  2.4.9-34
Can you please help me!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
smb.conf details:
        workgroup = RHWOLLONGONG
        netbios name = RHSERVER
        server string = Samba Server (FILE SERVER)
        interfaces = eth1 ppp+
        encrypt passwords = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
        unix password sync = Yes
        log file = /var/log/samba/log.%m
        max log size = 50
        time server = Yes
        socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
        domain admin group = @adm
        add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u
        logon script = logon.bat
        domain logons = Yes
        os level = 255
        preferred master = True
        domain master = True
        dns proxy = No
        wins proxy = Yes
        wins support = Yes
        printer admin = @staff
        force user = samba
        force group = samba
        read only = No
        create mask = 0770
        directory mask = 0770
        min print space = 20000
        printing = lprng
        print command = /usr/bin/lpr -b -h -r -P%p %s
        debug level = 10

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba mailing list