[Samba] Computer accounts & Win2K
mdt-tech-mailbox at shaw.ca
mdt-tech-mailbox at shaw.ca
Fri Mar 29 09:21:06 GMT 2002
Hi all,
I've seen a good number of posts over the last while relating to
problems with Win2K clients being unable to authenticate users to a
Samba 2.2.x PDC (user level security with encrypted passwords)
because "the system's computer account in its primary domain is missing
or the password on that account is incorrect". So far I have not run
across any solutions.
It seems that in all cases the computer accounts have been created
*correctly* on the unix machine using first useradd then smbpasswd as
described in the Samba documentation.
Adding the computers to the domain (system properties -> network ID ->
properties) seems to work: the user is prompted for a username and
password with privileges sufficient to change the computer name in the
domain, then is informed that a reboot is required for the changes to
take effect. After reboot, however, the above error message is
displayed when an attempt is made to log a user (any user, including
root) on to the domain. *No* log info is generated by the Samba server.
Since I have seen no responses whatsoever to any of the posts about
this issue, I have two specific questions which might help me to
identify the problem myself:
1. What is meant by the computer's *primary* domain?
2. What *exactly* transpires when (a) one changes the name of a Win2K
client in the domain (ie. adds the *machine* to the domain) and (b)
when a user attempts to logon to a domain from a Win2K machine that has
a valid machine account in the domain?
Thanks in advance for your help!
Mike Traynor.
More information about the samba
mailing list