[Samba] problems joining domain with smbpasswd

Wieprecht, Karen M. Karen.Wieprecht at jhuapl.edu
Fri Sep 6 19:06:00 GMT 2002 

Not sure about the port thing,  but you probably should be using "encrypt
passwords = yes".  Also,  if you have tried this several times without
success,  you may have some extraneous files/settings that you need to clean
out first (we got hung up, and this is how we got straightened out):  

1. Delete ~samba/MACHINE.SID and secrets.tdb if you have any of these
already (be careful deleting secrets.tdb after you put security=domain into
production, but if you are just experimenting with it,  deleting it should
start you out clean).

2. If you already created a machine account for the samba server on the
domain controller,  delete it  and wait for the change to propagate.

3. make sure your samba/winbind daemons are stopped

4. On the domain controller, create the machine account for the samba server
on the domain controller , make sure it propagates and shows up on any BDC.

5. try your  smbpasswd -j domainname -r pdcname  [-UAdministrator%password]
command
(I'm not sure if you will need to use the -U option or not,  I don't think
we used that, probably because we had already created the machine account on
the PDC).

Good Luck,

	Karen Wieprecht

-----Original Message-----
From: Chris Francy [mailto:cfrancy at esd189.org] 
Sent: Friday, September 06, 2002 2:02 PM
To: samba at lists.samba.org
Subject: [Samba] problems joining domain with smbpasswd



Hello,

I am trying to do join my debian 3.0 linux box with samba v2.2.3a to my
windows 2000 domain.  I was trying to follow the directions at
http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.html#AEN401.

I have created the computer account in the active directory.

What I think is weird is that smbpasswd is saying it is trying to connect to
port 445?

The dc I am connecting to has all the FSMO roles for the domain.

The command I am using to join is 
smbpasswd -j esd189 -m -r tahoma -U admin -D 4
---results---
added interface ip=152.157.118.7 bcast=152.157.118.31 nmask=255.255.255.224
Password:
resolve_wins: Attempting wins lookup for name tahoma<0x20>
resolve_wins: WINS server == <164.116.17.238>
bind succeeded on port 0
nmb packet from 164.116.17.238(137) header: id=24772 opcode=Query(0)
response=Yes
    header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
    header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
    answers: nmb_name=TAHOMA<20> rr_type=32 rr_class=1 ttl=0
    answers   0 char `..t..   hex 6000A47411EC
Got a positive name query response from 164.116.17.238 ( 164.116.17.236 )
Connecting to 164.116.17.236 at port 445 failed session setup Error
connecting to tahoma Unable to join domain ESD189.

I can connect with smbclient and smbmount from the same computer to the dc
with out any errors. nuptse:~# smbclient //tahoma/downloads -U admin -d 3
---results---
Initialising global parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]" added interface ip=152.157.118.7
bcast=152.157.118.31 nmask=255.255.255.224 Client started (version 2.2.3a-6
for Debian).
resolve_wins: Attempting wins lookup for name tahoma<0x20>
resolve_wins: WINS server == <164.116.17.238>
bind succeeded on port 0
Got a positive name query response from 164.116.17.238 ( 164.116.17.236 )
Connecting to 164.116.17.236 at port 139
Password:
Domain=[ESD189] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
smb: \>

smb.conf
------
[global]
   workgroup = esd189
   server string = %h server (Samba %v)
   invalid users = root
   max log size = 1000
   syslog = 0
   security = domain
   password server = *   
   encrypt passwords = false
   socket options = TCP_NODELAY
   local master = no
   wins server = 164.116.17.238
   dns proxy = no
   name resolve order = wins lmhosts host bcast
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
   obey pam restrictions = yes
   winbind separator = +
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   template shell = /bin/bash
   template homedir = /home/winbind/%D/%U


Thanks For your time.

Chris Francy
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list