[Samba] NT_STATUS_NO_TRUST_SAM_ACCOUNT - but it exists!
Zoltan Zolcer
zoltan at zolcer.ch
Mon May 19 23:41:41 GMT 2003
Dear All,
What can I do if my Windows PDC won't recognize the machine account it
has just created for my samba server? I made sure I followed all
instructions in the DOMAIN-SECURITY HOWTO:
# smbpasswd -j DOM -r DOMPDC1 -Uadministrator%password
Joined domain DOM.
#
And smb.conf containing the following:
[global]
security = domain
domain logons = yes
workgroup = DOM
password server = DOMPDC1
But here's what I get when I try to access the samba shares:
(client.log:)
[2003/05/20 01:14:11, 2] libsmb/namequery.c:name_query(421)
Got a positive name query response from 10.0.0.2 ( 10.0.0.2 )
[2003/05/20 01:14:12, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
[2003/05/20 01:14:12, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72)
cli_nt_setup_creds: auth2 challenge failed
[2003/05/20 01:14:12, 0]
smbd/password.c:connect_to_domain_password_server(1367)
connect_to_domain_password_server: unable to setup the PDC credentials
to machine DOMPDC1. Error was : NT_STATUS_OK.
[2003/05/20 01:14:12, 0] smbd/password.c:domain_client_validate(1599)
domain_client_validate: Domain password server not available.
[2003/05/20 01:14:12, 2] smbd/password.c:pass_check_smb(575)
pass_check_smb failed - invalid password for user [zoltan]
[2003/05/20 01:14:12, 2] smbd/reply.c:reply_sesssetup_and_X(975)
NT Password did not match for user 'zoltan'!
(log.nmbd:)
[2003/05/20 00:02:02, 0] nmbd/nmbd_logonnames.c:add_logon_names(165)
add_domain_logon_names:
Attempting to become logon server for workgroup DOM on subnet 10.0.0.3
[2003/05/20 00:02:02, 2] nmbd/nmbd_logonnames.c:become_logon_server(136)
become_logon_server: Atempting to become logon server for workgroup
DOM on subnet 10.0.0.3
[2003/05/20 00:02:06, 0]
nmbd/nmbd_logonnames.c:become_logon_server_success(124)
become_logon_server_success: Samba is now a logon server for workgroup
DOM on subnet 10.0.0.3
[2003/05/20 00:02:06, 0]
nmbd/nmbd_responserecordsdb.c:find_response_record(235)
find_response_record: response packet id 21063 received with no
matching record.
[2003/05/20 00:02:06, 0]
nmbd/nmbd_responserecordsdb.c:find_response_record(235)
find_response_record: response packet id 21064 received with no
matching record.
Strange ... I can see the samba server's SAM account using the Active
Directory MMC snap-in, but Windows seems to deny it exists. Could
anybody please shed some light on this?
I'm running 2.2.7a on Red Hat 9 and Windows 2000 Server SP3, mixed-mode,
German.
Many thanks in advance,
Zoltan
More information about the samba
mailing list