[Samba] Samba as domain member - cannot fetch trust account password

mearl at 1earth.net mearl at 1earth.net
Mon Nov 24 00:12:18 GMT 2003


I had a machine account created in the NT domain and successfully joined the 
domain by running "net join MEMBER -S <PDC>". The timestamp of the secrets.tdb 
changed. I got the "Joined domain MYDOMAIN" response. I think there may have 
been some conversion to active directory but still running NT domains.

When I attempt to run from Solaris "./smbclient //myhost/tmp" or from Windows 
2000 "net view \\myhost" I get an error "NT_STATUS_LOGON_FAILURE" and the debug 
indicates:

[2003/11/24 10:08:19, 0] smbd/password.c:(1558)
  domain_client_validate: could not fetch trust account password for domain 
MYDOMAIN

When I add myself to "smbpasswd" both commands are successful but of course the 
debug still indicates a problem with the shared secret.

I previously saw this exact same behaviour and thought it may have been a 
problem in joining the domain as I had an old PDC in my smb.conf when I joined 
the domain. So I asked for the machine account to be deleted and re-created. I 
upgraded from 2.2.8a to 3.0.0 too just in case. 

I can find nothing in the documentation to explain what has happened here and 
I've checked and double-checked my configuration. I would really appreciate if 
someone could give me a clue as to what conditions could cause this behaviour.






More information about the samba mailing list