[Samba] security=domain problem: "could not fetch trust account password for domain"

Andrew Bartlett abartlet at samba.org
Sun Oct 26 04:44:38 GMT 2003


On Fri, 2003-10-24 at 03:41, Reedick, Andrew wrote:
> When configuring a SunOS 5.9 box running Samba 2.2.8a with security=domain,
> as per
> http://us2.samba.org/samba/docs/using_samba/ch04.html#samba2-CHP-4-SECT-7 I
> get the following error "could not fetch trust account password for domain"
> when trying to connect to a share via 'net use * \\server\share
> /user:domain\username'
> 
> However, 'security=user' works correctly.  'security=domain' will fall back
> onto the user's smbpasswd successfully.  I'm configuring the box to be a
> domain member, not a PDC.  We do not have WINS setup on the box.
> 
> 
> A sample error log entry is:
> [2003/10/23 12:22:07, 0] smbd/password.c:domain_client_validate(1558)
>   domain_client_validate: could not fetch trust account password for domain
> TESTINSTALL.COM

Have you joined the domain with 'smbpasswd -j -r PDC -Uadministrator'?

This message indicates that the shared secret between your server and
the DC cannot be found in the secrets.tdb.   Joining the domain (as
indicated in the docs) sets up this secret.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031026/d2490218/attachment.bin


More information about the samba mailing list