[Samba] add domain user in local group: trust relationship error
Alex Deiter
tiamat at komi.mts.ru
Sat Oct 4 07:01:28 GMT 2003
I manage DC samba CVS 3.0.1pre1 on FreeBSD 5.1 (i386) and cannot add domain
user in local group on win2k pro:
I joined into my domain win2k worksation, login to as domain admin, run
Control Panel -> Users and passwords -> add ->browse,
select any user from domain users, select local group Administrators, and
get error:
The trust relationship between this workstation and the primary domain
failed.
# testparm
Load smb config files from /usr/local/etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[all]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
# Global parameters
[global]
dos charset = 866
unix charset = KOI8-R
display charset = KOI8-R
workgroup = KOMI
passdb backend = ldapsam, guest
guest account = guest
log level = 1 passdb:5
log file = /var/log/samba/%m.log
max log size = 50000
name resolve order = wins host bcast
time server = Yes
logon path =
logon home =
domain logons = Yes
os level = 133
enhanced browsing = No
wins server = x.x.x.x
ldap suffix = dc=komi,dc=mts,dc=ru
ldap machine suffix = ou=Computers,dc=komi,dc=mts,dc=ru
ldap user suffix = ou=People,dc=komi,dc=mts,dc=ru
ldap group suffix = ou=Group,dc=komi,dc=mts,dc=ru
ldap idmap suffix = dc=komi,dc=mts,dc=ru
ldap admin dn = cn=ldapmanager,dc=komi,dc=mts,dc=ru
ldap ssl = no
admin users = @admins
printer admin = @admins
use sendfile = Yes
samba logs (log level = 1 passdb:5):
[2003/10/04 10:47:36, 5]
passdb/secrets.c:secrets_fetch_trusted_domain_password(299)
secrets_fetch failed!
[2003/10/04 10:47:36, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: guest
[2003/10/04 10:47:36, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1615)
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=2514))]
[2003/10/04 10:47:36, 2] passdb/pdb_ldap.c:init_group_from_ldap(1659)
init_group_from_ldap: Entry found for group: 2514
[2003/10/04 10:47:36, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: pc-x$
[2003/10/04 10:47:59, 5] passdb/secrets.c:secrets_get_trusted_domains(595)
secrets_get_trusted_domains: looking for 10 domains, starting at index 0
[2003/10/04 10:47:59, 5] passdb/secrets.c:secrets_get_trusted_domains(675)
secrets_get_trusted_domains: got 0 domains
[2003/10/04 10:47:59, 5]
passdb/secrets.c:secrets_fetch_trusted_domain_password(299)
secrets_fetch failed!
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: tiamat
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1615)
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=2513))]
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:init_group_from_ldap(1659)
init_group_from_ldap: Entry found for group: 2513
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1615)
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=2512))]
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:init_group_from_ldap(1659)
init_group_from_ldap: Entry found for group: 2512
[2003/10/04 10:47:59, 0] smbd/service.c:set_admin_user(321)
tiamat logged in as admin user (root privileges)
[2003/10/04 10:47:59, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1036)
ldapsam_getsampwnam: Unable to locate user [root] count=0
[2003/10/04 10:47:59, 4] passdb/passdb.c:local_uid_to_sid(1112)
local_uid_to_sid: User root [uid == 0] has no samba account
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:ldapsam_setsampwent(966)
ldapsam_setsampwent: 211 entries in the base!
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: evgenii
[2003/10/04 10:47:59, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: tiamat
...
skip ~200 users
...
init_sam_from_ldap: Entry found for user: svn
[2003/10/04 10:48:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: nb-dav$
[2003/10/04 10:48:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: guest
[2003/10/04 10:48:00, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
init_sam_from_ldap: Entry found for user: pc-x$
what to do ?
Thanks!
More information about the samba
mailing list