[Samba] Machine account found and not found in 3.0.2

Chris Garrigues cwg-dated-1082814955.88f6ec at deepeddy.com
Mon Apr 19 13:55:53 GMT 2004


For the record, the clue was in the Account flags.  The account needs to be a 
machine account, not a user account.  Oops.

Chris


> From:  Chris Garrigues <cwg-dated-1082054818.5ed20a at deepeddy.com>
> Date:  Sat, 10 Apr 2004 13:46:56 -0500
>
> Brad,
> 
> I found your posting of 2/20/2004 with the subject line of 
> "upgraded to 3.0.2 -> funkyness in machine accounts" while investigating a 
> similar problem.
> 
> I upgraded to 3.0.2 last week from 3.0.0.
> 
> I have a system which I just added to the domain successfully.  However, when I 
> attempt to log a domain user onto that machine, I get this error:
> 
> 	The system cannot log you on to this domain because the system's computer 
> 	account in its primary domain is missing or the password on that account is 
> 	incorrect.
> 
> and on the server, i get the same log entries you did:
> 
> [2004/04/10 13:24:22, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
>   init_sam_from_ldap: Entry found for user: carme$
> [2004/04/10 13:24:22, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
> [2004/04/10 13:24:22, 0] rpc_server/srv_netlog_nt.c:get_md4pw(218)
>   get_md4pw: Workstation CARME$: no account in domain
> 
> Have you resolved the problem and if so, how?
> 
> As with you, the machine account is in ldap:
> 
> [root at Jupiter samba3]# pdbedit3 -v carme$
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=TRINSICS))]
> smbldap_open_connection: connection opened
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=TRINSICS))]
> smbldap_open_connection: connection opened
> init_sam_from_ldap: Entry found for user: carme$
> Unix username:        carme$
> NT username:          carme$
> Account Flags:        [U          ]
> User SID:             S-1-5-21-904170827-898255731-2295272421-2040
> Primary Group SID:    S-1-5-21-904170827-898255731-2295272421-513
> Full Name:            Nancy computer
> Home Directory:       \\jupiter\carme_
> HomeDir Drive:        U:
> Logon Script:         login.bat
> Profile Path:         \\jupiter\profiles\carme_
> Domain:               TRINSICS
> Account desc:         
> Workstations:         
> Munged dial:          
> Logon time:           0
> Logoff time:          Mon, 18 Jan 2038 21:14:07 GMT
> Kickoff time:         Mon, 18 Jan 2038 21:14:07 GMT
> Password last set:    0
> Password can change:  0
> Password must change: Mon, 18 Jan 2038 21:14:07 GMT
> 
> If Brad didn't solve this, I hope someone else has a clue for me.


-- 
Chris Garrigues                 http://www.DeepEddy.Com/~cwg/
Trinsic Solutions		http://www.trinsics.com
1611-B West 6th Street
Austin, TX  78703-5074		512-322-0180

	    If you don't apply what you've learned, you haven't 
	       learned anything.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20040419/805da396/attachment.bin


More information about the samba mailing list