[Samba] joining v2x member to v3x pdc

Bastian.Zacher at aspect-online.de Bastian.Zacher at aspect-online.de
Thu Dec 9 09:17:35 GMT 2004

Hello NG,

I want to add a samba v2.2.12 system as a member server to my domain 
managed by a samba v3.0.3 pdc.

Is this possible? It's not as easy as joining a samba >v3.0.x system. My 
problem is, that I can't update the
system to v3 right now.

The users are all stored in a ldap-directory which I'm able to access onto 
the system using the 'id'-cmd. The system
has also got its ldap-record.

If I want to receive the SID it's the same result as joining the domain 
with -j:

[root at host]# smbpasswd -S DOMAIN
fetch_domain_sid: unable to connect to SMB server on machine MY-PDC. Error 
was : SUCCESS - 0.
Failed to get domain SID for DOMAIN.

Here's the global section of my smb.conf:

        workgroup = DOMAIN
        server string = Member
        os level = 16
        create mask = 0775
        force create mode = 0775
        directory mask = 0775
        force directory mode = 0775

        security = domain
        password server = *

        # ldap settings
        ldap suffix = dc=DOMAIN,dc=DE
        ldap admin dn = cn=manager,dc=DOMAIN,dc=DE
        ldap port = 389
        ldap server =
        ldap ssl = Off
        encrypt passwords = true

If "security = domain" and "encrypt password = true" is set, no user can 
connect to the system (tested with smbclient):

session setup failed: NT_STATUS_LOGON_FAILURE

If these values are unset, only the ldap-users will get this error. The 
local users are able to connect.

I already added this member as a workstation onto the pdc via 
"smbldap-useradd -w member" and ran the smbclient -w <secret>

Where can I find the solution, the online samba-howtos deal only with v3.



More information about the samba mailing list