[Samba] Re: XP Joining domain

Derek Harkness dharknes at umd.umich.edu
Wed Jun 9 16:13:07 GMT 2004

I think I found the problem.  Late yesterday afternoon I discovered 
that useradd on Linux works differently then useradd on Solaris.  I'm 
migration from Samba 2.2 on Sun to Samba 3.0 on Linux.  When useradd on 
Solaris adds a new user it finds the last uid number and increments it. 
  The Linux version just finds the first unused in the password file, 
this became a problem because some of my user information is in the 
local password file and some is in ldap.  So the Linux useradd was 
adding duplication uid numbers.  This was easily corrected, and XP 
started working just fine.

The interesting thing here is that win2k never had a problem.  So I'm 
guessing that XP does a bit more checking when it joins the domain.

Thanks so much for everyone's help!!

On Jun 9, 2004, at 12:00 PM, Sam Barasch wrote:

> Hi Derek.
> What's interesting about these errors is that the Join seems to 
> succeed, but
> that the machine password in the smbpasswd file is not modified.
> We're still using the 2.2.x stream of samba, and I've been meaning to 
> try
> the 3.0.x versions, but haven't gotten around to it yet.  I hope my
> suggestions still apply to the version of samba you're using.
> At first blush, it looks like you're having some permissions problems
> editing the smbpasswd file and creating the machine account passwd for 
> the
> XP machine joining the domain.
> Let me review items you've tried
> 1) Manually creating unix account and adding machine account to 
> smbpasswd
> file with smbpasswd -am xptest$  (your unix passwd entry looked fine)
> 2) The unix root account has an smbpasswd, and you're using that when
> prompted.  (We've never been able to get domain admins to join machines
> (because smbpasswd file is writable by only root)
> 3) It does look like the smbpasswd machine account has been disabled - 
> have
> you tried re-enabling it and rejoining the machine?  Smbpasswd -e 
> xptest$
> Because the smbpasswd file doesn't get modified, I suspect some kind of
> permissions problem.
> When trying to join the domain, have you already connected to the samba
> server using a different set of credentials?  In our version of samba, 
> only
> one set of credentials is allowed - try doing a 'net use /delete *'  
> (or
> something like that) from the PC to be sure you haven't unwittingly 
> opened a
> connection to the samba server before trying to join the domain.
> Good luck--
> Sam Barasch
> Computer Systems Support
> Dept. of Biostatistics
> University of Wisconsin in Madison
>  -----Original Message-----
>>> From: samba-bounces+jgray=bardelanimation.com at lists.samba.org
>>> [mailto:samba-bounces+jgray=bardelanimation.com at lists.samba.org]On
>>> Behalf Of Derek Harkness
>>> Sent: Monday, June 07, 2004 11:20 AM
>>> To: samba at lists.samba.org
>>> Subject: [Samba] XP Joining domain
>>> I'm attempting to join a Samba 3.0.4 domain on a Debian linux box,
>>> with
>>> a Windows XP client.
>>> Problems
>>> 1) Can only get the join to work if I use the root account.  On Win2k
>>> I
>>> can use any account in the Domain Admins group.
>>> 2) The join succeeds, the unix account and the smb account are 
>>> created
>>> but the smb account is disabled, and the password contains all XXXXs.
>>> Joining the domain works fine from Win2k.
>>> I've tried adjusting the Signing entries.  I tried manually creating
>>> the machine accounts, and I get a can't access machine account error
>>> on
>>> login.
>>> Any thoughts?
>>> Thanks!
>>> Derek
>>> "This world is a comedy to those who think and a tragedy to those who
>>> feel."
>> My lack of knowledge is only exceeded by my lack of concern.
>> --Anonymous GE Engineer
"When the people fear the government you have tyranny... when the 
government fears the people you have liberty. "
                               --Thomas Jefferson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040609/99eaf27a/PGP.bin

More information about the samba mailing list