[Samba] Problems with 3.0.4 PDC - Trust Relationship failed
Matthew Koster
MKoster at intldata.ca
Wed Jun 23 18:40:08 GMT 2004
I have just set up Samba 3.0.4 from scratch, I am running Mandrake 10, and
did not install its default 3.0.2a. When I try and jpoin a domain,
everything works right up to the add user portion.
>From the XP machine I am able to complete the following steps
1. Enter windws username and domain information
2. Add the machine name to the domain (it is created on the linux box, and
entered into samba automaticaly)
3. Enter root username and password to join the domain
4. Add The following user - User name & Domain name
5. Here is where it comes up with the error, when I select the type of user,
it tells me "The User could not be added because the following error has
occured: The trust relationship between this workstation and the primary
domain failed"
The name of the machine is registerd with samba as machine$, so the trust
should be there (it is with 3.0.2a)
I disabled SignOrSeal within windows, etc. It works fine with 3.0.2a with
the same smb.conf file, (attached below). I do not know what is going
wrong.
My samba log shows the following each time I try to add the user...
[2004/06/03 14:37:28, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(786)
api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
[2004/06/03 14:37:29, 0] smbd/service.c:make_connection_snum(591)
'/root/tmp' does not exist or is not a direcotry, when connecting to
[IPC$]
Now the Set user info error does not occure each and every time, however the
/root/tmp does, now /root/tmp exists, and I have set it to both default
permissions and world writable, neither works.
My SMB.CONF file
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/06/21 11:37:31
# Global parameters
[global]
log file = /var/log/samba/log.%m
passwd chat timeout = 10
ldap ssl = no
add group script = /usr/sbin/groupadd -r %g
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/bin/gpasswd -a %u %g
logon drive = H:
delete user from group script = /usr/bin/gpasswd -d %u %g
domain master = Yes
encrypt passwords = yes
printer admin = @adm
dns proxy = No
netbios name = TESTSERVER1
server string = Koster PDC Test
printing = cups
logon script = netlogon.bat
default = homes
workgroup = KOSTERTEST
os level = 62
add user script = /usr/sbin/useradd -n -g users -d /dev/null -s
/bin/false -m %u
printcap name = cups
add machine script = /usr/sbin/adduser -n -g machines -c Machine -d
/dev/null -s /bin/false -M %u
delete user script = /usr/sbin/userdel %u
max log size = 50
domain logons = Yes
logon path =
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
print command = lpr-cups -P %p -o raw %s -r # using client side printer
drivers.
browseable = No
[print$]
path = /var/lib/samba/printers
write list = @adm, root
inherit permissions = Yes
guest ok = Yes
[pdf-generator]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
print command = /usr/share/samba/scripts/print-pdf %s ~%u //%L/%u %m %I
"%J" &
[Netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
write list = @admins
browsable = no
[homes]
browseable = no
writeable = yes
Please help... All I want is for the change passwords to work after the MS
Secrity patch (Like I said 3.0.2a works perfect EXCEPT for the password
change, well it works if I remove the security patch, but I want it to work
with the patch installed and for that to happen I need 3.0.4 to work.)
_____________________________________________________________________________
Matthew Koster
Customer Support Technician
International Datacasting Corporation
http://www.intldata.ca
613-596-4120 ext 254
This message, and the documents attached hereto, is intended only for the
addressee and may contain privileged or confidential information. Any
unauthorized disclosure is strictly prohibited. If you have received this
message in error, please notify us immediately so that we may correct our
internal records. Please then delete the original message. Thank you.
More information about the samba
mailing list