[Samba] Re: Samba 3.0.3 on FC2: windows machine cannot join domain

Igor Belyi sambauser at katehok.ac93.org
Sat Sep 25 01:24:41 GMT 2004


Tony Fugere wrote:
 > I have worked on this for the about six months trying to figure out 
why a machine could not join the domain. The problem is solved, but 
without a solid resolution. I want to understand why my system is 
working all of the sudden.

The funny thing is that just today we've resolved similar problem and 
the source of the problem was nscd - this little caching deamon. It 
appears that this guy caches both positive and negative responses and if 
it previously found out that there's no 'machine$' user in LDAP it won't 
ask for it again.

The story goes like this: Samba looks for 'machine$' user and can not 
find it (nscd gets that cached). It asks "add machine script" (IDEALX 
script) to create the account. Then, Samba uses NSS call (like 'getent 
passwd machine$') to retrieve user's uid and sees that there's no such 
account (nscd remembers the result). For Samba it means only one thing - 
the script failed to create the account and it returns 'Access denied'. 
Restarting nscd helps to find user through NSS call and machine can 
normally join the domain. But, next time a new machine attempts to join 
the domain - you'll have the same problem.

So, my guess is - changing from "%u" to "%m" has nothing to do with your 
problem.

Igor



More information about the samba mailing list