[Samba] Unable to join samba server to a NT4 style domain

Fri Apr 15 17:11:57 GMT 2005

Ash,

 One more thing to try...
according to http://www.spinics.net/lists/samba/msg20429.html
(Re: RE: Microsoft hotfix MS04-011, breaks Samba password change.)

The samba 3 command "net rpc oldjoin" works in the same way as 
smbpasswd -j <dom> -r <pdc> in samba 2 did. You don't have to type
the root password

You might have to add the Samba box to the Domain again,
in order to get this to work...

You WILL prevail (eventually)!
Jim

> -----Original Message-----
> From: Ashutosh Kamdar [mailto:akamdar at gnsi.com]
> Sent: Friday, April 15, 2005 9:05 AM
> To: Van Sickler, Jim; 'Ashutosh Kamdar'; samba at lists.samba.org
> Subject: Re: [Samba] Unable to join samba server to a NT4 style domain
> 
> 
> Jim,
> 
> I tried removing the domain machine account for the Samba 
> server from the PDC and made sure that the smbd, nmbd daemons 
> were down before I execute the net rpc join commands.
> 
> The result was the same as before, it wasnt able to join the 
> domain and gave the message: Unable to join domain 
> <domain-name>. The --long option does not seem to give me any 
> additional information on the screen. Would it post any 
> information in logs anywhere else?
> 
> Any thoughts?
> 
> Regards,
> 
> Ash
> 
> 
> 
> ------Original Message-----
> -From: Van Sickler, Jim [mailto:vansickj-eodc at kaman.com]
> -Sent: Thursday, April 14, 2005 09:42 PM
> -To: ''Ashutosh Kamdar'', samba at lists.samba.org
> -Subject: RE: [Samba] Unable to join samba server to a NT4 
> style domain
> -
> -Ash,
> -
> -net help rpc shows the following for the --long option:
> -
> --l or --long                    Display full information
> -
> -In what I've found from googling and
> -the Samba-Guide (thanks, John!),
> -it looks like net rpc join will create the
> -Domain machine account when you run it;  if
> -MYSERVER already exists, you'll be prevented
> -from creating a duplicate entry.
> -
> -Try deleting MYSERVER from the Domain.
> -
> -then run your original command...
> -
> -./net rpc join -U administrator%'xxxxxxxx'
> -
> -or ./net rpc join -S NT4SERVER -U administrator%'xxxxxxxx'
> -
> -and see what happens.
> -
> -If this works, it reinforces this comment from my earlier link:
> -
> -This process joins the server to the domain
> -without having to create the machine trust
> -account on the PDC beforehand.
> -
> -and is a change from Samba 2.x, which required
> -the creation of the machine trust account
> -on the PDC before running "smbpasswd -j DOM -r DOMPDC".
> -
> -John:  if this is true, can Chap 7 be amended to
> -reflect the change?
> -
> -Jim
> -
> -> -----Original Message-----
> -> From: Ashutosh Kamdar [mailto:akamdar at gnsi.com]
> -> Sent: Thursday, April 14, 2005 2:25 PM
> -> To: Van Sickler, Jim; 'Ashutosh Kamdar'; samba at lists.samba.org
> -> Subject: Re: [Samba] Unable to join samba server to a NT4 
> style domain
> ->
> ->
> -> Jim,
> ->
> -> I have Samba shut down while executing the net rpc join
> -> commands, as the HOW-TO says.
> ->
> -> On trying the following,
> ->
> -> # ./net rpc join -S NTSERVER
> -> Password:
> ->
> -> This is the response I get,
> ->
> -> Could not connect to server NTSERVER
> -> The username or password was not correct.
> ->
> -> The password used was that of the administrator authorized to
> -> add machines to the domain. Is there any other
> -> username/password I should be using?
> ->
> -> On trying this,
> ->
> -> net join -S NT4SERVER -U administrator%'xxxxxxxx' -W
> -> MYWORKGROUP --long
> ->
> -> This is the response I get,
> ->
> -> Unable to join domain <domain-name>.
> ->
> -> BTW, what does the switch --long do?
> ->
> -> I have followed the exact steps in the document you have
> -> pointed out and the HOW-TOs. Thanks for pointing that out
> -> this particular chapter.
> ->
> -> Regards,
> ->
> -> Ash
> ->
> -> ------Original Message-----
> -> -From: Van Sickler, Jim [mailto:vansickj-eodc at kaman.com]
> -> -Sent: Thursday, April 14, 2005 08:30 PM
> -> -To: ''Ashutosh Kamdar'', samba at lists.samba.org
> -> -Subject: RE: [Samba] Unable to join samba server to a NT4
> -> style domain
> -> -
> -> -Ash,
> -> -
> -> -Do you have Samba shut down while you're
> -> -running net rpc join?  The daemons
> -> -shouldn't be running, AFAIK.
> -> -
> -> -Make sure they're down, and try your earlier
> -> -net rpc join commands...
> -> -
> -> -If that doesn't work, try just:
> -> -       net rpc join -S NT4SERVER
> -> -
> -> -Maybe try deleting MYSERVER from the domain,
> -> -then
> -> -net join -S NT4SERVER -U administrator%'xxxxxxxx' -W
> -> MYWORKGROUP --long
> -> -
> -> -See
> -> -http://aosda.net/docs/samba/3.0/Samba-HOWTO-Collection/domain
> -> -member.html#id
> -> -2522086
> -> -
> -> -
> -> -Jim
> -> -
> -> -
> -> -> -----Original Message-----
> -> -> From: Ashutosh Kamdar [mailto:akamdar at gnsi.com]
> -> -> Sent: Thursday, April 14, 2005 12:50 PM
> -> -> To: Van Sickler, Jim; 'Ashutosh Kamdar'; samba at lists.samba.org
> -> -> Subject: Re: [Samba] Unable to join samba server to a NT4
> -> style domain
> -> ->
> -> ->
> -> -> Jim,
> -> ->
> -> -> Yes, the NTSERVER is a PDC. Do you know of a way to see any
> -> -> kind of logs on the net join rpc command?
> -> ->
> -> -> -Ash
> -> ->
> -> -> ------Original Message-----
> -> -> -From: Van Sickler, Jim [mailto:vansickj-eodc at kaman.com]
> -> -> -Sent: Thursday, April 14, 2005 07:40 PM
> -> -> -To: ''Ashutosh Kamdar'', samba at lists.samba.org
> -> -> -Subject: RE: [Samba] Unable to join samba server to a NT4
> -> -> style domain
> -> -> -
> -> -> -Ash,
> -> -> -
> -> -> -Is NT4SERVER the PDC?
> -> -> -If not, use -S PDC instead of -S NT4SERVER
> -> -> -
> -> -> -Jim
> -> -> -
> -> -> -> -----Original Message-----
> -> -> -> From: Ashutosh Kamdar [mailto:akamdar at gnsi.com]
> -> -> -> Sent: Thursday, April 14, 2005 12:24 PM
> -> -> -> To: Van Sickler, Jim; 'Ashutosh Kamdar'; 
> samba at lists.samba.org
> -> -> -> Subject: Re: [Samba] Unable to join samba server to a NT4
> -> -> style domain
> -> -> ->
> -> -> ->
> -> -> -> Jim,
> -> -> ->
> -> -> -> For all of the four commands you have mentioned, I get the
> -> -> -> same response:
> -> -> ->
> -> -> -> Unable to join domain <domain-name>.
> -> -> ->
> -> -> -> There are no error messages or explanation with it, just the
> -> -> -> plain text.
> -> -> ->
> -> -> -> Regards,
> -> -> ->
> -> -> -> Ash
> -> -> ->
> -> -> -> ------Original Message-----
> -> -> -> -From: Van Sickler, Jim [mailto:vansickj-eodc at kaman.com]
> -> -> -> -Sent: Thursday, April 14, 2005 07:15 PM
> -> -> -> -To: ''Ashutosh Kamdar'', samba at lists.samba.org
> -> -> -> -Subject: RE: [Samba] Unable to join samba server to a NT4
> -> -> -> style domain
> -> -> -> -
> -> -> -> -Ash,
> -> -> -> -
> -> -> -> -try one of the following:
> -> -> -> -
> -> -> -> -./net rpc join -S NT4SERVER -U administrator
> -> -> -> -
> -> -> -> -./net rpc join -S NT4SERVER -U administrator%'xxxxxxxx'
> -> -> -> -
> -> -> -> -./net rpc join -W MYWORKGROUP -U administrator
> -> -> -> -
> -> -> -> -./net rpc join -W MYWORKGROUP -U administrator%'xxxxxxxx'
> -> -> -> -
> -> -> -> -Jim
> -> -> -> -
> -> -> -> -> -----Original Message-----
> -> -> -> -> From: Ashutosh Kamdar [mailto:akamdar at gnsi.com]
> -> -> -> -> Sent: Thursday, April 14, 2005 11:48 AM
> -> -> -> -> To: Van Sickler, Jim; samba at lists.samba.org
> -> -> -> -> Subject: Re: [Samba] Unable to join samba server to a NT4
> -> -> -> style domain
> -> -> -> ->
> -> -> -> ->
> -> -> -> -> Jim,
> -> -> -> ->
> -> -> -> -> -Try adding the Samba server to the NT4 Domain first.
> -> -> -> -> Response: The samba server has already been added to
> -> -> the NT domain.
> -> -> -> ->
> -> -> -> -> -Is the NT4 server also a WINS server?
> -> -> -> -> -If so, add that info to the smb.conf
> -> -> -> -> -
> -> -> -> -> -wins server = xxx.xxx.xxx.xxx
> -> -> -> -> -name resolve order = wins lmhosts host bcast
> -> -> -> -> -
> -> -> -> -> -Put the NT4 server info into /etc/lmhosts
> -> -> -> -> -and /etc/hosts
> -> -> -> -> -xxx.xxx.xxx.xxx	NT4SERVER
> -> -> -> ->
> -> -> -> -> Response: The NT server is not functioning as a 
> WINS server. 
> -> -> -> -> The /etc/hosts and /etc/lmhosts already have the entry for
> -> -> -> -> the NT server. The server can also resolve the 
> NTSERVER_NAME 
> -> -> -> -> using DNS.
> -> -> -> ->
> -> -> -> -> I also used rpcclient to see if there any connection
> -> -> -> -> problems, and it was able to connect just fine to the
> -> -> -> -> NTSERVER. Thorougly confused.
> -> -> -> ->
> -> -> -> -> Any other ideas?
> -> -> -> ->
> -> -> -> -> Thanks for your response,
> -> -> -> ->
> -> -> -> -> Ash
> -> -> -> ->
> -> -> -> -> -
> -> -> -> -> -> -----Original Message-----
> -> -> -> -> -> From: Ashutosh Kamdar [mailto:akamdar at gnsi.com]
> -> -> -> -> -> Sent: Thursday, April 14, 2005 12:58 AM
> -> -> -> -> -> To: samba at lists.samba.org
> -> -> -> -> -> Subject: [Samba] Unable to join samba server to a NT4
> -> -> -> style domain
> -> -> -> -> ->
> -> -> -> -> ->
> -> -> -> -> -> Hello,
> -> -> -> -> ->
> -> -> -> -> -> I have installed Samba version 3.0.13 on a
> -> Solaris 9 machine
> -> -> -> -> -> and am trying to add it to an existing NT domain
> -> as a member
> -> -> -> -> -> server. I have followed the instructions in
> -> Chapter 2 of the
> -> -> -> -> -> Samba HOW-TO collection for adding a samba server as
> -> -> a Domain
> -> -> -> -> -> member. The problem is that when i use the net rpc join
> -> -> -> -> -> command to join the domain, I get the following error:
> -> -> -> -> ->
> -> -> -> -> -> # ./net rpc join -U administrator%'xxxxxxxx'
> -> -> -> -> ->
> -> -> -> -> -> Unable to find a suitable server
> -> -> -> -> ->
> -> -> -> -> -> Unable to find a suitable server
> -> -> -> -> ->
> -> -> -> -> -> Specifying the domain name with a -w switch or the
> -> -> PDC doesnt
> -> -> -> -> -> seem to help.
> -> -> -> -> ->
> -> -> -> -> -> Is there a way for me to see a detailed version
> -> of the error
> -> -> -> -> -> message or some log file where this is dumped to? I am
> -> -> -> -> -> posting the smb.conf for reference. Please help
> -> me resolve
> -> -> -> -> -> this error.
> -> -> -> -> ->
> -> -> -> -> -> Thanks,
> -> -> -> -> ->
> -> -> -> -> -> Ash
> -> -> -> -> ->
> -> -> -> -> ->
> -> -> -> ->
> -> -> ->
> -> ->
> -> 
> ----------------------------------8<----------------------------------
> -> -> -> -> -> smb.conf
> -> -> -> -> ->
> -> -> -> -> -> [global]
> -> -> -> -> ->         dns proxy = no
> -> -> -> -> ->         debug timestamp = yes
> -> -> -> -> ->         encrypt passwords = yes
> -> -> -> -> ->         idmap gid = 15000-20000
> -> -> -> -> ->         socket options = TCP_NODELAY
> -> -> -> -> ->         max log size = 1024
> -> -> -> -> ->         password server = *
> -> -> -> -> ->         idmap uid = 15000-20000
> -> -> -> -> ->         debug level = 3
> -> -> -> -> ->         security = domain
> -> -> -> -> ->         server string = Samba Server
> -> -> -> -> ->         workgroup = MYWORKGROUP
> -> -> -> -> ->         log level = 3
> -> -> -> -> ->         log file = /usr/local/samba/var/log.%m
> -> -> -> -> ->         netbios name = MYSERVER
> -> -> -> -> ->         load printers = yes
> -> -> -> -> ->         os level = 33
> -> -> -> -> ->         default = share
> -> -> -> -> -> [homes]
> -> -> -> -> ->    comment = Home Directories
> -> -> -> -> ->    valid users = %S
> -> -> -> -> ->    browseable = no
> -> -> -> -> ->    writable = yes
> -> -> -> -> ->
> -> -> -> -> -> [printers]
> -> -> -> -> ->    comment = All Printers
> -> -> -> -> ->    path = /usr/spool/samba
> -> -> -> -> ->    browseable = no
> -> -> -> -> ->    guest ok = no
> -> -> -> -> ->    writable = no
> -> -> -> -> ->    printable = yes
> -> -> -> -> ->
> -> -> -> -> -> [share]
> -> -> -> -> -> path = /share
> -> -> -> -> -> comment = Solaris share
> -> -> -> -> -> valid users = @Accounts
> -> -> -> -> -> guest ok = Yes
> -> -> -> -> -> read only = No
> -> -> -> -> ->
> -> -> -> -> ->
> -> -> -> ->
> -> -> ->
> -> ->
> -> 
> ----------------------------------8<----------------------------------
> -> -> -> -> ->
> -> -> -> -> ->
> -> -> -> -> ->
> -> -> -> -> -> --
> -> -> -> -> -> To unsubscribe from this list go to the following URL
> -> -> -> and read the
> -> -> -> -> -> instructions:
> -https://lists.samba.org/mailman/listinfo/samba
> --> -> -> ->
> --> -> -> -
> --> -> ->
> --> -> ->
> --> -> -
> --> ->
> --> ->
> --> -
> -->
> -->
> --
> -
> -
> 
> 