[Samba] Still having samba join domain problems

[Van Sickler, Jim]

Anthony,

Look to see if the RestrictAnonymous setting in
the registry on the XP box is set to 2.  If it is,
set it to 0 or 1, and try to add it again.  Set it
back to 2 when you're done.

Jim

> -----Original Message-----
> From: Anthony Hess [mailto:tonyh at engr.arizona.edu]
> Sent: Monday, August 08, 2005 5:46 PM
> To: samba at lists.samba.org
> Subject: [Samba] Still having samba join domain problems
> 
> 
> So I was having problems getting a machine to join to a samba 
> PDC running on
> Solaris 9 using the bundled LDAP server.  Ill skip all my previous
> troubleshooting steps here (Ive tried just about anything and 
> everything).
> 
> Anyway - so I deleted all of the attributes for samba in the 
> directory and
> ran the idealx populate script.  It seemed to go just fine (the other
> scripts seem to work fine too).
> 
> When I try to join the domain using the "root" account the 
> Windows XP PC
> comes back with "The following error occurred attempting to 
> join the domain
> "SUNDEV"; The user name could not be found".
> 
> In the smbd log (at level 10) this is all I get:
> 
> [2005/08/08 17:27:35, 0] 
> rpc_server/srv_samr_nt.c:_samr_create_user(2324)
>   _samr_create_user: Running the command
> `/usr/local/samba/acctscrp/smbldap-useradd t 5 -w "engrpc$"' gave 9
> 
> (and that only happens when I try to add an account twice in 
> a row - Ive
> seen gave 1 show up before but its not happening now)
> 
> It DOES create a posix account in the right ou, just not the 
> samba piece.
> 
> Now Im not sure if Im going off way in the wrong direction 
> here, but when I
> try to add a machine account (with the posix information 
> still there from
> the script) with pdbedit (-a -m) I get:
> 
> ldapsam_modify_entry: Failed to modify user dn=
> uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu with: Object class
> violation
>         
> ldapsam_add_sam_account: failed to modify/add user with uid = 
> engrpc$ (dn =
> uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu)
> Unable to add machine! (does it already exist?)
> 
> I get the same error even if the posix information isnt 
> already there.  Here
> is what it gives me in the ldap logs:
> 
> [08/Aug/2005:17:41:22 -0700] - Entry "uid=engrpc$,ou=Machines,dc=engr,
> dc=arizona, dc=edu" missing attribute "sambaSID" required by 
> object class
> "sambaSamAccount"
> 
> It does NOT give me this if Im using the scripts.
> 
> OK, can anyone even point me in the direction I should be 
> looking?  I can
> see a sambaSID in ldap or by using the net getlocalsid command.
> 
> Thanks,
> 
> Tony
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>