[Samba] Fedora core 2 domain trust account fails

[kent]

Hello,
Having a problem with trust accounts failing after creation. The following is
the system that I'm running Samba on:

Fedora Core 2
(compiled from source)
Samba 3.0.11
OpenLDAP 2.2.23
BerkeleyDB 4.3.27

Windows 2000 client machine

I have a script to add machine trust accounts to LDAP. The first part adds a
posix Account and attributes to LDAP, the second uses smbpasswd to add the Samba
account and attributes. I use PAM to point to the LDAP directory for user, group
info and authentication.

This method has worked on Samba 3.0.0 with ldap 2.1.30 backend systems fine.

I add the account using root, the account is created in LDAP, and I get a
"Welcome to blah blah domain" message. After I reboot and attempt to login, I
get a trust account failure error message. I compared the sid for the domain and
the machine account and they are identical. The only password that is created is
sambaNTPassword. The following are attributes that are found in LDAP after
account creation:

[root at fdc2_1 root]# ldapsearch -xv -b "ou=computers,dc=tow,dc=net"
uid=wms-0106$ldap_initialize( <DEFAULT> )
filter: uid=wms-0106$
requesting: ALL
# extended LDIF
#
# LDAPv3
# base <ou=computers,dc=tow,dc=net> with scope sub
# filter: uid=wms-0106$
# requesting: ALL
#
 

# wms-0106$, Computers, tow.net
dn: uid=wms-0106$,ou=Computers,dc=tow,dc=net
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
uid: wms-0106$
cn: wms-0106$
sn: wms-0106$
uidNumber: 8049
gidNumber: 502
homeDirectory: /dev/null
description: Computer
loginShell: /bin/false
sambaSID: S-1-5-21-1129281578-1295143107-3311307472-17098
sambaPrimaryGroupSID: S-1-5-21-1129281578-1295143107-3311307472-515
displayName: wms-0106$
sambaPwdCanChange: 1109349002
sambaPwdMustChange: 2147483647
sambaNTPassword: 6B92BAAA9FAD3E498BF4665F0B42BF95
sambaPwdLastSet: 1109349002
sambaAcctFlags: [W          ]
 
# search result
search: 2
result: 0 Success

Any suggestions?


Kent L. Nasveschuk
Wareham Public Schools