[Samba] Not able to join domain

Chris Boyd Chris.Boyd at usit.ie
Thu Apr 6 11:24:45 GMT 2006

I'm trying to set up Samba 3.0.20-4-SUSE on a opensuse 10 machine. I'm working with XP Pro on the client machine. I can't get the XP mahcine (RDS7) to join the domain (UCD). It asks for a user when trying to join and then says it cannot find it. The samba log is:

  check_ntlm_password:  Authentication for user [root] -> [root] FAILED with error NT_STATUS_NO_SUCH_USER

The root account is showing up in smbpasswd (that's assuming it needs to be there). 

Now the XP machine can see the domain (UCD) as well as WORKGROUP (which it currently is master of). 

Domain=[UCD] OS=[Unix] Server=[Samba 3.0.20-4-SUSE]

        Server               Comment
        ---------            -------
        UCD01                Samba 3.0.20-4-SUSE

        Workgroup            Master
        ---------            -------
        UCD                  UCD01
        WORKGROUP            RDS7

This is after having to manually create the machine account (as there seems to be some problem with suse doing it "on-the-fly". 
I've also noticed that testparm returns  the samba machine as a BDC instead of a PDC. 

Load smb config files from /etc/samba/smb.conf
Processing section "[protel]"
Processing section "[homes]"
Processing section "[profiles]"
Processing section "[users]"
Processing section "[groups]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[netlogon]"
Server's Role (logon server) NOT ADVISED with domain-level security
Loaded services file OK.
Server role: ROLE_DOMAIN_BDC
Press enter to see a dump of your service definitions

Also here's the smb.conf: 

        printcap name = cups
        cups options = raw
        map to guest = Bad User
#       include = /etc/samba/dhcp.conf
        logon path = \\%L\profiles\.msprofile
        logon home = \\%L\%U\.9xprofile
        logon drive = P:
        security = domain
        restrict anonymous = no
        domain master = Yes
        preferred master = Yes
#       idmap uid = 15000-20000
#       idmap gid = 15000-20000
        log level = 2
        netbios name = UCD01
        max protocol = NT
        ldap ssl = No
        server signing = Auto
        workgroup = UCD
        add machine script = /usr/sbin/useradd  -c Machine -d /var/nodirs -s /bin/false '%u'
        passdb backend = tdbsam
        domain logons =Yes
        local master = Yes
        os level = 65

        comment = Protel Data Folder
        path = /protel
        read only = no
        comment = Home Directories
        valid users = %S
        browseable = No
        read only = No
        inherit acls = Yes

        comment = Network Profiles Service
        path = %H
#       path = /var/lib/samba/profiles
        read only = No
        store dos attributes = Yes
        create mask = 0600
        directory mask = 0700

        comment = All users
path = /home
        read only = No
        inherit acls = Yes
        veto files = /aquota.user/groups/shares/

        comment = All groups
        path = /home/groups
        read only = No
        inherit acls = Yes

        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No

        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @ntadmin root
        force group = ntadmin
        create mask = 0664
        directory mask = 0775

        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        write list = root
        admin users = root
        guest ok = Yes
        browseable = No

Anyway...if it's not obvious am a samba newb 
Oh and TIA 

This email message is intended only for the addressee(s) 
and contains information that may be confidential and/or 
copyrighted.  If you are not the intended recipient please 
notify the sender by reply email and immediately delete 
this email. Use, disclosure or reproduction of this email 
by anyone other than the intended recipient(s) is strictly 
prohibited. USIT has scanned this email for viruses and 
dangerous content and believes it to be clean. However, 
virus scanning is ultimately the responsibility of the recipient.

More information about the samba mailing list