[Samba] Win2k clients won't rejoin Samba PDC domain, "Remote Procedure Call Failed"?

Ivan Ordonez iordonez at nature.berkeley.edu
Thu Apr 27 21:28:04 GMT 2006

Did you try putting the dollar sign?
Example#smbpasswd -a -m machine_name$

At 02:21 PM 4/27/2006, wally wrote:
>Hey everyone, firstly thanks for your time, I've spent hours, a lot
>straight days too, for the last couple of weeks trying to solve this
>issue.  The only thing (afai can see) I've got left is asking the
>experts and formatting all the machines and starting over, the latter
>of which I'm not interesting in doing because it doesn't solve the
>issue (well it might make the problem go away, but I won't know what it
>was, and I don't consider that a solution).  So thanks for reading
>this, even if you've just got a "no idea I'm afraid, but I would
>suggest the following obvious things..." that'd be so appriciated.
>I've gotten to the point where I'm getting so frustrated and impatient
>I'm forgetting what I have / havn't tried already, so a fresh run would
>be great : )
>So, here we go.  I've setup a PDC for a small network.  I'm running
>Samba 3.0.14a-2 on FC5, with 256mb of RAM and other working hardware.
>I mean to say, I'm fairly certain its something I've misconfigured, not
>a hardware fault.  I've also upgraded Samba twice (while moving from
>FC4 to 5, and once again recently), neither of which solved the issue.
>So my smb.conf looks like this:
>// SOF
># Global parameters
>        workgroup = PLFCDOMAIN
>        server string = Fedora Linux running Samba 3.0.14a-2
>        passwd program = /usr/bin/passwd %U
>        passwd chat = *New*UNIX*password* %n\n
>*Retype*new*UNIX*password* %n\n $        unix password sync = Yes
>        log level = 2
>        acl compatibility = win2k
>        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>        add machine script = /usr/sbin/adduser -d / -g 600 -M -s
>/sbin/nologin $        logon script = %U.BAT
>        logon path = \\%N\profiles\%U
>        logon drive = Z:
>        domain logons = Yes
>        os level = 33
>        preferred master = Yes
>        domain master = Yes
>        wins support = Yes
>#       remote announce =
>        profile acls = Yes
>        path = /var/lib/samba/netlogon
>        read only = No
>        guest ok = Yes
>        comment = Profiles share
>        path = /home/
>        read only = No
>        create mask = 0751
>        directory mask = 0751
>        map system = Yes
>        map hidden = Yes
>// EOF
>(I've got some other shares too, if anybody is interested in seeing
>those I'll post them up too, otherwise I'll save the bytes in this
>message for now.)
>When I first set it up, I had it running with a Windows 2000 client (no
>SP patches applied) in the domain, and everyone could log on and off as
>they liked.  Everything was fine.  Then I joined another 2000 machine
>(for which I used the add machine script) which worked really neatly,
>and still everything worked fine.  Then I added an XP machine, which
>also joined perfectly happily.
>This is the point from which things must have gone wrong.
>I then applied SP4 to the FIRST of the two Windows 2000 machines.  I
>mucked about a bit with poledit to make a NTLogon.pol for the NTLOGON
>share, which worked like a dream.  I'd had a few users loging on and
>off of all the machines fine, all the shares worked as I wanted,
>everything seemed quite happy.
>Then I had a problem with a user not being able to write to a given
>share.  Turns out adding "profile acls = yes" to the Samba config fixed
>this (I found that out on the net), but before I discovered that I
>paniced and tried REMOVING the win2k machine from the domain, and
>readding it, which FAILED.  The message I received was "remote
>procedure call failed".  Ever since, I've not been able to join
>machines to the domain (I always get that error).
>Checking the Samba logs, nothing screams out at me.  Ocassionally I get
>an "INVALID PIPE <xyz>" (log level 3), but that isn't persistant
>(infact so little that I can't even find one to paste here right now).
>It also seems that I have to reboot the win2k machine to get it to try
>joining the domain again properly, if  that's of any relevance.
>I've followed the Samba HOWTO doc as best I can several times over,
>I've tried adding the machines by hand using "# smbpasswd -am plfc-01"
>(that being the name of one of the win2k machines) and that doesn't
>work, I've tried with and without the add machine script, both without
>it completely and with manually adding the UNIX user, I've really tried
>everything I can think of and then some, but I can't get it to join.
>This applies to ALL win2k machines (I've only got one XP one available,
>which I daren't disjoin the domain with incase it never goes back on
>because everyone uses it), I've tried several win2k machines which have
>never been on the network (fresh installs of 2k, even they won't touch
>The only thing (may be irrelevant, but my understanding of SMB and
>Samba is pretty limited), the smbpasswd file has very different entries
>for each of the computers:
>(this is the XP machine which is already added)
>         ]:LCT-443B967D:
>(this is the win2k machine which is also already added)
>        ]:LCT-443B8092:
>(this is the win2k machine that I disconnected and tried to reconnect)
>        ]:LCT-00000000:
>(this is a new win2k machine that I've tried to add today)
>        ]:LCT-00000000:
>I've read loads on the net about Samba 2 having serious windows 2000
>issues, but not much about Samba 3, if anyone has *any* idea what my
>problem might be, even if you don't have a clue and just have some
>suggestions or want to know what my smbpasswd file looks like or
>whatever, please, I'd really appriciate hearing from you all!
>Matthew Hall
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list