[Samba] Join Domain Problem?

Eric Hines eehines at comcast.net
Sun Feb 5 18:06:13 GMT 2006 

List,

I'm having trouble accessing shares, and I'm getting conflicting 
indications on whether I've successfully joined the domain with my PC 
and Samba server (which may bear on the share problem).  I really 
could use some help; I've not been able to recognize anything in the 
docs or via Google that helps.  I'm running SUSE 9.3 and Samba 
3.0.21a, and I'm trying to access shares from a Win2k PC.

I ran <net join PDC -D <server> -W <domain> -U root> and got back the 
answer "ads_connect: Transport end is not connected.  Joined domain <domain>"
<net rpc testjoin> returns "Join to <domain> is OK."

However, wbinfo -u and wbinfo -g both return "Error looking up domain 
users/groups", and winbindd can only find BUILTIN for a trusted 
domain, according to its log, and my log. wb_<domain> indicates that 
no trusted domain ever is found.

But wbinfo -t succeeds, wbinfo -D=<domain> returns the domain data, 
including its SID, and wbinfo --sequence returns BUILTIN and 
<domain>, albeit with the same numbers.

Testparm says the Samba is the domain PDC.  My PC successfully boots 
into the domain with me (or root, as the case may be) as the logged in user.

So, how can I tell whether I've correctly joined the domain?

The second part of this is that with each of two shares (<share1> and 
<share2>), set up as below (I've only used bandwidth on one share; 
their set up is identical), I get BAD_NETWORK_NAME from an smbclient 
//<server>/<share1> -U <user> call.  With valid user set to @group in 
<share1> only, this changes to a bad login error (ACCESS_DENIED) for 
that share.  However, when logged in on the PC as root, I get into 
<share2> (which does not have @group set) just fine, but I get the 
login error when root tries to get into <share1>.  This argues that I 
have an access problem with the two shares, and my domain problem 
impacts this only obliquely.

The logs all indicate that the shares are being formed correctly, but 
the messages log says that my PC "couldn't find service: {[long 
string of digits and characters, hyphenated into 5 groups]}, and that 
the PC also couldn't find the to the directory containing <share2> 
(without the @groups).  It also appears that the last character of 
each share gets truncated when its being sought out (found this in 
the PC log on the Samba server).  However, that last character always 
is found eventually for <share1> and never is for <share2>.

Setting createmask, et al., has had no effect, probably because I'm 
not getting into the shares for these to have an effect.

So, what have I got going on here?  How can I further troubleshoot 
this share problem, also?

<share1>
path=/data/<share1>
valid users=@group #Note: <Share2> has only valid users = ''; it is 
otherwise identical to this
read only=no

Thanks for your help; I've been pulling my hair out over these for 
several weeks.  I'm going bald....

Eric Hines

There is no nonsense so errant that it cannot be made the creed of 
the vast majority by adequate governmental action.
         --Bertrand Russell

More information about the samba mailing list