[Samba] Can't join my domain

Craig White craigwhite at azapple.com
Wed Feb 22 15:27:24 GMT 2006 

On Wed, 2006-02-22 at 09:12 -0400, Bevan Agard wrote:
> Guys and dolls,
> Greetings, I hope you all are in good health, great spirits and your glasses
> never empty.
> 
> I have a samba, openldap question.
> 
> I am trying to setup a FC-4 box to be a PDC for a small network of about 150
> users.  I was following the HOWTO on the SAMBA site.  Everything seems to be
> fine however I cannot join the domain.  I get the error "User name could not
> be found." The error logs show that the login/password used to join the
> domain was accpeted and correct.  I decided to step back a bit to see if the
> PDC could join the domain but also no luck.  I got the following when I ran
> the command
> 
> [root at anansi ~]# net rpc join -d 3 -l -S PDC -U root
> [2006/02/21 10:57:03, 3] param/loadparm.c:lp_load(3916)
>   lp_load: refreshing parameters
> [2006/02/21 10:57:03, 3] param/loadparm.c:init_globals(1321)
>   Initialising global parameters
> [2006/02/21 10:57:03, 3] param/params.c:pm_process(573)
>   params.c:pm_process() - Processing configuration file
> "/etc/samba/smb.conf"
> [2006/02/21 10:57:03, 3] param/loadparm.c:do_section(3418)
>   Processing section "[global]"
> [2006/02/21 10:57:03, 1] param/loadparm.c:lp_do_parameter(3159)
>   WARNING: The "min passwd length" option is deprecated
> [2006/02/21 10:57:03, 2] lib/interface.c:add_interface(81)
>   added interface ip=10.50.0.20 bcast=10.50.255.255 nmask=255.255.0.0
> [2006/02/21 10:57:03, 2] lib/interface.c:add_interface(81)
>   added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
> [2006/02/21 10:57:03, 3] libsmb/namequery.c:resolve_wins(752)
>   resolve_wins: Attempting wins lookup for name PDC<0x20>
> [2006/02/21 10:57:03, 3] libsmb/namequery.c:name_resolve_bcast(694)
>   name_resolve_bcast: Attempting broadcast lookup for name PDC<0x20>
> [2006/02/21 10:57:03, 2] libsmb/namequery.c:name_query(492)
>   Got a positive name query response from 10.50.0.20 ( 10.50.0.20 )
> [2006/02/21 10:57:03, 3] libsmb/cliconnect.c:cli_start_connection(1406)
>   Connecting to host=PDC
> [2006/02/21 10:57:03, 3] lib/util_sock.c:open_socket_out(752)
>   Connecting to 10.50.0.20 at port 445
> [2006/02/21 10:57:04, 3] rpc_client/cli_netlogon.c:cli_nt_setup_creds(290)
>   cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED
> [2006/02/21 10:57:04, 3] libsmb/trusts_util.c:just_change_the_password(43)
>   just_change_the_password: unable to setup creds (NT_STATUS_ACCESS_DENIED)!
> [2006/02/21 10:57:04, 1] utils/net_rpc.c:run_rpc_command(138)
>   rpc command function failed! (NT_STATUS_ACCESS_DENIED)
> Password:
> [2006/02/21 10:57:10, 3] libsmb/cliconnect.c:cli_start_connection(1406)
>   Connecting to host=PDC
> [2006/02/21 10:57:10, 3] lib/util_sock.c:open_socket_out(752)
>   Connecting to 10.50.0.20 at port 445
> [2006/02/21 10:57:10, 3] libsmb/cliconnect.c:cli_session_setup_spnego(708)
>   Doing spnego session setup (blob length=58)
> [2006/02/21 10:57:10, 3] libsmb/cliconnect.c:cli_session_setup_spnego(733)
>   got OID=1 3 6 1 4 1 311 2 2 10
> [2006/02/21 10:57:10, 3] libsmb/cliconnect.c:cli_session_setup_spnego(740)
>   got principal=NONE
> [2006/02/21 10:57:10, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(869)
>   Got challenge flags:
> [2006/02/21 10:57:10, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
>   Got NTLMSSP neg_flags=0x60890215
> [2006/02/21 10:57:10, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(891)
>   NTLMSSP: Set final flags:
> [2006/02/21 10:57:10, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
>   Got NTLMSSP neg_flags=0x60080215
> [2006/02/21 10:57:10, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
>   NTLMSSP Sign/Seal - Initialising with flags:
> [2006/02/21 10:57:10, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
>   Got NTLMSSP neg_flags=0x60080215
> [2006/02/21 10:57:10, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(181)
>   lsa_io_sec_qos: length c does not match size 8
> Creation of workstation account failed
> Unable to join domain CDCGA.
> [2006/02/21 10:57:12, 2] utils/net.c:main(897)
>   return code = 1
> 
> I googled the the NT_STATUS_ACCESS_DENIED error and no luck as of yet.
> 
> Have any of you samba sensei seen anything like this or have an suggestions
> as to how to kick this trouble ticket out.
----
The PDC is the domain and doesn't join it.

Craig

More information about the samba mailing list