[Samba] Machine failing to keep its trust with Domain Controller

Dukhan, Meir Mdukhan at nds.com
Wed Jan 25 06:21:59 GMT 2006 

 
 Hi, 
 
We have a Linux (RHEL 3.0, update 3) Samba 3 server which worked fine
for months
but suddently have trouble to keep its trust with the DC server. 
 
The only way to recover is to reset the machine account from the Windows
DC side 
and do a "net join" to the domain from the Linux side. The Linux machine
is able to 
keep its "trust" with the domain exactly 7 days, which, AFAIU, is the
default in Samba and also in the DC side.
 
It is somewhat surprizing since this Linux Samba server w/o problems for
months. 
>From the Windows DC side, the only thing which was done just before this
problem 
appeared, was to patch the DC to SP1 as far as I remember. 
 
Below are the messages we can see in the /var/log/samba/samba.log file: 
 
[2006/01/18 10:49:57, 0]
smbd/change_trust_pw.c:change_trust_account_password(45)
  Can't get IP for PDC for domain MY_DOMAIN
[2006/01/18 10:49:57, 0]
smbd/change_trust_pw.c:change_trust_account_password(93)
  2006/01/18 10:49:57 : change_trust_account_password: Failed to change
password for domain MY_DOMAIN.

Linux Kernel: 2.4.21-20.ELsmp
Samba: 
        samba-3.0.4-6.3E              
        samba-common-3.0.4-6.3E 
 
/etc/smb.conf: see below
 
Tia 
 
-- Meir 
/etc/smb.conf
# Global parameters

[global]
workgroup = MY_DOMAIN
netbios name = Samba_Server
server string = Samba Server
security = DOMAIN
encrypt passwords = Yes
password server = mydc-server.com
log file = /var/log/samba/samba.log
log level = 1
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
wins server = our_wins
kernel oplocks = No
create mask = 0775
directory mask = 0775
oplocks = No
username map = /etc/samba/username.map
case sensitive = no
preserve case = yes
local master = no
use sendfile = no

[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
browseable = No

 

 
***********************************************************************************
This email message and any attachments thereto are intended only for use by the addressee(s) named above, and may contain legally privileged and/or confidential information. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the postmaster at nds.com and destroy the original message.
***********************************************************************************

More information about the samba mailing list