[Samba] Clients fail to join domain, machine password not found

Yatima Meiji yatimameiji at gmail.com
Thu Jul 20 15:24:05 GMT 2006

I have setup a samba PDC+LDAP on our fileserver, which is housed in the
university's server room, so it is on a different subnet.  I give our client
machines the ip of the pdc as the wins server.  This allows our clients to
join the domain, but it fails with user name not found.  Checking the logs,
I see that Administrator was able to login, and the smbldap-tools script ran
and added the machine to the domain.  But before this even happens, it seems
samba looks for the machine password, and fails.  Its the only error that is
in the log.

I'm running Samba 3.0.22(Blastwave) on Solaris 10.  I've run the same
version on Linux(RHEL v4) to do the same job(before we moved the homes to
the fileserver) and didn't have any of these problems.  I've tried
everything I can think off, but still no go.  Any ideas?

The smb.conf:

        workgroup = CBI
        netbios name = Cajal
        enable privileges = yes
        interfaces = ce0
        server string = Cajal PDC %v
        security = user
        encrypt passwords = Yes
        log level = 2
        syslog = 0
        time server = yes

        domain logons = yes
        os level = 90
        preferred master = yes
        domain master = yes
        wins support = yes

        passdb backend = ldapsam:ldap://x.x.x
        ldap admin dn = cn=samba,ou=DSA,dc=x
        ldap suffix = dc=x
        ldap group suffix = ou=group
        ldap user suffix = ou=people
        ldap machine suffix = ou=machines
        ldap idmap suffix = ou=Idmap
        ldap passwd sync = Yes
        ldap ssl = start tls

        add user script = /opt/csw/sbin/smbldap-useradd -m "%u"
        add machine script = /opt/csw/sbin/smbldap-useradd -w "%u"
        add group script = /opt/csw/sbin/smbldap-groupadd -p "%g"
        add user to group script = /opt/csw/sbin/smbldap-groupmod -m "%u"
        delete user from group script = /opt/csw/sbin/smbldap-groupmod -x
"%u" "%g"
        set primary group script = /opt/csw/sbin/smbldap-usermod -g "%g"

More information about the samba mailing list