[Samba] NT Workstation and Samba PDC

Marcelo Terres mhterres at gmail.com
Wed Oct 4 20:01:10 GMT 2006 

Hi.

I'm having a big trouble.

We migrate a NT PDC to a Samba PDC. No problems in migration. Everything
works fine.

The problem is: I can't add a NT machine to Domain. Simply does not work. XP
and W2K works great.

I started using Debian Sarge Package 3.0.14. In this version I could not
manage groups using the Domain User Manager from NT. So I updated to
3.0.23cpackages from
samba.org. Same problem with adding a NT machine, but the User Manager now
works.

I tried the 3.0.22 from backports.org but with the same problem.

The behaviour changes depending of the version of Samba. I'm using
smbldap-useradd (0.9.2) in the add machine script.

In 3.0.14 I saw in logs this error:
2006/10/04 13:03:42, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
  ldapsam_update_sam_account: failed to modify user with uid = testing$,
error: modify/delete: sambaPrimaryGroupSID: no such value (Success)


In 3.0.22 the error is similar, but because the LDAP timed out, looks like
the account is created and NT thinks that it joined in the domain, but when
I tried to login does not work. Look the logs:

2006/10/04 14:28:38, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1873)
ldapsam_update_sam_account: failed to modify user with uid = testing$,
error: modify/delete: sambaPrimaryGroupSID: no such value (Success)
[2006/10/04 14:28:38, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (12384, 513) - sec_ctx_stack_ndx = 0
[2006/10/04 14:28:38, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(526)
free_pipe_context: destroying talloc pool of size 924
[2006/10/04 14:28:38, 3] smbd/process.c:process_smb(1194)
Transaction 21 of length 132
[2006/10/04 14:28:38, 3] smbd/process.c:switch_message(993)
switch message SMBtrans (pid 3026) conn 0x83cd180
[2006/10/04 14:28:38, 3] smbd/ipc.c:reply_trans(539)
trans <\PIPE\> data=44 params=0 setup=2
[2006/10/04 14:28:38, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2006/10/04 14:28:38, 3] smbd/ipc.c:api_fd_reply(294)
Got API command 0x26 on pipe "samr" (pnum 7494)
[2006/10/04 14:28:38, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(526)
free_pipe_context: destroying talloc pool of size 0
[2006/10/04 14:28:38, 3] rpc_server/srv_pipe.c:api_rpcTNP(2237)
api_rpcTNP: rpc command: SAMR_DELETE_DOM_USER
[2006/10/04 14:28:38, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:38, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 1 try!
[2006/10/04 14:28:39, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:39, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 2 try!
[2006/10/04 14:28:40, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:40, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 3 try!
[2006/10/04 14:28:41, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:41, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 4 try!
[2006/10/04 14:28:42, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:42, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 5 try!
[2006/10/04 14:28:43, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:43, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 6 try!
[2006/10/04 14:28:44, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:44, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 7 try!
[2006/10/04 14:28:45, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:45, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 8 try!
[2006/10/04 14:28:46, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:46, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 9 try!
[2006/10/04 14:28:47, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:47, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 10 try!
[2006/10/04 14:28:48, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:48, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 11 try!
[2006/10/04 14:28:49, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:49, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 12 try!
[2006/10/04 14:28:50, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:50, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 13 try!
[2006/10/04 14:28:51, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:51, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 14 try!
[2006/10/04 14:28:52, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:52, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 15 try!
[2006/10/04 14:28:53, 0] lib/smbldap.c:smbldap_open(922)
smbldap_open: cannot access LDAP when not root..
[2006/10/04 14:28:53, 0] lib/smbldap.c:smbldap_search_suffix(1346)
smbldap_search_suffix: Problem during the LDAP search: modify/delete:
sambaPrimaryGroupSID: no such value (Time limit exceeded)
[2006/10/04 14:28:53, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(526)
free_pipe_context: destroying talloc pool of size 0

More information about the samba mailing list