[Samba] joining domain fails because of no samba entries with 3.0.23c

Dan samba at the-rusty-nail.com
Mon Sep 18 22:41:21 GMT 2006 

Hello All,
    I am having a very strange problem with samba 3.0.23c.  I upgraded 
everything from 3.0.9 and I am able to smbclient to the samba 3.0.23c 
PDC  with the administrator user just fine.  When I go to add a machine 
to the domain, it adds the unix machine account to the ou=computers like 
it is supposed to but none of the samba entries are added.  I get an 
error on the windows side of "The user name can not be found."  but I 
know the administrator user is there.  The group mappings are correct 
for both the windows and unix groups, both on the PDC machine and in my 
openldap backend.  I am using the idealx scripts with 'smbldap-useradd 
-w '%u' .    It was my understanding that the scripts are not supposed 
to add the samba stuff anymore but either samba itself or the machine 
does that, I am not sure.  Is this correct?  Has anyone else seen things 
like this?  I searched and found a bunch of simular things but no real 
solutions.  I see in the logs where it is searching for the name of the 
machine and the sambaSamAccount objectclass and failing because it is 
not there, but I can't figure out why it is not getting created.  I have 
put the relevant log section below and can supply more if needed.  I 
suspect I am missing something simple.  Any help would be greatly 
appreciated.

[2006/09/18 18:30:05, 4] 
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
  Found policy hnd[0] [000] 00 00 00 00 05 00 00 00  00 00 00 00 ED 1D 
0F 45  ........ ....í..E
  [010] 8B 7A 00 00                                       .z..
[2006/09/18 18:30:05, 5] 
rpc_server/srv_samr_nt.c:access_check_samr_function(222)
  _samr_create_user: access check ((granted: 0x000d067b;  required: 
0x00000010)
[2006/09/18 18:30:05, 10] rpc_server/srv_samr_nt.c:can_create(2389)
  Checking whether [MYCOMPUTER$] can be created
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 512) : sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
  push_conn_ctx(101) : conn_ctx_stack_ndx = 0
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
  NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 10] passdb/lookup_sid.c:lookup_name(64)
  lookup_name: MYCOMPUTER$ =>  (domain), MYCOMPUTER$ (name)
[2006/09/18 18:30:05, 10] passdb/util_wellknown.c:lookup_wellknown_name(154)
  map_name_to_wellknown_sid: looking up MYCOMPUTER$
[2006/09/18 18:30:05, 5] 
passdb/secrets.c:secrets_fetch_trusted_domain_password(340)
  secrets_fetch failed!
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
  push_conn_ctx(101) : conn_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
  NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [o=my.domain.com], filter => 
[(&(uid=MYCOMPUTER$)(objectclass=sambaSamAccount))], scope => [2]
[2006/09/18 18:30:05, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1396)
  ldapsam_getsampwnam: Unable to locate user [MYCOMPUTER$] count=0
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
  push_conn_ctx(101) : conn_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
  NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 5] lib/smbldap.c:smbldap_search_ext(1179)
  smbldap_search_ext: base => [ou=groups,o=my.domain.com], filter => 
[(&(objectClass=sambaGroupMapping)(|(displayName=MYCOMPUTER$)(cn=MYCOMPUTER$)))], 
scope => [2]
[2006/09/18 18:30:05, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213)
  ldapsam_getgroup: Did not find group
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
  pop_sec_ctx (0, 512) - sec_ctx_stack_ndx = 0
[2006/09/18 18:30:05, 10] rpc_server/srv_samr_nt.c:can_create(2399)
  MYCOMPUTER$ does not exist, can create it
[2006/09/18 18:30:05, 5] rpc_server/srv_samr_nt.c:_samr_create_user(2501)
  _samr_create_user:  can add this account : True
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 512) : sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
  push_conn_ctx(101) : conn_ctx_stack_ndx = 0
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
  NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_alloc(131)
  Finding user MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(75)
  Trying _Get_Pwnam(), username as lowercase is MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(83)
  Trying _Get_Pwnam(), username as given is MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(102)
  Checking combinations of 0 uppercase letters in MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(108)
  Get_Pwnam_internals didn't find user [MYCOMPUTER$]!
[2006/09/18 18:30:08, 0] passdb/pdb_interface.c:pdb_default_create_user(368)
  _samr_create_user: Running the command 
`/usr/local/sbin/smbldap-useradd -w 'MYCOMPUTER$'' gave 0
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_alloc(131)
  Finding user MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(75)
  Trying _Get_Pwnam(), username as lowercase is MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(83)
  Trying _Get_Pwnam(), username as given is MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(102)
  Checking combinations of 0 uppercase letters in MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(108)
  Get_Pwnam_internals didn't find user [MYCOMPUTER$]!
[2006/09/18 18:30:08, 3] passdb/pdb_interface.c:pdb_default_create_user(381)
  pdb_default_create_user: failed to create a new user structure: 
NT_STATUS_NO_SUCH_USER
[2006/09/18 18:30:08, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
  pop_sec_ctx (0, 512) - sec_ctx_stack_ndx = 0
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_debug(84)
  000000 samr_io_r_create_user
[2006/09/18 18:30:08, 6] rpc_parse/parse_prs.c:prs_debug(84)
      000000 smb_io_pol_hnd user_pol
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
          0000 data1: 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
          0004 data2: 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint16(675)
          0008 data3: 0000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint16(675)
          000a data4: 0000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint8s(851)
          000c data5: 00 00 00 00 00 00 00 00
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
      0014 access_granted: 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
      0018 user_rid : 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_ntstatus(763)
      001c status: NT_STATUS_NO_SUCH_USER
[2006/09/18 18:30:08, 5] rpc_server/srv_pipe.c:api_rpcTNP(2305)
  api_rpcTNP: called samr successfully
[2006/09/18 18:30:08, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(529)
  free_pipe_context: destroying talloc pool of size 302
[2006/09/18 18:30:08, 10] 
rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(963)
  write_to_pipe: data_used = 76
[2006/09/18 18:30:08, 6] rpc_server/srv_pipe_hnd.c:read_from_pipe(995)
  read_from_pipe: 7763 name: samr len: 1024

More information about the samba mailing list