[Samba] Can not add a new NT Workstation to a new (vampired) samba domain

Stephen Vermeulen stephen at vermeulen.ca
Mon Dec 10 14:17:11 GMT 2007


I am replacing an old NT4.0 Server with a debian 4.0R1 etch Linux server 
(samba 3.0.24).

This was with a completely fresh install of debian.

My smb.conf is pretty simple:

[global]
     workgroup = BUTLER
     netbios name = STAR3
     passdb backend = tdbsam
     domain master = No
     domain logons = Yes
     os level = 33
     add user script = /usr/sbin/useradd -m '%u'
     delete user script = /usr/sbin/userdel -r '%u'
     add group script = /usr/sbin/groupadd '%g'
     delete group script = /usr/sbin/groupdel '%g'
     add user to group script = /usr/sbin/usermod -G '%g' '%u'
     add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u'
#     wins server = [IP of wins server]

[files]
        comment = SAMBA File Server
        path = /home/files
        read only = No

In addition I have the following smbusers file:

star3:/etc/samba# cat smbusers
root = Administrator


testparm tells me this setup will give me a BDC.

I first added the samba server (star3) to the old NT4 PDC using the 
server manager tool
and then did a:

net rpc join -S nova -UAdministrator%password

This worked and I was able to access the machine from the PDC.

I then did a vampire:

net rpc vampire -S nova -W BUTLER -UAdministrator%password

and this worked for most of the user accounts and machine accounts 
(there were some that
had errors, but these were mostly for old users or machines that were 
long since gone), these
errors look like:

Creating account: chris
[2007/12/08 21:03:36, 0] passdb/pdb_tdb.c:tdb_update_samacct_only(1258)
  Unable to modify passwd TDB! Error: Record does not exist occured 
while storing the main record (USER_chris)
Creating account: ECLIPSE$
[2007/12/08 21:03:36, 0] passdb/pdb_tdb.c:tdb_update_samacct_only(1258)
  Unable to modify passwd TDB! Error: Record does not exist occured 
while storing the main record (USER_eclipse$)
Creating account: GALAXY$
[2007/12/08 21:03:36, 0] passdb/pdb_tdb.c:tdb_update_samacct_only(1258)
  Unable to modify passwd TDB! Error: Record does not exist occured 
while storing the main record (USER_galaxy$)

In the case of GALAXY$, this is a current machine and it did seem to 
function afterwards, though maybe
its using stored credentials still?

After the vampiring I shut down the NT4 PDC (nova) and did various login 
and file sharing tests
and the main accounts (including Administrator) all seemed to work. The 
samba box was still
functioning in BDC role.

I then decided to try adding a new Windows XP Pro workstation to the 
domain (it had previously
been a member, but I had removed it from the old domain to experiment 
with moving user profiles between
domains).

When I told it to join the domain it returned an error telling me that 
it could not find the domain.
So I thought "maybe a BDC cannot join new machines to the domain". (The 
NT4 PDC was switched
off at this time).

So then I stopped samba and set:

domain master = yes
wins support = yes

and restarted samba.

Then when I tried to add the machine I got a Windows error dialog saying:

   The following error occurred while attempting to join the domain 
"Butler":
   The user name could not be found.

I was using the "Administrator" user name, and I was able to log into
the BUTLER domain on another Windows box as the Administrator and
access the file share on the samba box and create new files in the folder
owned by Administrator.

I googled this for a bit last night and found quite a few references to this
error, but nothing really conclusive.

Any suggestions?

Thanks

Stephen.



More information about the samba mailing list