[Samba] Can not add a new NT Workstation to a new (vampired)
samba domain
Stephen Vermeulen
stephen at vermeulen.ca
Tue Dec 11 04:56:40 GMT 2007
Stephen Vermeulen wrote:
> I am replacing an old NT4.0 Server with a debian 4.0R1 etch Linux
> server (samba 3.0.24).
>
> This was with a completely fresh install of debian.
>
>
...
> I then decided to try adding a new Windows XP Pro workstation to the
> domain (it had previously
> been a member, but I had removed it from the old domain to experiment
> with moving user profiles between
> domains).
>
> When I told it to join the domain it returned an error telling me that
> it could not find the domain.
> So I thought "maybe a BDC cannot join new machines to the domain".
> (The NT4 PDC was switched
> off at this time).
>
> So then I stopped samba and set:
>
> domain master = yes
> wins support = yes
>
> and restarted samba.
>
> Then when I tried to add the machine I got a Windows error dialog saying:
>
> The following error occurred while attempting to join the domain
> "Butler":
> The user name could not be found.
>
> I was using the "Administrator" user name, and I was able to log into
> the BUTLER domain on another Windows box as the Administrator and
> access the file share on the samba box and create new files in the folder
> owned by Administrator.
Since the BDC SID was not the same as the PDC's SID I used the net command
to fetch the SID from the PDC and write it to the BDC. Now a "net
getlocalsid"
reports the same SID.
Shouldn't net vampire have made the BDC have the same SID as the PDC?
After doing this the error changed to "Access is denied"
I then redid the net vampire, but this did not change things.
I have increased the log level to 2 and the following log file section
is what happens when I try to add the new machine. Also, here is the
current
version of the smb.conf file:
star4:/etc/samba# cat smb.conf
[global]
workgroup = BUTLER
netbios name = STAR4
passdb backend = tdbsam
domain master = Yes
domain logons = Yes
wins support = yes
os level = 40
log level = 2
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u'
# wins server = [IP of wins server]
[files]
comment = SAMBA File Server
path = /home/files
read only = No
star4:/etc/samba#
And the log.smbd file:
[2007/12/10 14:45:44, 2] smbd/reply.c:reply_special(496)
netbios connect: name1=STAR4 name2=TULLY
[2007/12/10 14:45:44, 2] smbd/reply.c:reply_special(503)
netbios connect: local=star4 remote=tully, name type = 0
[2007/12/10 14:45:44, 0] lib/util_sock.c:write_data(562)
write_data: write failure in writing to client 192.168.128.103. Error
Connection reset by peer
[2007/12/10 14:45:44, 0] lib/util_sock.c:send_smb(769)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2007/12/10 14:45:44, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2007/12/10 14:45:44, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2007/12/10 14:45:44, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [administrator] ->
[administrator] -> [Administrator] succeeded
[2007/12/10 14:45:44, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving IPC$ as a Dfs root
[2007/12/10 14:45:45, 2] smbd/reply.c:reply_special(496)
netbios connect: name1=STAR4 name2=TULLY
[2007/12/10 14:45:45, 2] smbd/reply.c:reply_special(503)
netbios connect: local=star4 remote=tully, name type = 0
[2007/12/10 14:45:45, 0] lib/util_sock.c:write_data(562)
write_data: write failure in writing to client 192.168.128.103. Error
Connection reset by peer
[2007/12/10 14:45:45, 0] lib/util_sock.c:send_smb(769)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2007/12/10 14:45:45, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2007/12/10 14:45:45, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2007/12/10 14:45:45, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [administrator] ->
[administrator] -> [Administrator] succeeded
[2007/12/10 14:45:45, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving IPC$ as a Dfs root
[2007/12/10 14:45:45, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2797)
Returning domain sid for domain BUTLER ->
S-1-5-21-1965320917-1955335400-7473742
[2007/12/10 14:45:45, 0] passdb/pdb_tdb.c:tdbsam_open(818)
tdbsam_open: Failed to open/create TDB passwd [/var/lib/samba/passdb.tdb]
[2007/12/10 14:45:45, 0] passdb/pdb_tdb.c:tdb_update_sam(1335)
tdbsam_getsampwnam: failed to open /var/lib/samba/passdb.tdb!
You can see the the machine being added is called "TULLY" and the PDC is
called "STAR4"
and the problem seems to be right near the end with:
tdbsam_open: Failed to open/create TDB passwd [/var/lib/samba/passdb.tdb]
[2007/12/10 14:45:45, 0] passdb/pdb_tdb.c:tdb_update_sam(1335)
tdbsam_getsampwnam: failed to open /var/lib/samba/passdb.tdb!
Any ideas? Or should I increase the log level...
Thanks,
Stephen
More information about the samba
mailing list