[Samba] Tearing my hair out:
sgbotsford at gmail.com
Wed Dec 19 19:40:03 GMT 2007
Sherwood Botsford wrote:
> I have a samba 2.2.8a PDC, no windows servers at all.
> The local network works. Conan, the PDC also acts as a WINS server.
> Postie, the DHCP server sets:
> option netbios-name-servers 192.168.1.241 ;
> option netbios-node-type 2 ;
> All clients have lmhosts file with:
> 192.168.1.241 conan #pre #dom:sjsa
> 192.168.1.242 postie #pre
> Last week I needed to reinstall a computer, named pixel
> On server I ran
> smbpasswd -a -m pixel
> to reset the machine account password.
> Pixel runs Win2k SP4
> I go to Pixel and move it to the domain.
> Usual signin and password of domain administrator.
> Long Pause. "Welcome to SJSA domain"
> Now if I try to log in to a domain account, I get the message:
> "The system cannot log you on to this domain because the system computer
> account in its primary domain is missing or the password on that account
> is incorrect."
> Looking in pixel.log I see:
> [2007/12/11 10:41:25, 0] smbd/password.c:domain_client_validate(1558)
> domain_client_validate: could not fetch trust account password for
> domain SJSA
> Looking further, this is a common message in the log files, occuring
> just before shares connect normally.
> Not sure what else to look for.
I had two hosts with the same UID in both master.passwd and in
smbpasswd. So in this case both jabberwocky$ and pixel$ had
UID's of 5100.
How did this happen? Easy. All machines are group 5000. I use
the last octet of the IP to give them a unique UID. Jabberwocky
was turfed. In recycling the IP I failed to remove the old name
from master.passwd and smbpasswd.
(So many places:
Sigh. Anyway, posting this so that the Next Guy can find it
More information about the samba