[Samba] trouble joining AD domain.
kevin at rentec.com
Mon Jul 23 19:05:06 GMT 2007
I'm running samba-3.0.25b w/Linux 220.127.116.11 (SUSE 10.1), newly compiled.
I've joined the AD domain (which is a subdomain) whose PDC is Win2K3
server and which is running in native mode but allowing NT4 members.
From the HOWTO, I followed the instructions - manually created the
computer account, then did the "net rpc join ...." and successfully
joined the AD domain.
From the AD Users and Computers console on the PDC, I can see my
machine. But that's all - though I've created shares on it, I can't
browse them from another host, nor access them directly. And when I
just browse the domain itself in Explorer, I don't see my machine.
When I try to view a share on it from a W2K3 box on the domain, I see:
"\\sambabox is not accessibe. You might not have permission to use this
network resource (more omitted) There are currently no logon servers
available to service the logon request"
When I do wbinfo -t on the samba box, I see:
# wbinfo -t
checking the trust secret via RPC calls failed
error code was (0x0)
Could not check secret
When I use smbclient to try to connect locally, the meaningful-looking
lines output to the log are:
[2007/07/23 14:59:47, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1060)
NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=
[2007/07/23 14:59:47, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(739)
Got user=[kevin] domain=[I01.ADI.xxxxxx.COM] workstation=[sambabox1]
[2007/07/23 14:59:47, 5] auth/auth_ntlmssp.c:auth_ntlmssp_set_challenge(69)
[2007/07/23 14:59:47, 5] auth/auth_util.c:make_user_info_map(161)
make_user_info_map: Mapping user [I01.ADI.xxxxxx.COM]\[kevin] from
[2007/07/23 15:00:18, 5]
no timestamp for trusted domain cache located.
[2007/07/23 15:00:18, 5] libsmb/namequery.c:saf_fetch(133)
saf_fetch: failed to find server for "I01.ADI.xxxxxx.COM" domain
[2007/07/23 15:00:18, 3] libsmb/namequery.c:get_dc_list(1489)
get_dc_list: preferred server list: ", i01-ny-dc1.rentec.com"
[2007/07/23 15:00:18, 5] libads/dns.c:sitename_fetch(676)
sitename_fetch: No stored sitename for
[2007/07/23 15:00:18, 5] libsmb/namecache.c:namecache_fetch(214)
name i01-ny-dc1.rentec.com#20 found.
[2007/07/23 15:00:18, 4] libsmb/namequery.c:get_dc_list(1599)
get_dc_list: returning 1 ip addresses in an ordered list
[2007/07/23 15:00:18, 4] libsmb/namequery.c:get_dc_list(1600)
[2007/07/23 15:00:18, 5] libsmb/namecache.c:namecache_status_fetch(346)
[2007/07/23 15:00:22, 3] libsmb/trusts_util.c:enumerate_domain_trusts(165)
enumerate_domain_trusts: can't locate a DC for domain I01.ADI.xxxxxx.COM
check_ntlm_password: winbind authentication for user [kevin] FAILED
with error NT_STATUS_NO_LOGON_SERVERS
[2007/07/23 15:00:57, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [kevin] -> [kevin]
FAILED with error NT_STATUS_NO_LOGON_SERVERS
[2007/07/23 15:00:57, 5] auth/auth_util.c:free_user_info(2045)
Any other useful information I could provide??
More information about the samba