[Samba] unix password sync causes domain joining problem?

Marcin Giedz giedz at arise.pl
Thu Jul 26 15:29:15 GMT 2007


Hello,

Today I've been trying to set up new test based on 3.0.25b. In some ways 
I've managed to join Windows machines to domain but not linux machine. 
All the time I get:

test1:/etc# /opt/samba-3.0.25b/bin/net rpc join -U giedz%qwerty
[2007/07/26 19:11:21, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(304)
error setting trust account password: NT_STATUS_ACCESS_DENIED
Unable to join domain GIEDZ.
test1:/etc#

I checked test1.log file and got:

[2007/07/26 17:19:59, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2007/07/26 17:19:59, 10] lib/gencache.c:gencache_get(226)
Returning valid cache entry: key = ACCT_POL/password history, value = 0
, timeout = Thu Jul 26 17:26:37 2007
[2007/07/26 17:19:59, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user test1$
[2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(75)
Trying _Get_Pwnam(), username as lowercase is test1$
[2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(93)
Trying _Get_Pwnam(), username as uppercase is TEST1$
[2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(102)
Checking combinations of 0 uppercase letters in test1$
[2007/07/26 17:19:59, 5] lib/username.c:Get_Pwnam_internals(108)
Get_Pwnam_internals didn't find user [test1$]!
[2007/07/26 17:19:59, 1] rpc_server/srv_samr_nt.c:set_user_info_pw(3410)
chgpasswd: Username does not exist in system !?!
[2007/07/26 17:19:59, 3] smbd/chgpasswd.c:chgpasswd(462)
chgpasswd: Password change (as_root=Yes) for user: test1$
[2007/07/26 17:19:59, 0] smbd/chgpasswd.c:chgpasswd(521)
chgpasswd: user test1$ doesn't exist in the UNIX password database.
[2007/07/26 17:19:59, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
pop_sec_ctx (1001, 513) - sec_ctx_stack_ndx = 0
[2007/07/26 17:19:59, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 samr_io_r_set_userinfo
[2007/07/26 17:19:59, 5] rpc_parse/parse_prs.c:prs_ntstatus(769)
0000 status: NT_STATUS_ACCESS_DENIED

Really strange...why UNIX password database since I have LDAP. In my 
smb.conf file I have:

ldap passwd sync = No
unix password sync = Yes
passwd program = /opt/samba-3.0.25b/bin/spasswd.pl -u %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n

Looks normal. However "unix password sync = Yes" prevents me from 
joining linux machine to domain. When I remove the line I can join 
domain well.

I also found that if "unix password sync = Yes" my LDAP gets queries 
regarding test1$ (machine name) in ou=people tree which seems like a 
mistake/bug?

Jul 26 17:19:59 zastest slapd[27192]: conn=82 op=1 SRCH 
base="ou=people,dc=giedz,dc=pl" scope=1 deref=0 filter="(&(objec
tClass=posixAccount)(uid=test1$))"
Jul 26 17:19:59 zastest slapd[27192]: conn=82 op=1 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory login
Shell gecos description objectClass
Jul 26 17:19:59 zastest slapd[27192]: conn=82 op=1 SEARCH RESULT tag=101 
err=0 nentries=0 text=


.... or maybe I do something wrong? Can you please correct me or confirm 
this strange behaviour.

Regards,
Marcin

-- 
ARISE M.Giedz, T.Żebruń sp.j.
http: www.arise.pl
mail: giedz at arise.pl
tel: +48 502 537 157




More information about the samba mailing list