[Samba] Buffalo Terastation with 3.0.23d PDC and LDAP backend?

Eric Knudstrup eric at knudstrup.org
Wed Mar 7 02:01:56 GMT 2007

I have my system properly running as a PDC now, but I'm having trouble 
getting one of the machines here to join the domain.
This system is a Buffalo Terastation Pro.  For this system I have to 
create the machine trust account manually.  The domain access fails as 
[2007/03/06 17:51:44, 2] lib/smbldap.c:smbldap_open_connection(788)
  smbldap_open_connection: connection opened
[2007/03/06 17:51:44, 2] smbd/reply.c:reply_tcon_and_X(711)
  Serving IPC$ as a Dfs root
[2007/03/06 17:51:44, 2] passdb/pdb_ldap.c:init_sam_from_ldap(541)
  init_sam_from_ldap: Entry found for user: vault1$
[2007/03/06 17:51:44, 2] passdb/pdb_ldap.c:init_group_from_ldap(2140)
  init_group_from_ldap: Entry found for group: 513
[2007/03/06 17:51:44, 0] rpc_server/srv_netlog_nt.c:get_md4pw(258)
  get_md4pw: Workstation VAULT1$: account is not a trust account
[2007/03/06 17:51:44, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461)
  _net_auth2: failed to get machine password for account VAULT1$: 
[2007/03/06 17:51:46, 2] lib/smbldap.c:smbldap_open_connection(788)
  smbldap_open_connection: connection opened
[2007/03/06 17:51:46, 2] smbd/reply.c:reply_tcon_and_X(711)

slapcat returns this for the vault1 account:
dn: uid=vault1$,ou=Computers,dc=<MY DOMAIN>,dc=com
uid: vault1$
uidNumber: 1003
homeDirectory: /dev/null
description: Computer
structuralObjectClass: inetOrgPerson
entryUUID: 96c250c8-608e-102b-8430-bb92676cee49
creatorsName: cn=Manager,dc=<MY DOMAIN>,dc=com
createTimestamp: 20070307002900Z
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaPwdLastSet: 1173227352
sambaLMPassword: 5D28B17651A6D0E4FBDB26A17E21D0C1
sambaNTPassword: 728AF3A1A793361485674B7B2833CEE7
sambaSID: S-1-5-21-3868333197-704855571-3977030669-3006
gecos: Computer,,,,
cn: Computer
sn: Computer
loginShell: /bin/false
gidNumber: 513
sambaPrimaryGroupSID: S-1-5-21-2139989288-483860436-2398042574-513
sambaAcctFlags: IW
entryCSN: 20070307013727Z#000000#00#000000
modifiersName: cn=Manager,dc=<MY DOMAIN>,dc=com
modifyTimestamp: 20070307013727Z

I added this account using smbldap-useradd -w -i vault1 and had to 
change the gidNumber to 513 and also set the W sambaAcctFlags value.
Can anyone help?



More information about the samba mailing list