[Samba] Domain Authentication Problem

Kris Donate kdonate at d2d.com
Fri Mar 9 15:36:59 GMT 2007

Folks - I could really use some hints and ideas.  Thanks!!!

Not less than 3 months ago we had our Solaris 9 samba server working 
happily.  This is with samba 3.0.24 without ads support.  The pertinent 
sections of the smb.conf file follow:


# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
  workgroup = mydomain
  security = domain

We created the machine trust acount on the server than used
 > net rpc join -U administrator%passwd
to join the domain.  Great huh?!

Well, now when we try to access the samba server we get a message saying 
the trust relationship has been lost.  We have tried shuting down and 
restarting samba numerous time and also deleting and recreating the 
trust account several times.

When I try to run the net join command I get:

# ./net join -U administrator%passwd
Could not initialise lsa pipe
[2007/03/08 08:53:14, 0] utils/net_rpc_join.c:net_rpc_join_ok(70)
 net_rpc_join_ok: failed to get schannel session key from server 
<mysrvr> for domain mydomain. Error was NT_STATUS_ACCESS_DENIED
Unable to join domain mydomain.

Nothing was changed in the smb.conf file and my win admin states nothing 
changed on his end.  Time is sketchy, but he promises the SP1 update to 
the domain controller happened before the problems started.  I'm not 

Any ideas and suggestions are GREATLY appreciated.

Many thanks,

More information about the samba mailing list