[Samba] Problems joining machine to domain
Misty Stanley-Jones
misty at borkholder.com
Wed Sep 5 18:23:34 GMT 2007
Our Samba server was recently the recipient of a major upgrade. I thought
all the kinks were worked out, but apparently not.
I think this is the first time I've tried to join a machine account to the
domain since the upgrade. I've tried using smbldap-tools and also just
using smbpasswd (I have my users in LDAP). I'll also say that 'net join'
works just fine from my Samba domain members to my Samba domain master.
First, the preliminaries:
OS: Ubuntu 7.04 Server
Samba Version: 3.0.24
Smbldap-tools Version: 0.9.2
Passdb Backend: LDAP (openLDAP)
Anyway, when I try to join to the domain using smbldap-tools, here is my
script in smb.conf:
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
If I run that by hand, as root, it adds the posixAccount but not the
sambaSamAccount. On the Windows system I get an error like "No such user".
In the Samba logs, I see an error like this:
[2007/09/05 13:24:55, 3] passdb/pdb_interface.c:pdb_default_create_user(368)
_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -t 0 -w
"xptommy$"' gave 0
[2007/09/05 13:24:55, 3] passdb/pdb_interface.c:pdb_default_create_user(384)
pdb_default_create_user: failed to create a new user structure:
NT_STATUS_NO_SUCH_USER
Just to be sure I had the privileges right:
net rpc rights grant "CORP\Domain Admins" SeMachineAccountPrivilege
I am joining domains as 'root', who is a member of the Domain Admins group:
memberUid: root,misty,carl
Obviously smbldap-tools is set up at least somewhat correctly, because it is
creating the posixAccount. I re-ran 'smbpasswd -W' just to be sure that
Samba could bind to the LDAP server. I also tried using the username
'misty' to join the domain. Same results every time.
Any idea what I can try next, apart from simply adding the sambaSamAccount
objectclass by hand?
Misty Stanley-Jones
System Administrator
More information about the samba
mailing list