[Samba] Samba 3.0.29 -> 3.0.30 Trust Relationship Failure
Aaron Browne
gopodge at gmail.com
Tue Jun 24 06:11:40 GMT 2008
Recently built 3.0.30 for testing and cannot establish a Trust Relationship
with our Windows 2003 domain controller. Joining
the domain seems to work but shares are unavailable. Working backwards, I
ended up identifying Samba 3.0.28a
as a working build. Any version after that does not work.
I did see two other posts that look similar in behaviour but not 100% sure
if they are the same. Have reviewed release notes etc
http://lists.samba.org/archive/samba/2008-May/141006.html
http://lists.samba.org/archive/samba/2008-June/141128.html
Short error log from 3.0.29 below.
Cheers,
Aaron
++++ CLIENT
session setup failed: NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE
++++ SERVER
[2008/06/24 11:23:49, 0] smbd/server.c:main(944)
smbd version 3.0.29 started.
Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/06/24 11:23:49, 0] param/loadparm.c:lp_do_parameter(3545)
Global parameter guest account found in service section!
[2008/06/24 11:23:49, 0] printing/pcap.c:pcap_cache_reload(159)
Unable to open printcap file /etc/printcap for read!
[2008/06/24 11:23:49, 0] printing/pcap.c:pcap_cache_reload(159)
Unable to open printcap file /etc/printcap for read!
[2008/06/24 11:23:49, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(241)
startsmbfilepwent_internal: file /opt/samba/private/smbpasswd did not
exist. File successfully created.
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 1 (min password
length), returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 2 (password history),
returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 3 (user must logon to
change password), returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 4 (maximum password
age), returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 5 (minimum password
age), returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 6 (lockout duration),
returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 7 (reset count
minutes), returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 8 (bad lockout
attempt), returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 9 (disconnect time),
returning 0
[2008/06/24 11:23:49, 1] lib/account_pol.c:account_policy_get(286)
account_policy_get: tdb_fetch_uint32 failed for field 10 (refuse machine
password change), returning 0
[2008/06/24 11:24:16, 0]
rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
cli_rpc_pipe_open_schannel: failed to get schannel session key from server
DC1 for domain WATER.
[2008/06/24 11:24:16, 0]
auth/auth_domain.c:connect_to_domain_password_server(119)
connect_to_domain_password_server: unable to open the domain client session
to machine DC1. Error was : NT_STATUS_ACCESS_DENIED.
[2008/06/24 11:24:16, 0]
rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
cli_rpc_pipe_open_schannel: failed to get schannel session key from server
DC1 for domain WATER.
[2008/06/24 11:24:16, 0]
auth/auth_domain.c:connect_to_domain_password_server(119)
connect_to_domain_password_server: unable to open the domain client session
to machine DC1. Error was : NT_STATUS_ACCESS_DENIED.
[2008/06/24 11:24:16, 0]
rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
cli_rpc_pipe_open_schannel: failed to get schannel session key from server
DC1 for domain WATER.
[2008/06/24 11:24:16, 0]
auth/auth_domain.c:connect_to_domain_password_server(119)
connect_to_domain_password_server: unable to open the domain client session
to machine DC1. Error was : NT_STATUS_ACCESS_DENIED.
[2008/06/24 11:24:16, 0] auth/auth_domain.c:domain_client_validate(220)
domain_client_validate: Domain password server not available.
More information about the samba
mailing list