[Samba] can not join linux box to PDC, windows works

robert rottermann robert at redcor.ch
Sun Apr 5 12:47:25 GMT 2009 

Hi ther,
I try to join a linux box to to a bdc.
Attempting to do so produces a failure.

chrissy:~ # net rpc join MEMBER -Uroot%secret -I 10.168.1.2
[2009/04/05 14:35:27,  0] utils/net_rpc_join.c:net_rpc_join_ok(87)
  net_rpc_join_ok: failed to get schannel session key from server 10.168.1.2 for
domain MITELERDE. Error was NT_STATUS_ACCESS_DENIED
Unable to join domain MITELERDE.

when I use a bad password, I get a different error:

chrissy:~ # net rpc join MEMBER -Uroot%secretxx -I 10.168.1.2
Could not connect to server 10.168.1.2
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE


net -V on the client that wants to join prints:
Version 3.2.7-11.2.1-2080-SUSE-CODE11
on the server:
Version 3.2.3

I added the configs of the server and the client.


I would be grateful for pointers how to fix that.

thanks
robert

-------------------------
client that wants to join
-------------------------
[global]
    workgroup = ROTTI
	netbios name = CHRISSY
    security = domain
    idmap gid = 20000-30000
    idmap uid = 20000-30000

    winbind uid = 20000-30000
    winbind gid = 20000-30000
    winbind use default domain = yes

    wins server = 10.168.1.2
    password server = 10.168.1.2
    idmap backend = rid:ROTTI=20000-30000

-------------------------
server
-------------------------
[global]
    workgroup = MITELERDE
    netbios name = FRODO
    passdb backend = tdbsam
    add user script = /usr/sbin/useradd -m %u
    delete user script = /usr/sbin/userdel -m %u
    add group script = /usr/sbin/groupadd -m %u
    delete group script = /usr/sbin/groupadd -m %u
    add user to group script = /usr/sbin/usermod -G %g %u
    add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u

    logon script = scripts\logon.bat

    logon path = \\%L\Profiles\%U
    logon drive = H:
    logon home = \\%L\%U
    domain logons = Yes
    os level = 35
    local master = Yes
    preferred master = Yes
    domain master = Yes
    idmap uid = 15000-20000
    idmap gid = 15000-20000
    printing = cups
    wins support = Yes

More information about the samba mailing list