[Samba] Computers leaving samba domain

sgmayo at mail.bloomfield.k12.mo.us sgmayo at mail.bloomfield.k12.mo.us
Thu Oct 1 09:10:28 MDT 2009

sgmayo at mail.bloomfield.k12.mo.us wrote:
> sgmayo at mail.bloomfield.k12.mo.us wrote:
>> I am not sure if this is where I need to ask this or not, but I am lost
>> to
>> where to start even.
>> I had 7 computers in one lab that would not login.  It gave the standard
>> "computer account password bad or domain not found".  I had another 9
>> computer in my other lab do the same thing.  It seems that they have
>> suddenly started losing the domain.  I can add them to a workgroup and
>> then re-add them back to the domain and they are fine.
>> I am just scared that they are going to lose the domain again.  I cannot
>> spend all of my time going around removing computers and adding them
>> back
>> to the domain each day.  Any ideas of what could cause this?  Client
>> issue?  Samba issue?  ldap issue?
>> The clients are all Windows XP service pack 3 and the server is a Fedora
>> 10 server running samba and ldap.
>> Usually the only time that I have this happen is if I accidentally add
>> another computer to the domain with the same name.  I understand that,
>> but
>> I have not done that on any of these.
>> One lab has brand new computers.  The other lab just got imaged day
>> before
>> yesterday.  I'll go ahead and get them all added back in, but I need to
>> find what to be looking for if they keep doing this.  Thanks.
> This may be an ldap question.  I was looking at the machines info and I
> checked on about 5 of them.  For some reason it is showing that the
> sambaPwdLastSet has changed in the last couple of days.  Is this supposed
> to ever change for machines if you do not remove them from a domain and
> then add them back in?  I would think it would always stay the same.
> Machines are added by samba with smbldap-useradd -w "%u".

I'll add one more.  From what I can tell, the only machines that I see in
ldap are the ones that I moved over from my old server or ones that I
manually added in from the command line with smbldap-useradd.  Machines
that were not manually added, but get added with 'add machine script =
/usr/local/sbin/smbldap-useradd -w "%u"' are not even showing up in an
ldapsearch.  They have to get added though, because they can log in after
I remove them from the domain and re-add them.

Any ideas of what to check would be greatly appreciated.


Scott Mayo - System Administrator
Bloomfield Schools
PH: 573-568-5669  FA: 573-568-4565

Question: Because it reverses the logical flow of conversation.
Answer: Why is putting a reply at the top of the message frowned upon?

More information about the samba mailing list