[Samba] [SOLVED] Problem authenticating from standalone servers via Samba 3.0.34 domain member servers to Samba 3.2.5 domain controller

Eric Shubert ejs at shubes.net
Thu Aug 29 09:30:12 MDT 2013 

I'm posting the solution for posterity.

This is sooo lame that I'm almost embarrased. The problem was that nmbd 
wasn't running on the PDC. Somewhere between 3.0 and 3.6, RH changed the 
smb init script to only control smbd, and nmbd now has its own init 
script. DOH! (Note, I do like the change though)

Solution:
# service nmb start
# chkconfig nmb on

I'm a little surprised (and disappointed) that nobody here realized 
this. It's sort of obvious to me now.

P.S. I'm not sure if this was the solution for the original poster or not.

-- 
-Eric 'shubes'

On 08/25/2013 09:49 AM, Eric Shubert wrote:
> I think I've come across this same problem, although I'm migrating from
> 3.0.33 (CentOS5) to 3.6 (CentOS6).
>
> I've migrated the domain controller from 3.0.33 to 3.6 first. I dumped
> and restored the passwd, secrets and schannel_store tdb files from 3.0
> to 3.6, and also migrated the linux accounts and groups. Windows XP
> clients are able to log into the domain. However, the 3.0.33 file server
> is unable to find the domain controller.
>
> I can see the shares on the DC from the file server:
> # net rpc -S tacs-dc.stor -U shubes SHARE
> Password:
> homes
> admin
> ops
> r3i
> IPC$
> shubes
> #
>
> However, the file server cannot find the DC:
> # net rpc trustdom list
> Unable to find a suitable server
> [2013/08/25 08:26:15, 0] utils/net_rpc.c:rpc_trustdom_list(6083)
>    Couldn't connect to domain controller
> #
>
> I'm also seeing this in the file server's log:
> [2013/08/25 07:45:43, 3] libsmb/namequery.c:get_dc_list(1495)
>    get_dc_list: preferred server list: ", tacs-dc.stor"
> [2013/08/25 07:45:43, 3] libsmb/namequery.c:resolve_lmhosts(966)
>    resolve_lmhosts: Attempting lmhosts lookup for name tacs-dc.stor<0x20>
> [2013/08/25 07:45:43, 3] libsmb/namequery.c:resolve_wins(863)
>    resolve_wins: Attempting wins lookup for name tacs-dc.stor<0x20>
> [2013/08/25 07:45:43, 3] libsmb/namequery.c:resolve_wins(866)
>    resolve_wins: WINS server resolution selected and no WINS servers
> listed.
> [2013/08/25 07:45:43, 3] libsmb/namequery.c:resolve_hosts(1029)
>    resolve_hosts: Attempting host lookup for name tacs-dc.stor<0x20>
> [2013/08/25 07:45:48, 3] libsmb/trusts_util.c:enumerate_domain_trusts(167)
>    enumerate_domain_trusts: can't locate a DC for domain R3I
>
> The domain SID in the secrets.tdb files on both hosts match the SID of
> the the DC host.
>
> I figure there's something I've missed in migrating the DC that has
> broken the trust, but haven't been able to find the problem yet.
>
> Any ideas will be appreciated.
> Thanks.
>

More information about the samba mailing list