[Samba] member joined, but...

Rowland Penny rowlandpenny at googlemail.com
Tue Apr 1 09:19:00 MDT 2014


On 01/04/14 16:00, L.P.H. van Belle wrote:
> Hai,
>   
> I have automated the install of my member server.
> Followed the wiki : https://wiki.samba.org/index.php/Samba/Domain_Member
>   
> Everything works nicely, but... .. read on..  ;-)
>   
> ok, so wiki says: https://wiki.samba.org/index.php/Setup_and_configure_file_shares
>   
> and now im at the point : SeDiskOperatorPrivilege
> and .. for the DC's installed this worked without problems...
>   
> but for the domain member. im getting ...
>   
> net rpc rights list accounts -Uadministrator
> Enter administrator's password:
> Could not connect to server 127.0.0.1
> The username or password was not correct.
> Connection failed: NT_STATUS_LOGON_FAILURE
>
> net -S servername rpc rights list accounts -Uadministrator
> Enter administrator's password:
> Could not connect to server rtd-mem-001
> The username or password was not correct.
> Connection failed: NT_STATUS_LOGON_FAILURE
>
> net -S servername.internal.domain.tld rpc rights list accounts -Uadministrator
> Enter administrator's password:
> Could not connect to server servername.internal.domain.tld
> The username or password was not correct.
> Connection failed: NT_STATUS_LOGON_FAILURE
>
> and ofcourse setting the Se right didnt work
>   
> net rpc rights grant 'MYDOMAIN\Domain Admins' SeDiskOperatorPrivilege -Uadministrator
> Enter administrator's password:
> Could not connect to server 127.0.0.1
> The username or password was not correct.
> Connection failed: NT_STATUS_LOGON_FAILURE
>
>   
> so..
> /etc/hosts ( checked )
> /etc/nsswitch.conf ( checked )
> /etc/resolv.conf (check)
> /var/log/samba/ all logs checked, no errors at all.
> kinit Administrator  ( checked )
>   
> /etc/samba/smb.conf
>   
> [global]
>   
>     workgroup = INTERNAL
>     security = ADS
>     realm = INTERNAL.DOMAIN.TLD
>   
>     idmap config *:backend = tdb
>     idmap config *:range = 500001-800000
>     idmap config BAZRTD:backend = ad
>     idmap config BAZRTD:schema_mode = rfc2307
>     idmap config BAZRTD:range = 10000-400000
>   
>     winbind nss info = rfc2307
>     winbind trusted domains only = no
>     winbind use default domain = yes
>     #winbind enum users  = yes
>     #winbind enum groups = yes
>   
>     template shell = /bin/bash
>     template homedir = /home/samba/DOMAIN/%USERNAME%
>   
>     # For ACL support on member server
>     vfs objects = acl_xattr
>     map acl inherit = Yes
>     store dos attributes = Yes
>   
>     # disable printing completely
>     load printers = no
>     printing = bsd
>     printcap name = /dev/null
>     disable spoolss = yes
>   
>   
>   
> Anyone an idee?
>   
>   
>   
>
Hi Louis, it seems to be asking localhost:

Could not connect to server 127.0.0.1

What have you got in /etc/resolv.conf & /etc/krb5.conf ??

Rowland



More information about the samba mailing list