[Samba] Changing password server to win 2012

richard van beers richard.van.beers at gmail.com
Tue Nov 11 08:57:58 MST 2014 

Hi list,

My goal is to share a few shares from a solaris 9 host with a new win2012
domain. Im rather new to solaris (some years of linux exp, but samba has
been a LONG time ago)

The solaris machine has been created as a machine account in AD under its
hostname by the windows admins in the new win2012 domain. (Thats not me,
although I have domain admin access if need be)

I have an issue changing samba (version 3.0.14a) from the existing win2k3
domain to a new win2012 domain. I have not setup samba on it, and I am not
sure if I need to "join the domain" (The new one). However. Just changing
workgroup + password server fails:

old:
When, from an account with the same name/passw as exists in the old win2k3
DC, I issue a net use like this it works fine:
C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
The command completed successfully.

new:
it fails:
C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
Configuration information could not be read from the domain controller,
either b
ecause the machine is unavailable, or access has been denied.


The old smb.conf:

    workgroup = win.olddomain.intern
    domain master = no
    preferred master = yes
    local master = yes
    domain logons = no
    password server = dc1 dc2
    security = domain

The new smb.conf:
workgroup = nl.newdomain.com
password server = <ip1 of dc1> <ip2 of dc2>
.. other options left same.

a share would be:
[testshare]
  comment       = test share
  path          = /mypath/sharetest
  public        = no
  writeable     = yes
  create mode   = 0770
  inherit permissions = yes
  force directory mode = 2770


If I try to join the new domain it fails too: (Although it validates my
password properly!, using a wrong password fails with: The username or
password was not correct.)


root at barracuda:/usr/local/samba/bin# ./net rpc join -U <myadminuser> -I
192.168.80.211
[2014/11/11 16:43:04, 0] rpc_client/cli_netlogon.c:(256)
  cli_nt_setup_creds: request challenge failed
Password:

[2014/11/11 16:43:29, 0] rpc_client/cli_netlogon.c:(256)
  cli_nt_setup_creds: request challenge failed
[2014/11/11 16:43:29, 0] utils/net_rpc_join.c:(319)
  Error domain join verification (reused connection):
NT_STATUS_INVALID_COMPUTER_NAME

Unable to join domain <shortdomainname>.


Interesting observation:
when starting samba (both with old and new configs) it reports:

Could not list trusted domains
MYSOLARISHOSTNAME
BUILTIN
<oldshortdomainname> or <newshortdomainname> (depending on old or new
config.)




SO, two questions:

- Do I -need- to join the new domain?
- If so, what am I doing wrong to join?


Greetz Richard van Beers

More information about the samba mailing list