[Samba] Changing password server to win 2012

Rowland Penny rowlandpenny at googlemail.com
Tue Nov 11 09:09:12 MST 2014


On 11/11/14 15:57, richard van beers wrote:
> Hi list,
>
> My goal is to share a few shares from a solaris 9 host with a new win2012
> domain. Im rather new to solaris (some years of linux exp, but samba has
> been a LONG time ago)
>
> The solaris machine has been created as a machine account in AD under its
> hostname by the windows admins in the new win2012 domain. (Thats not me,
> although I have domain admin access if need be)
>
> I have an issue changing samba (version 3.0.14a) from the existing win2k3
> domain to a new win2012 domain. I have not setup samba on it, and I am not
> sure if I need to "join the domain" (The new one). However. Just changing
> workgroup + password server fails:
>
> old:
> When, from an account with the same name/passw as exists in the old win2k3
> DC, I issue a net use like this it works fine:
> C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
> The command completed successfully.
>
> new:
> it fails:
> C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
> Configuration information could not be read from the domain controller,
> either b
> ecause the machine is unavailable, or access has been denied.
>
>
> The old smb.conf:
>
>      workgroup = win.olddomain.intern
>      domain master = no
>      preferred master = yes
>      local master = yes
>      domain logons = no
>      password server = dc1 dc2
>      security = domain
>
> The new smb.conf:
> workgroup = nl.newdomain.com
> password server = <ip1 of dc1> <ip2 of dc2>
> .. other options left same.
>
> a share would be:
> [testshare]
>    comment       = test share
>    path          = /mypath/sharetest
>    public        = no
>    writeable     = yes
>    create mode   = 0770
>    inherit permissions = yes
>    force directory mode = 2770
>
>
> If I try to join the new domain it fails too: (Although it validates my
> password properly!, using a wrong password fails with: The username or
> password was not correct.)
>
>
> root at barracuda:/usr/local/samba/bin# ./net rpc join -U <myadminuser> -I
> 192.168.80.211
> [2014/11/11 16:43:04, 0] rpc_client/cli_netlogon.c:(256)
>    cli_nt_setup_creds: request challenge failed
> Password:
>
> [2014/11/11 16:43:29, 0] rpc_client/cli_netlogon.c:(256)
>    cli_nt_setup_creds: request challenge failed
> [2014/11/11 16:43:29, 0] utils/net_rpc_join.c:(319)
>    Error domain join verification (reused connection):
> NT_STATUS_INVALID_COMPUTER_NAME
>
> Unable to join domain <shortdomainname>.
>
>
> Interesting observation:
> when starting samba (both with old and new configs) it reports:
>
> Could not list trusted domains
> MYSOLARISHOSTNAME
> BUILTIN
> <oldshortdomainname> or <newshortdomainname> (depending on old or new
> config.)
>
>
>
>
> SO, two questions:
>
> - Do I -need- to join the new domain?
> - If so, what am I doing wrong to join?
>
>
> Greetz Richard van Beers
Hi, is there anyway that you can upgrade samba (opencsw ??), '3.0.14a' 
is very old and you are trying to connect to the latest windows server, 
there have been many changes to the protocols in between the two.

Rowland



More information about the samba mailing list