[Samba] Changing password server to win 2012

Rowland Penny rowlandpenny at googlemail.com
Tue Nov 11 09:42:16 MST 2014 

On 11/11/14 16:25, richard van beers wrote:
> There might be.
>
> Got a small step further:
>
> After realizing the solaris machine was still looking at the old DNS, I
> pointed resolv.conf to the new DNS, and used the -S flag:
> root at barracuda:/usr/local/samba/bin# ./net rpc join -U rbeers -S
> rbn-srv-5211
> Password:
>
> [2014/11/11 17:10:54, 0] utils/net_rpc_join.c:(319)
>    Error domain join verification (reused connection): NT code 0xc0000388
>
> This seems to point to a bug that indeed has been resolved in 3.2 and
> higher.
>
> We seem to have no solaris support (hence the old SUNS with old solaris and
> ye olde samba)
>
> So if I go that route, I likely would need to compile from source or get a
> ready package for sol9. If we need to go that route, my lack of solaris
> know-how scares me :) Im not even sure where the original solaris 9CD's are
> (I have found untouched boxes of solaris 10) and have no good idea of how
> to get missing dependancies if I need those.
>
>
>
> Gr RichardvB
>
>
> On Tue, Nov 11, 2014 at 5:09 PM, Rowland Penny <rowlandpenny at googlemail.com>
> wrote:
>
>> On 11/11/14 15:57, richard van beers wrote:
>>
>>> Hi list,
>>>
>>> My goal is to share a few shares from a solaris 9 host with a new win2012
>>> domain. Im rather new to solaris (some years of linux exp, but samba has
>>> been a LONG time ago)
>>>
>>> The solaris machine has been created as a machine account in AD under its
>>> hostname by the windows admins in the new win2012 domain. (Thats not me,
>>> although I have domain admin access if need be)
>>>
>>> I have an issue changing samba (version 3.0.14a) from the existing win2k3
>>> domain to a new win2012 domain. I have not setup samba on it, and I am not
>>> sure if I need to "join the domain" (The new one). However. Just changing
>>> workgroup + password server fails:
>>>
>>> old:
>>> When, from an account with the same name/passw as exists in the old win2k3
>>> DC, I issue a net use like this it works fine:
>>> C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
>>> The command completed successfully.
>>>
>>> new:
>>> it fails:
>>> C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
>>> Configuration information could not be read from the domain controller,
>>> either b
>>> ecause the machine is unavailable, or access has been denied.
>>>
>>>
>>> The old smb.conf:
>>>
>>>       workgroup = win.olddomain.intern
>>>       domain master = no
>>>       preferred master = yes
>>>       local master = yes
>>>       domain logons = no
>>>       password server = dc1 dc2
>>>       security = domain
>>>
>>> The new smb.conf:
>>> workgroup = nl.newdomain.com
>>> password server = <ip1 of dc1> <ip2 of dc2>
>>> .. other options left same.
>>>
>>> a share would be:
>>> [testshare]
>>>     comment       = test share
>>>     path          = /mypath/sharetest
>>>     public        = no
>>>     writeable     = yes
>>>     create mode   = 0770
>>>     inherit permissions = yes
>>>     force directory mode = 2770
>>>
>>>
>>> If I try to join the new domain it fails too: (Although it validates my
>>> password properly!, using a wrong password fails with: The username or
>>> password was not correct.)
>>>
>>>
>>> root at barracuda:/usr/local/samba/bin# ./net rpc join -U <myadminuser> -I
>>> 192.168.80.211
>>> [2014/11/11 16:43:04, 0] rpc_client/cli_netlogon.c:(256)
>>>     cli_nt_setup_creds: request challenge failed
>>> Password:
>>>
>>> [2014/11/11 16:43:29, 0] rpc_client/cli_netlogon.c:(256)
>>>     cli_nt_setup_creds: request challenge failed
>>> [2014/11/11 16:43:29, 0] utils/net_rpc_join.c:(319)
>>>     Error domain join verification (reused connection):
>>> NT_STATUS_INVALID_COMPUTER_NAME
>>>
>>> Unable to join domain <shortdomainname>.
>>>
>>>
>>> Interesting observation:
>>> when starting samba (both with old and new configs) it reports:
>>>
>>> Could not list trusted domains
>>> MYSOLARISHOSTNAME
>>> BUILTIN
>>> <oldshortdomainname> or <newshortdomainname> (depending on old or new
>>> config.)
>>>
>>>
>>>
>>>
>>> SO, two questions:
>>>
>>> - Do I -need- to join the new domain?
>>> - If so, what am I doing wrong to join?
>>>
>>>
>>> Greetz Richard van Beers
>>>
>> Hi, is there anyway that you can upgrade samba (opencsw ??), '3.0.14a' is
>> very old and you are trying to connect to the latest windows server, there
>> have been many changes to the protocols in between the two.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
OK, it might help if you look here: http://www.opencsw.org/

They seem to have samba packages for Solaris 9

It has been sometime since I used Solaris 9 on a Sun Sparc system, but I 
seem to remember that you can just download the required files and 
install them with Solaris's own tools.

Rowland

More information about the samba mailing list