[Samba] Changing password server to win 2012
richard van beers
richard.van.beers at gmail.com
Tue Nov 11 09:46:02 MST 2014
This seems funny too:
root at barracuda:/usr/local/samba/bin# pkginfo -l CSWsambacommon
PKGINST: CSWsambacommon
NAME: samba_common - Tools to access a server's filespace and
printers via SMB (common)
CATEGORY: application
ARCH: sparc
VERSION: 3.0.23,REV=2006.08.09b
VENDOR: http://www.samba.org/ packaged for CSW by Fredrik Lundholm
PSTAMP: ra20060809091430
INSTDATE: Aug 06 2013 15:08
HOTLINE: http://www.opencsw.org/bugtrack/
EMAIL: fredrik at opencsw.org
STATUS: completely installed
FILES: 55 installed pathnames
4 shared pathnames
11 directories
13 executables
31890 blocks used (approx)
root at barracuda:/usr/local/samba/bin# ./smb
smbcacls smbclient smbcontrol smbcquotas smbpasswd smbspool
smbstatus smbtar smbtree
root at barracuda:/usr/local/samba/bin# ../sbin/smbd -V
Version 3.0.14a
Looks like the used version (3.014) is not the same as the installed
version... I bet the previous admin was also not a sun guru... :/ (Right
now I wish -I- was...)
Gr RichardvB
On Tue, Nov 11, 2014 at 5:25 PM, richard van beers <
richard.van.beers at gmail.com> wrote:
> There might be.
>
> Got a small step further:
>
> After realizing the solaris machine was still looking at the old DNS, I
> pointed resolv.conf to the new DNS, and used the -S flag:
> root at barracuda:/usr/local/samba/bin# ./net rpc join -U rbeers -S
> rbn-srv-5211
> Password:
>
> [2014/11/11 17:10:54, 0] utils/net_rpc_join.c:(319)
> Error domain join verification (reused connection): NT code 0xc0000388
>
> This seems to point to a bug that indeed has been resolved in 3.2 and
> higher.
>
> We seem to have no solaris support (hence the old SUNS with old solaris
> and ye olde samba)
>
> So if I go that route, I likely would need to compile from source or get a
> ready package for sol9. If we need to go that route, my lack of solaris
> know-how scares me :) Im not even sure where the original solaris 9CD's are
> (I have found untouched boxes of solaris 10) and have no good idea of how
> to get missing dependancies if I need those.
>
>
>
> Gr RichardvB
>
>
> On Tue, Nov 11, 2014 at 5:09 PM, Rowland Penny <
> rowlandpenny at googlemail.com> wrote:
>
>> On 11/11/14 15:57, richard van beers wrote:
>>
>>> Hi list,
>>>
>>> My goal is to share a few shares from a solaris 9 host with a new win2012
>>> domain. Im rather new to solaris (some years of linux exp, but samba has
>>> been a LONG time ago)
>>>
>>> The solaris machine has been created as a machine account in AD under its
>>> hostname by the windows admins in the new win2012 domain. (Thats not me,
>>> although I have domain admin access if need be)
>>>
>>> I have an issue changing samba (version 3.0.14a) from the existing win2k3
>>> domain to a new win2012 domain. I have not setup samba on it, and I am
>>> not
>>> sure if I need to "join the domain" (The new one). However. Just changing
>>> workgroup + password server fails:
>>>
>>> old:
>>> When, from an account with the same name/passw as exists in the old
>>> win2k3
>>> DC, I issue a net use like this it works fine:
>>> C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
>>> The command completed successfully.
>>>
>>> new:
>>> it fails:
>>> C:\Users\myuser>net use z: \\mysolarismachineIP\testshare
>>> Configuration information could not be read from the domain controller,
>>> either b
>>> ecause the machine is unavailable, or access has been denied.
>>>
>>>
>>> The old smb.conf:
>>>
>>> workgroup = win.olddomain.intern
>>> domain master = no
>>> preferred master = yes
>>> local master = yes
>>> domain logons = no
>>> password server = dc1 dc2
>>> security = domain
>>>
>>> The new smb.conf:
>>> workgroup = nl.newdomain.com
>>> password server = <ip1 of dc1> <ip2 of dc2>
>>> .. other options left same.
>>>
>>> a share would be:
>>> [testshare]
>>> comment = test share
>>> path = /mypath/sharetest
>>> public = no
>>> writeable = yes
>>> create mode = 0770
>>> inherit permissions = yes
>>> force directory mode = 2770
>>>
>>>
>>> If I try to join the new domain it fails too: (Although it validates my
>>> password properly!, using a wrong password fails with: The username or
>>> password was not correct.)
>>>
>>>
>>> root at barracuda:/usr/local/samba/bin# ./net rpc join -U <myadminuser> -I
>>> 192.168.80.211
>>> [2014/11/11 16:43:04, 0] rpc_client/cli_netlogon.c:(256)
>>> cli_nt_setup_creds: request challenge failed
>>> Password:
>>>
>>> [2014/11/11 16:43:29, 0] rpc_client/cli_netlogon.c:(256)
>>> cli_nt_setup_creds: request challenge failed
>>> [2014/11/11 16:43:29, 0] utils/net_rpc_join.c:(319)
>>> Error domain join verification (reused connection):
>>> NT_STATUS_INVALID_COMPUTER_NAME
>>>
>>> Unable to join domain <shortdomainname>.
>>>
>>>
>>> Interesting observation:
>>> when starting samba (both with old and new configs) it reports:
>>>
>>> Could not list trusted domains
>>> MYSOLARISHOSTNAME
>>> BUILTIN
>>> <oldshortdomainname> or <newshortdomainname> (depending on old or new
>>> config.)
>>>
>>>
>>>
>>>
>>> SO, two questions:
>>>
>>> - Do I -need- to join the new domain?
>>> - If so, what am I doing wrong to join?
>>>
>>>
>>> Greetz Richard van Beers
>>>
>> Hi, is there anyway that you can upgrade samba (opencsw ??), '3.0.14a' is
>> very old and you are trying to connect to the latest windows server, there
>> have been many changes to the protocols in between the two.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
More information about the samba
mailing list