[Samba] Cannot join server to Samba4 NT4 domain

Marcio Vogel Merlone dos Santos marcio.merlone at a1.ind.br
Wed May 4 19:16:20 UTC 2016 

Em 28-04-2016 12:14, Rowland penny escreveu:
> On 28/04/16 15:16, MI wrote:
>> I have a Samba 4 NT4 PDC (Version 4.1.17-Debian) with openLDAP.
>>
>> I would like to add another server, and have it authenticate users 
>> against openLDAP. I thought I had to add the new server to the domain 
>> with "net rpc join", but that seems to think I want to join an AD 
>> domain, and fails:
>>
>>     # net rpc join -U root%mypassword
>>     No realm has been specified! Do you really want to join an Active 
>> Directory server?
>>     Failed to join domain: failed to lookup DC info for domain 
>> 'MYDOMAIN' over rpc: This error indicates that the requested
>>     operation cannot be completed due to a catastrophic media failure 
>> or an on-disk data structure corruption.
>>
>
> I did something similar last week in a test domain and had a similar 
> problem, I got it to work by using 'administrator' instead of 'root'. 
> It still complained about active directory, I think somebody changed 
> 'net' without considering NT-4 style domains.

Sorry to say just "me too".

Trying to join my Mint 17.3 Desktop (samba 
2:4.3.9+dfsg-0ubuntu0.14.04.1) as a NT4-style domain member of an old 
3.4 samba PDC (2:3.4.7~dfsg-1ubuntu3.15) I get this:

mic-158 samba # net rpc join -S pdc -U administrador
No realm has been specified! Do you really want to join an Active 
Directory server?
Enter administrador's password:
smb_signing_good: BAD SIG: seq 1
Failed to join domain: failed to lookup DC info for domain 'DOM' over 
rpc: Access denied
mic-158 samba #

Log from server:
[2016/05/04 14:51:15,  2] lib/smbldap.c:890(smbldap_open_connection)
   smbldap_open_connection: connection opened
[2016/05/04 14:51:15,  2] passdb/pdb_ldap.c:2434(init_group_from_ldap)
   init_group_from_ldap: Entry found for group: 5144
[2016/05/04 14:51:15,  0] rpc_server/srv_netlog_nt.c:336(get_md4pw)
   get_md4pw: Workstation MIC-158$: no account in domain
[2016/05/04 14:51:15,  0] 
rpc_server/srv_netlog_nt.c:584(_netr_ServerAuthenticate3)
   _netr_ServerAuthenticate3: failed to get machine password for account 
MIC-158$: NT_STATUS_ACCESS_DENIED
[2016/05/04 14:51:15,  0] rpc_server/srv_netlog_nt.c:336(get_md4pw)
   get_md4pw: Workstation MIC-158$: no account in domain
[2016/05/04 14:51:15,  0] 
rpc_server/srv_netlog_nt.c:584(_netr_ServerAuthenticate3)
   _netr_ServerAuthenticate3: failed to get machine password for account 
MIC-158$: NT_STATUS_ACCESS_DENIED

Frozen hell: no problem to add Windows XP, 7, 8.x, 10 machines to 
domain. Just another samba.

Found any workaround? Tks, best regards.


-- 
*Marcio Merlone*

More information about the samba mailing list