[Samba] Samba 4.11.6 cannot JOIN - 'Could not find machine account'
rickh-samba at westernwares.com
Thu Feb 13 01:37:15 UTC 2020
I'm still digging for the solution to this problem...
The error seems to be triggered by some failure with talking to the NBTNS service (lmhosts)
on the windows machine. (Port 137)
Here is the section of the winbindd log where it fails to fetch the machine account:
[2020/02/13 01:18:42.759943, 3]
add_trusted_domain: Added domain [OFFICE] [office.example.com]
[2020/02/13 01:18:42.759997, 5] ../../source3/passdb/passdb.c:2396(get_trust_pw_clear2)
get_trust_pw_clear2: could not fetch clear text trust account password for domain OFFICE
[2020/02/13 01:18:42.760013, 5]
[2020/02/13 01:18:42.760024, 5] ../../source3/passdb/passdb.c:2475(get_trust_pw_hash2)
get_trust_pw_hash: could not fetch trust account password for domain OFFICE
[2020/02/13 01:18:42.760896, 3] ../../lib/ldb-samba/ldb_wrap.c:332(ldb_wrap_connect)
ldb_wrap open of secrets.ldb
[2020/02/13 01:18:42.760970, 1]
Could not find machine account in secrets database: Failed to fetch machine account
password for OFFICE from both secrets.ldb (Could not find entry to match filter: '(&(f$
[2020/02/13 01:18:42.761022, 0]
Failed to fetch our own, local AD domain join password for winbindd's internal use, both
from secrets.tdb and secrets.ldb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
[2020/02/13 01:18:42.763761, 0] ../../source3/winbindd/winbindd_util.c:1217(init_domain_list)
Failed to migrate our own, local AD domain join password for winbindd's internal use into
[2020/02/13 01:18:42.764028, 0]
unable to initialize domain list
A windows server network trace shows several NbtNs "Registration Request"s around the
time of this failure. (which curiously are not answered on the port 137 by the W8K server -
this seems suspicious.)
But the lmhosts service is running on W8K and nbtstatus looks ok.
Also, the Windows firewall allows traffic on port 137 in both directions, so I can't explain this.
More information about the samba