[Samba] Samba 4.11.6 cannot JOIN - 'Could not find machine account'

Andrew Bartlett abartlet at samba.org
Fri Feb 14 20:03:57 UTC 2020


On Fri, 2020-02-14 at 12:47 -0700, Rick Hollinbeck via samba wrote:
> Dug deeper (i.e. into the source code)... no answer yet.
> 
> The samba join process is failing when fetching the domain's machine password
> from the secrets.tdb database, which presumably it has just built as part of the JOIN..
> 
> Specifically, it is looking for an entry: "SECRETS/$MACHINE.ACC/OFFICE" in secrets.tdb.

I'm really sorry for this red herring.  We are actually hoping for the
reverse.

The hope is that this fails, because this means we are not successfully
joined to this domain already (we use the password to connect, if we
connect successfully we fail). 

This was added to prevent administrators accidentally re-joining
existing, fully functional DCs to the domain, and so triggering a
replication flush around a potentially quite large domain.

Sadly it triggers debug messages because it is using the code
'backwards'  and this would normally be a problem.

Your error is later than this.

Sorry,

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba





More information about the samba mailing list