[Samba] Samba AD domain trust account
Sami Hulkko
sahulkko at gmail.com
Sat Feb 12 18:54:07 UTC 2022
Hi,
I am trying to add domain trust account for additional kerberos domain
in Samba AD DC with command:
net rpc trustdom add <domain_name> <passwd>
-UAdministrator%<administrator_password>
What happens is that the account is created into ldap database and I can
see it in Windows 11 machine
the command gives error message:
Could not set trust account password: NT_STATUS_ACCESS_DENIED
with command pdbedit -Lw <account_name>\$ i see:
<account_name>$:3000052:NO
PASSWORDXXXXXXXXXXXXXXXXXXXXX:2D2C9A3DC21D9CAFD008D1232D77B9D0:[NDU
]:LCT-6207FF7A:
the [NDU ] should be [I ] according to some documentation.
My version of samba is: Version 4.13.17-Ubuntu
There is nothing on logs I could see of related to this incident. How
should I debug this?
--
Sami Hulkko
More information about the samba
mailing list