problem when logging on a vampired PDC
Andrew Bartlett
abartlet at samba.org
Mon Apr 21 11:50:27 GMT 2003
On Fri, 2003-04-11 at 17:08, Guillaume LACHENAL wrote:
> Hi !
>
> attempting to secretly replace our NT PDC, we issue a 'net rpc vampire'
> on a fresh samba server.
>
> the problem is when we move a workstation (member of the domain of
> course) from the subnet A (with NTPDC) to subnet B (with SambaPDC) and
> try to loggin on the domain, it fails with :
>
> " The system can't open a session on this domain because the computer's
> system account in his principal domain is missing or the password is
> incorrect " (translated from french)
>
> Inspecting the ldap attributes of this computer object, we can see
> something strange : all computer accounts (seems to) have "ntPassword"
> set but not all have "lmPassword" (the computer we use has not)
>
> Any help/idea welcome !
That bit should not matter - the lmPassword isn't used for computers.
I'll need to see some debug traces.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030421/1e663363/attachment.bin
More information about the samba-technical
mailing list