SUMMARY: Sun Samba server can't join domain (smbpasswd)

From: Carolyn Mayr <carolyn_at_usna.edu>
Date: Thu Jun 19 2003 - 10:35:55 EDT
Problem solved!  I am absolutely grateful to Scott Croft and Marcelino Mata
for their help in troubleshooting this problem.

One mistake I made in my original message is that the PC server is a "Windows 
2000 Advanced Server" and our PCs have XP.

Anyhow, Scott Croft made a sweep of my smb.conf settings and we specifically 
checked the following entries for accuracy.  I was missing the netbios name
which is required:

	password server = cs=faculty-dc1
	security = DOMAIN
	netbios name = rattler
	workgroup = CSDEPARTMENT
	name resolve order = host bcase lmhosts wins

Marcelino Mata gave me the following instructions which finally, after
the smb.conf file changes were made, solved the problem.  He wrote:

  "For Windows 2000 Server and Windows 2003 Server with Active Directory, I
  found the following for joining a domain...

  You must add Samba computer as Pre-Windows 2000 computer before trying to
  join the domain.

     add a machine account "rattler" inside windows active directory
      Users and Computers : right-click folder Computers -> New -> Computer
      fill-in : rattler and check the box "Allow pre-Windows 2000
      computers to use this account" . right-click on the samba-cable
      computer icon inside the Computers folder, and select "Reset Account"

  If that does not help, you should be looking at the samba logs on possible
  reasons for failure."


After following the advice he gave me, I tried the smbpasswd command again
and it worked:

rattler# /usr/sfw/bin/smbpasswd -j CSDEPARTMENT -r cs-faculty-dc1

2003/06/19 09:59:10 : change_trust_account_password: Changed password for 
  domain CSDEPARTMENT.
Joined domain CSDEPARTMENT.


Afterwards, I started my processes on the samba server by typing:
/etc/rc3.d/S90samba start


Thanks again to sunmanagers!
		Carolyn


************************************************************************
ORIGINAL MESSAGE:  

>Date: Thu, 19 Jun 2003 07:27:53 -0400 (EDT)
>From: Carolyn Mayr <carolyn@usna.edu>
>To: sunmanagers@sunmanagers.org
>Subject: Sun Samba server can't join domain (smbpasswd)
>
>Hello managers,
>
>I've posted this problem before but for some reason, this time the
>solution I used before won't work.  I've exhausted all documentation
>and web/archive searches and am asking sunmanagers for help.
>
>I am setting a new SunFire V480 server named rattler.  It is running 
>Solaris 9 and I customized it as a samba 2.2.8a server.  I am using our 
>Windows XP server named cs-faculty-dc1 (our PDC) for user password 
>authentication.  After configuring the /etc/sfw/smb.conf file, I tried 
>joining the domain but here is what happened:
>
>! rattler# /usr/sfw/bin/smbpasswd -j CSDEPARTMENT -r cs-faculty-dc1
>
>cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
>cli_nt_setup_creds: auth2 challenge failed
>modify_trust_password: unable to setup the PDC credentials to machine 
>    CS-FACULTY-DC1. Error was : NT_STATUS_ACCESS_DENIED.
>2003/06/19 07:11:40 : change_trust_account_password: Failed to change 
>    password for domain CSDEPARTMENT.
>Unable to join domain CSDEPARTMENT.
>
>
>I was not running the smbd or nmbd daemons as the documentation noted.
>Here's what I've tried to do to fix it:
>
>- add the samba server to the PDC's list of servers
>- remove the samba server from the PDC's list of servers
>- reboot both servers
>- re-added the samba server back to the PDC's list of servers
>
>Any ideas?  FYI, we currently have a samba 2.0.7 server which is joined 
>to the PDC but I am taking that one offline as soon as I get samba 2.2.8a
>running on the new SunFire server.
>
>Thanks everyone.  I will summarize.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Carolyn A. Mayr (UNIX System Administrator)  Voice: (410) 293-6808 (sec-6800)
Computer Science Department, DivMath&Sci     Email: carolyn@usna.edu     
572 Holloway Road, Chauvenet Hall, Stop 9F   FAX:   (410) 293-2686
U.S. Naval Academy                           WWW:   http://www.cs.usna.edu
Annapolis, MD  21402-5002                    USNA:  (410) 293-1000
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Thu Jun 19 10:39:11 2003

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:14 EST