RE: [Samba] Can't join my domain
This is a discussion on RE: [Samba] Can't join my domain within the Samba forums, part of the Networking and Network Related category; The first time you try to join the Domain the computer account gets = created. Try it once more after the ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-09-2006
|
|||
|
|||
RE: [Samba] Can't join my domain
The first time you try to join the Domain the computer account gets =
created. Try it once more after the computer account is created and it should = work. JT -----Original Message----- From: Bevan Agard [mailto:bevan@cdcga.gov.tt]=20 Sent: Wednesday, March 08, 2006 3:06 PM To: 'James Taylor' Cc: samba@lists.samba.org Subject: RE: [Samba] Can't join my domain OK I installed it and it did take care of the problem where the samba = info was not being added to the database. However my original problem still remains. When I try to join my XP Desktop to the domain using the interface on = the desktop I get the same error that states=20 "The following error occurred attempting to join the domain "CDCGA"=20 The user name could not be found " I'm thinking the problems may have to do with my DDNS not working = properly. What do you think or am I just missing the boat? In the World one must be able to=20 Adapt, and Evolve=20 Or run the risk of becoming EXTINCT > -----Original Message----- > From: James Taylor [mailto:jtaylor@laszlosystems.com] > Sent: Friday, March 03, 2006 4:25 PM > To: 'Bevan Agard' > Cc: samba@lists.samba.org > Subject: RE: [Samba] Can't join my domain >=20 > Try this one... >=20 > JT >=20 > -----Original Message----- > From: Bevan Agard [mailto:bevan@cdcga.gov.tt] > Sent: Friday, March 03, 2006 11:39 AM > To: 'James Taylor' > Cc: samba@lists.samba.org > Subject: RE: [Samba] Can't join my domain >=20 > Here you go >=20 > In the World one must be able to > Adapt, and Evolve > Or run the risk of becoming EXTINCT >=20 > > -----Original Message----- > > From: James Taylor [mailto:jtaylor@laszlosystems.com] > > Sent: Friday, March 03, 2006 3:02 PM > > To: 'Bevan Agard' > > Cc: samba@lists.samba.org > > Subject: RE: [Samba] Can't join my domain > > > > Sorry I wasn't able to reply earlier. > > > > Can you send me a copy of your smbldap-useradd script? What is > happening > > is > > that the script is not adding the sambaSAMAccount information to the > > machine > > account it is creating. The -w switch should add this information. = It > > could > > be this script needs to be modified to make appropriate changes. > > > > JT > > > > -----Original Message----- > > From: Bevan Agard [mailto:bevan@cdcga.gov.tt] > > Sent: Thursday, March 02, 2006 6:44 AM > > To: 'James Taylor' > > Cc: samba@lists.samba.org > > Subject: RE: [Samba] Can't join my domain > > > > I have tried running smbldap-useradd with various switches however > > objectClass: sambaSAMAccount > > sambaSID: "domain sid"-xxx > > > > and any other sambaxxxx info only gets added if it is run with the = -a > > options which makes it a user not a machine. > > I am using smbldap 0.9.1 with samba 3.0.14a-2 > > > > I don't if anyone has experienced this before but any help would be > > appreciated. > > > > I would really like to get this box set up as our PDC that would be = able > > to > > do single sign-on and manage windows user accounts. > > > > > > In the World one must be able to > > Adapt, and Evolve > > Or run the risk of becoming EXTINCT > > > > > -----Original Message----- > > > From: James Taylor [mailto:jtaylor@laszlosystems.com] > > > Sent: Wednesday, February 22, 2006 4:06 PM > > > To: 'Bevan Agard' > > > Cc: samba@lists.samba.org > > > Subject: RE: [Samba] Can't join my domain > > > > > > Then that would be your problem... change your Add Machine = Script... > > > > > > smbldap-useradd -w -d /dev/null -c 'Machine Account' -s /bin/false > '%m' > > > > > > Then try adding a new machine. > > > > > > JT > > > > > > -----Original Message----- > > > From: Bevan Agard [mailto:bevan@cdcga.gov.tt] > > > Sent: Wednesday, February 22, 2006 12:04 PM > > > To: 'James Taylor' > > > Subject: RE: [Samba] Can't join my domain > > > > > > > > > > > > In the World one must be able to > > > Adapt, and Evolve > > > Or run the risk of becoming EXTINCT > > > > > > > -----Original Message----- > > > > From: James Taylor [mailto:jtaylor@laszlosystems.com] > > > > Sent: Wednesday, February 22, 2006 3:59 PM > > > > To: 'Bevan Agard' > > > > Subject: RE: [Samba] Can't join my domain > > > > > > > > Does the LDAP Machine account include: > > > > objectClass: sambaSAMAccount > > > > sambaSID: "domain sid"-xxxx > > > > > > > > JT > > > [Bevan Agard] > > > > > > Actually it does not. strange > > > > > > > > -----Original Message----- > > > > From: Bevan Agard [mailto:bevan@cdcga.gov.tt] > > > > Sent: Wednesday, February 22, 2006 11:53 AM > > > > To: 'James Taylor' > > > > Subject: RE: [Samba] Can't join my domain > > > > > > > > > > > > > > > > In the World one must be able to > > > > Adapt, and Evolve > > > > Or run the risk of becoming EXTINCT > > > > > > > > > -----Original Message----- > > > > > From: James Taylor [mailto:jtaylor@laszlosystems.com] > > > > > Sent: Wednesday, February 22, 2006 3:04 PM > > > > > To: 'Bevan Agard' > > > > > Subject: RE: [Samba] Can't join my domain > > > > > > > > > > When you are trying to join a system to your Domain are the > computer > > > > > accounts created in your LDAP Database as "machinename$" also = with > > the > > > > > sambaSAMAccount information? > > > > > > > > > [Bevan Agard] > > > > Yes the machine name gets added to the LDAP Database and I get = an > > error > > > on > > > > the windows box stating > > > > "Cannot join Domain" > > > > "User name not found" > > > > > > > > > > > > > > > > > What does your SAMBA "Add Machine Script" look like in your > smb.conf > > > > file? > > > > > > > > > > JT > > > > [Bevan Agard] > > > > add machine script =3D /usr/local/sbin/smbldap-useradd -w "%u" > > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: Bevan Agard [mailto:bevan@cdcga.gov.tt] > > > > > Sent: Wednesday, February 22, 2006 11:00 AM > > > > > To: 'James Taylor'; samba@lists.samba.org > > > > > Subject: RE: [Samba] Can't join my domain > > > > > > > > > > > > > > > > > > > > In the World one must be able to > > > > > Adapt, and Evolve > > > > > Or run the risk of becoming EXTINCT > > > > > > > > > > > -----Original Message----- > > > > > > From: James Taylor [mailto:jtaylor@laszlosystems.com] > > > > > > Sent: Wednesday, February 22, 2006 2:39 PM > > > > > > To: 'Bevan Agard'; samba@lists.samba.org > > > > > > Subject: RE: [Samba] Can't join my domain > > > > > > > > > > > > What do your Add Machine Scripts look like in Samba? Also, = are > > you > > > > > using > > > > > > the smbldap-tools from idealx? > > > > > > > > > > > [Bevan Agard] > > > > > > > > > > I am using the scripts from idealx. > > > > > > > > > > I followed the HOWTO on samba.org (Happy Users Ch 5) > > > > > > > > > > > > > > > > JT > > > > > > > > > > > > -----Original Message----- > > > > > > From: = samba-bounces+jtaylor=3Dlaszlosystems.com@lists.samba.or g > > > > > > = [mailto:samba-bounces+jtaylor=3Dlaszlosystems.com@lists.samba.or g] > > On > > > > > Behalf > > > > > > Of Bevan Agard > > > > > > Sent: Wednesday, February 22, 2006 5:12 AM > > > > > > To: samba@lists.samba.org > > > > > > Subject: [Samba] Can't join my domain > > > > > > > > > > > > Guys and dolls, > > > > > > Greetings, I hope you all are in good health, great spirits = and > > your > > > > > > glasses > > > > > > never empty. > > > > > > > > > > > > I have a samba, openldap question. > > > > > > > > > > > > I am trying to setup a FC-4 box to be a PDC for a small = network > of > > > > about > > > > > > 150 > > > > > > users. I was following the HOWTO on the SAMBA site. = Everything > > > seems > > > > > to > > > > > > be > > > > > > fine however I cannot join the domain. I get the error = "User > name > > > > could > > > > > > not > > > > > > be found." The error logs show that the login/password used = to > > join > > > > the > > > > > > domain was accpeted and correct. I decided to step back a = bit > to > > > see > > > > if > > > > > > the > > > > > > PDC could join the domain but also no luck. I got the = following > > > when > > > > I > > > > > > ran > > > > > > the command > > > > > > > > > > > > [root@anansi ~]# net rpc join -d 3 -l -S PDC -U root > > > > > > [2006/02/21 10:57:03, 3] param/loadparm.c:lp_load(3916) > > > > > > lp_load: refreshing parameters > > > > > > [2006/02/21 10:57:03, 3] param/loadparm.c:init_globals(1321) > > > > > > Initialising global parameters > > > > > > [2006/02/21 10:57:03, 3] param/params.c:pm_process(573) > > > > > > params.c:pm_process() - Processing configuration file > > > > > > "/etc/samba/smb.conf" > > > > > > [2006/02/21 10:57:03, 3] param/loadparm.c:do_section(3418) > > > > > > Processing section "[global]" > > > > > > [2006/02/21 10:57:03, 1] = param/loadparm.c:lp_do_parameter(3159) > > > > > > WARNING: The "min passwd length" option is deprecated > > > > > > [2006/02/21 10:57:03, 2] lib/interface.c:add_interface(81) > > > > > > added interface ip=3D10.50.0.20 bcast=3D10.50.255.255 > > > nmask=3D255.255.0.0 > > > > > > [2006/02/21 10:57:03, 2] lib/interface.c:add_interface(81) > > > > > > added interface ip=3D127.0.0.1 bcast=3D127.255.255.255 > > nmask=3D255.0.0.0 > > > > > > [2006/02/21 10:57:03, 3] = libsmb/namequery.c:resolve_wins(752) > > > > > > resolve_wins: Attempting wins lookup for name PDC<0x20> > > > > > > [2006/02/21 10:57:03, 3] > > libsmb/namequery.c:name_resolve_bcast(694) > > > > > > name_resolve_bcast: Attempting broadcast lookup for name > > PDC<0x20> > > > > > > [2006/02/21 10:57:03, 2] libsmb/namequery.c:name_query(492) > > > > > > Got a positive name query response from 10.50.0.20 ( > 10.50.0.20 > > ) > > > > > > [2006/02/21 10:57:03, 3] > > > > libsmb/cliconnect.c:cli_start_connection(1406) > > > > > > Connecting to host=3DPDC > > > > > > [2006/02/21 10:57:03, 3] = lib/util_sock.c:open_socket_out(752) > > > > > > Connecting to 10.50.0.20 at port 445 > > > > > > [2006/02/21 10:57:04, 3] > > > > > rpc_client/cli_netlogon.c:cli_nt_setup_creds(290) > > > > > > cli_nt_setup_creds: auth2 challenge failed > > NT_STATUS_ACCESS_DENIED > > > > > > [2006/02/21 10:57:04, 3] > > > > > libsmb/trusts_util.c:just_change_the_password(43) > > > > > > just_change_the_password: unable to setup creds > > > > > > (NT_STATUS_ACCESS_DENIED)! > > > > > > [2006/02/21 10:57:04, 1] = utils/net_rpc.c:run_rpc_command(138) > > > > > > rpc command function failed! (NT_STATUS_ACCESS_DENIED) > > > > > > Password: > > > > > > [2006/02/21 10:57:10, 3] > > > > libsmb/cliconnect.c:cli_start_connection(1406) > > > > > > Connecting to host=3DPDC > > > > > > [2006/02/21 10:57:10, 3] = lib/util_sock.c:open_socket_out(752) > > > > > > Connecting to 10.50.0.20 at port 445 > > > > > > [2006/02/21 10:57:10, 3] > > > > > libsmb/cliconnect.c:cli_session_setup_spnego(708) > > > > > > Doing spnego session setup (blob length=3D58) > > > > > > [2006/02/21 10:57:10, 3] > > > > > libsmb/cliconnect.c:cli_session_setup_spnego(733) > > > > > > got OID=3D1 3 6 1 4 1 311 2 2 10 > > > > > > [2006/02/21 10:57:10, 3] > > > > > libsmb/cliconnect.c:cli_session_setup_spnego(740) > > > > > > got principal=3DNONE > > > > > > [2006/02/21 10:57:10, 3] > > > > libsmb/ntlmssp.c:ntlmssp_client_challenge(869) > > > > > > Got challenge flags: > > > > > > [2006/02/21 10:57:10, 3] > libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > > > > > > Got NTLMSSP neg_flags=3D0x60890215 > > > > > > [2006/02/21 10:57:10, 3] > > > > libsmb/ntlmssp.c:ntlmssp_client_challenge(891) > > > > > > NTLMSSP: Set final flags: > > > > > > [2006/02/21 10:57:10, 3] > libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > > > > > > Got NTLMSSP neg_flags=3D0x60080215 > > > > > > [2006/02/21 10:57:10, 3] > > > libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319) > > > > > > NTLMSSP Sign/Seal - Initialising with flags: > > > > > > [2006/02/21 10:57:10, 3] > libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > > > > > > Got NTLMSSP neg_flags=3D0x60080215 > > > > > > [2006/02/21 10:57:10, 3] > rpc_parse/parse_lsa.c:lsa_io_sec_qos(181) > > > > > > lsa_io_sec_qos: length c does not match size 8 > > > > > > Creation of workstation account failed > > > > > > Unable to join domain CDCGA. > > > > > > [2006/02/21 10:57:12, 2] utils/net.c:main(897) > > > > > > return code =3D 1 > > > > > > > > > > > > I googled the the NT_STATUS_ACCESS_DENIED error and no luck = as > of > > > yet. > > > > > > > > > > > > Have any of you samba sensei seen anything like this or have = an > > > > > > suggestions > > > > > > as to how to kick this trouble ticket out. > > > > > > > > > > > > Thanks > > > > > > > > > > > > > > > > > > > > > > > > In the World one must be able to > > > > > > > > > > > > Adapt, and Evolve > > > > > > > > > > > > Or run the risk of becoming EXTINCT > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > To unsubscribe from this list go to the following URL and = read > the > > > > > > instructions: = https://lists.samba.org/mailman/listinfo/samba > > > > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
Linear Mode
