>> 09/09/2009 00:51:59:650 NetpManageMachineAccountWithSid: NetUserAdd on >> '\\PDC' for 'DEVSRV01$' failed: 0x8b0 >> 09/09/2009 00:51:59:655 NetpSetMachineAccountPasswordAndTypeEx: Broken >> account type 0x11 -- error out >> 09/09/2009 00:51:59:657 NetpManageMachineAccountWithSid: status of >> attempting to set password on '\\PDC' for 'DEVSRV01$': 0x524 >> 09/09/2009 00:51:59:657 NetpJoinDomain: status of creating account: 0x524 >> 09/09/2009 00:51:59:657 NetpJoinDomain: initiaing a rollback due to >> earlier errors > > It definitely looks like it can't set the machine password. > ... > When you add the Windows machine to the domain it should ask you for > a username and password, so use one that has lots of access :-) > > Cheers, > Adam.
Hi, my user is a domain admin, ie. a member of group RID 512. When I try to join the domain, I'm prompted for username and password. This means that the Windows server has successfully located the Samba PDC using Wins resolution. So far so good, but when I enter my credentials I get the error message after 3-5 secs. Could it be that my Samba users is badly setup? I'm using tdbsam password backend. I performed the following procedure when I created my Samba users: ## Add essential Samba groups sudo groupadd --gid 512 smb-domain-admins sudo groupadd --gid 513 smb-domain-users sudo groupadd --gid 514 smb-domain-guests sudo groupadd --gid 515 smb-domain-computers ## Add Samba group mapping sudo net groupmap add ntgroup="Domain Admins" unixgroup=smb-domain-admins rid=512 sudo net groupmap add ntgroup="Domain Users" unixgroup=smb-domain-users rid=513 sudo net groupmap add ntgroup="Domain Guests" unixgroup=smb-domain-guests rid=514 sudo net groupmap add ntgroup="Domain Computers" unixgroup=smb-domain-computers rid=515 ## Add Samba domain admin sudo useradd -g 512 -d /dev/null -s /bin/false devadm sudo passwd devadm sudo pdbedit -a -u devadm ## Add Samba machine account sudo useradd -g 515 -d /dev/null -s /bin/false devsrv01$ sudo pdbedit -a -u devsrv01$ Here is a dump of smb.conf, using testparm: Load smb config files from /etc/samba/smb.conf Processing section "[netlogon]" Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions [global] workgroup = DEVNET netbios name = PDC passdb backend = tdbsam:/etc/samba/passdb.tdb log level = 2 log file = /var/log/samba/samba.log name resolve order = wins load printers = No disable spoolss = Yes logon path = logon home = domain logons = Yes os level = 33 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes [netlogon] path = /var/lib/samba/netlogon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba