Dos the PDC have to join the domain also? When I try to join my PDC to its domain with "net join" I get the following error.
Enter root's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE The netbios name for my PDC is pdc.semarktest.dk I guess that way it tells my that is can't connect to server PDC I have checked that pdc is in the name server (nameserver is on 127.0.0.1) # host pdc pdc.semarktest.dk has address 192.168.1.182 Is there something I'm missing? Log dump from net join command: # tail -200 /var/log/syslog | grep slapd Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=2 do_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: >>> dnPrettyNormal: <sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk> Jan 27 20:21:53 hds-debian-virt slapd[1868]: <<< dnPrettyNormal: <sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk>, <sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk> Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH "sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk" 2 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter: (&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=semarktest)) Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs: Jan 27 20:21:53 hds-debian-virt slapd[1868]: Jan 27 20:21:53 hds-debian-virt slapd[1868]: => hdb_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_dn2entry("sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk") Jan 27 20:21:53 hds-debian-virt slapd[1868]: => hdb_dn2id("sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk") Jan 27 20:21:53 hds-debian-virt slapd[1868]: <= hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30990) Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: conn=15 op=2 p=3 Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: err=10 matched="sambaDomainName=semarktest,dc=semark-testing,dc=dk" text="" Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_response: msgid=3 tag=101 err=32 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=3 do_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: >>> dnPrettyNormal: <dc=semark-testing,dc=dk> Jan 27 20:21:53 hds-debian-virt slapd[1868]: <<< dnPrettyNormal: <dc=semark-testing,dc=dk>, <dc=semark-testing,dc=dk> Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH "dc=semark-testing,dc=dk" 2 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter: (&(uid=root)(objectClass=sambaSamAccount)) Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs: Jan 27 20:21:53 hds-debian-virt slapd[1868]: uid Jan 27 20:21:53 hds-debian-virt slapd[1868]: uidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: gidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: homeDirectory Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: cn Jan 27 20:21:53 hds-debian-virt slapd[1868]: sn Jan 27 20:21:53 hds-debian-virt slapd[1868]: displayName Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 20:21:53 hds-debian-virt slapd[1868]: description Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaSID Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaDomainName Jan 27 20:21:53 hds-debian-virt slapd[1868]: objectClass Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaAcctFlags Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaMungedDial Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaBadPasswordCount Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaBadPasswordTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPasswordHistory Jan 27 20:21:53 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonHours Jan 27 20:21:53 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 20:21:53 hds-debian-virt slapd[1868]: uidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: Jan 27 20:21:53 hds-debian-virt slapd[1868]: => hdb_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_dn2entry("dc=semark-testing,dc=dk") Jan 27 20:21:53 hds-debian-virt slapd[1868]: search_candidates: base="dc=semark-testing,dc=dk" (0x00000001) scope=2 Jan 27 20:21:53 hds-debian-virt slapd[1868]: => hdb_dn2idl("dc=semark-testing,dc=dk") Jan 27 20:21:53 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass) Jan 27 20:21:53 hds-debian-virt slapd[1868]: => key_read Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [b49d1940] Jan 27 20:21:53 hds-debian-virt slapd[1868]: <= bdb_index_read: failed (-30990) Jan 27 20:21:53 hds-debian-virt slapd[1868]: <= bdb_equality_candidates: id=0, first=0, last=0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: => bdb_equality_candidates (uid) Jan 27 20:21:53 hds-debian-virt slapd[1868]: => key_read Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [15f2129b] Jan 27 20:21:53 hds-debian-virt slapd[1868]: <= bdb_index_read: failed (-30990) Jan 27 20:21:53 hds-debian-virt slapd[1868]: <= bdb_equality_candidates: id=0, first=0, last=0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_search_candidates: id=0 first=1 last=0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: hdb_search: no candidates Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: conn=15 op=3 p=3 Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: err=0 matched="" text="" Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_response: msgid=4 tag=101 err=0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: ber_get_next on fd 22 failed errno=0 (Success) Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_closing: readying conn=15 sd=22 for close Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_close: conn=15 sd=22 --- Med Venlig Hilsen / Best regards Henrik Dige Semark On 26-01-2010 22:42, Dale Schroeder wrote: > Henrik, > > I saw that another user wanted you to make sure that the PDC was added > to the domain, and he is correct. > If it is still not working after adding the PDC to the domain, > consider changing the add machine script to this: > > add machine script = /usr/sbin/smbldap-useradd -i -w '%u' > > I ran into this problem with Samba 3.4.3 on Debian Squeeze, and that > is what fixed the issue. > > Dale > > > On 01/25/2010 3:23 PM, Henrik Dige Semark wrote: >> I have a serous problem. >> >> I have for some time now tried to get an SAMBA based Domain Controller >> working. >> I have tried with OpenLDAP and tdbsam as backend, but I get the same >> error every time. >> >> I wood prefer to use LDAP as my backend. >> I have read tons of how-to SAMBA + LDAP, but non of the seams to work >> for my, is there someone that maybe can see what I have done rung in >> my config.? >> >> I have attached my samba conf and LDAP conf. >> >> Samba is connected to OpenLDAP, and LDAP is running fine. >> But when I try to join my Windows XP Pro SP3 I takes about one Min and >> it tells my that Username and/or Password maybe rung, ore not existing. >> >> There is no doubt that Samba and Ldap is talking together (samba have >> updated the SID and RID's), cause when I try to join the domain LDAP >> is activated, but the return value is somehow disappearing on the way >> back to my client >> >> I have some wireshark dump that I can provide if its necessary. >> I can provide LOGS, DUMPS, and everything needed if its necessary. >> >> System info: >> Clean installed Debian Lenny (5.0.3) >> Clean installed Samba 3.2.5 + Winbind 3.2.5 >> Clean installed OpenLDAP 2.4.11 (slapd) >> Debian default smbldap-tools (smbldap-populate is working and have >> populated LDAP without problems) >> if there is something I have forgotten please just ask for it, I'm >> close to be desperate.! >> >> --- >> Med Venlig Hilsen / Best regards >> Henrik Dige Semark >> >> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba