Adrian,
I had the same issue with Debian 3.4.3. I eventually found an old post
that mentioned adding the "-i" option (if using ldap) to the "add
machine script" entry like this:
add machine script = /usr/sbin/smbldap-useradd -i -w '%u'
I don't know which backend you're using, but smbpasswd also supports
this option if adding machine accounts manually.
I'm unaware of why it is needed or how a non-ldap PDC could use this
option with an on-the-fly "add machine script" entry. I only know that
XP and Win7 systems could now join the domain.
Dale
On 02/28/2010 4:39 AM, Adrian Levi wrote:
I have setup a Samba PDC Version 3.4.3 under Debian.
I have read the TOSHARG and By Example chapters regarding domain
logins as well as anything else I could find.
The machines (seem) to join the domain successfully but when the
machines requre a domain administrator account privilege escalation
fails.
The Win7 machine fails with the message "The machine trust account failed"
I suspect the problem lies with the domain setup on the PDC but I am
unable to trouble shoot further on my own.
Another thing to note is that there is no ADMIN$ IPC share on the
server and I am unable to find information regarding when it should be
present or not.
It is worth noting that the server otherwise works as a workgroup server.
Please suggest any information that would be useful to troubleshoot further.
Yours humbly,
Adrian
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
