Hi, I migrated from an MS NT Domain to a samba3 domain some time back. I forgot about a couple of machines and am trying to add them. These are Buffalo NAS workstations so are basically *nix machines with a web interface. I have not had to add any machines to the domain from the samba PDC before. This is what I've done. I tried to add the machine using it's web interface but it failed and I noticed these errors in the sambaPDC logs:
[2011/10/12 10:28:49.106714, 0] rpc_server/srv_netlog_nt.c:475(get_md4pw) get_md4pw: Workstation FOOBAR$: no account in domain [2011/10/12 10:28:49.106886, 0] rpc_server/srv_netlog_nt.c:692(_netr_ServerAuthenticate3) _netr_ServerAuthenticate2: failed to get machine password for account FOOBAR$: NT_STATUS_ACCESS_DENIED [2011/10/12 10:28:49.118230, 0] rpc_server/srv_netlog_nt.c:475(get_md4pw) get_md4pw: Workstation FOOBAR$: no account in domain [2011/10/12 10:28:49.118312, 0] rpc_server/srv_netlog_nt.c:692(_netr_ServerAuthenticate3) _netr_ServerAuthenticate2: failed to get machine password for account FOOBAR$: NT_STATUS_ACCESS_DENIED The machine didn't seem to be in the ldap backend. So I added it with `smbldpa-useradd -w foobar`. I then went back to the user interface and tried again. I got the same error. I tried `pdbedit -Lv | grep -i foobar` and got "Username not found!". I'm not sure if smbldap tool is not working but I did pdbedit -a -m FOOBAR$. I tried to get FOOBAR (not real name) to join again and this time got this error: [2011/10/12 11:06:20.745128, 0] rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3) _netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client LEDA machine account LEDA$ [2011/10/12 11:06:20.753498, 0] rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3) _netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client LEDA machine account LEDA$ I'm a little lost now. I wouldn't mind if someone can explain or confirm if I should do smbldap-useradd and pdbedit to add an account (machine or otherwise) but I'd really appreciate some help resoling this authentication problem. Thanks in advance, Dermot. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba