Have you added the machine name to the linux box using the command

adduser {machine name}$ (if it doesn't allow the $ then add it to the end of the machine name in /etc/passwd

then do:

smbpasswd -m {machine name}$

Then try joining the domain by using the administrator username and the root password for the Linux box.

DSanchez wrote:
Hello and Thanks in advance.
I have a CentOS 4.1 Server and i have samba Version 3.0.10-1.4E
I have 2 users on this server right now: Root, Dsanchez.

I have also issued this command to set up these 2 users on the Samba
Server as well.
smbpasswd -a root
smbpasswd -a dsanchez
and i set up the password to match the linux account.

Here is my SMB.conf file:

# Global parameters
        workgroup = ETNET
        server string = Samba PDC Server
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
        unix password sync = Yes
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = /etc/printcap
        add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u
        add machine script = /usr/sbin/useradd -c Machine -d /dev/null
-s /bin/false machine_name$
        domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        idmap uid = 16777216-33554431
        idmap gid = 16777216-33554431
        hosts allow = 10.78., 127.
        cups options = raw

        comment = Home Directories
        read only = No
        browseable = No

        comment = Network Logon Service
        path = /home/netlogon
        guest ok = Yes
        share modes = No

        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

I have also made the following changes to the XP box.

Registry changes:


Which i set to '0' from '1'

I have made sure the following in Local Security Policy is set:
I edited or checked the following entries:
"Domain member: Digitally encrypt or sign secure channel(Disabled)"
"Domain member: Disable machine account password changes(Disabled)."
"Domain member: Require strong (Windows 2000 or later) session key(Disabled)"

Then i go to the Systems Properties/computer name change/

I change from workgroup: workgroup to Domain:ETINET

Then i click the 'ok' button, and a login window pops up.

I then use the following usernames to 'Join'


I get the following error when i try to join as:

The following error occurred attempting to join the domain "ETINET":
Logon Failure: Unknown Username or bad password.

When i try using the following this is what i get:

The following error occurred attempting to join the domain "ETINET":
The username could not be found.

Then, if i try and use my account, whcih i added to the root group.

The following error occurred attempting to join the domain "ETINET":
Access is Denied.

Note, this is an XP SP2 Machine and i only have 1 user on this machine


I did find that this script
add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false

has a group of 102

and the machine log file that was in /var/log/samba/<machinename>.log
had this error in it.

useradd: unknown group 102

however i do have this script in the smb.conf file.

add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u

So do i need both of these lines?
do i need to make a group with the Gid of 102?

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to