Greetings, I am in the process of testing Samba 3.0.23a with our own passdb plugin. As part of mytesting I am trying to join the domin so here are the steps I take...
1 - get local sid /usr/local/samba/bin/net getlocalsid SID for domain JAZZY is: S-1-5-21-1016995387-3159270912-1426853295 2 - create group mappings [EMAIL PROTECTED] ~]$ /usr/local/samba/bin/net groupmap list Domain Users (S-1-5-21-1016995387-3159270912-1426853295-513) -> users Domain Admins (S-1-5-21-1016995387-3159270912-1426853295-512) -> tech Domain Guests (S-1-5-21-1016995387-3159270912-1426853295-514) -> nobody [EMAIL PROTECTED] ~]$ 3 - Assign privileges to tech group so they can join machines to the domain. net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege [EMAIL PROTECTED] sbin]$ /usr/local/samba/bin/net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege [2006/07/25 11:37:50, 3] param/loadparm.c:lp_load(4945) lp_load: refreshing parameters [2006/07/25 11:37:50, 3] param/loadparm.c:init_globals(1410) Initialising global parameters [2006/07/25 11:37:50, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf" [2006/07/25 11:37:50, 3] param/loadparm.c:do_section(3687) Processing section "[global]" [2006/07/25 11:37:50, 1] param/loadparm.c:lp_do_parameter(3426) WARNING: The "printer admin" option is deprecated [2006/07/25 11:37:50, 2] lib/interface.c:add_interface(81) added interface ip=130.xx.xx.xx bcast=130.xx.xx.xx nmask=255.255.255.0 [2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_lmhosts(939) resolve_lmhosts: Attempting lmhosts lookup for name JAZZY<0x20> [2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_wins(836) resolve_wins: Attempting wins lookup for name JAZZY<0x20> [2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_wins(875) resolve_wins: using WINS server 130.xx.xx.xx and tag '*' [2006/07/25 11:37:50, 2] libsmb/namequery.c:name_query(577) Got a positive name query response from 130.xx.xx.xx ( 130.xx.xx.xx ) Password: [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_start_connection(1417) Connecting to host=JAZZY [2006/07/25 11:38:00, 3] lib/util_sock.c:open_socket_out(874) Connecting to 130.xx.xx.xx at port 445 [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_session_setup_spnego(723) Doing spnego session setup (blob length=58) [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_session_setup_spnego(748) got OID=1 3 6 1 4 1 311 2 2 10 [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_session_setup_spnego(757) got principal=NONE [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(941) Got challenge flags: [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60890215 [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(963) NTLMSSP: Set final flags: [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60080215 [2006/07/25 11:38:00, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338) NTLMSSP Sign/Seal - Initialising with flags: [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60080215 [2006/07/25 11:38:00, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine JAZZY pipe \lsarpc fnum 0x7622 bind request returned ok. [2006/07/25 11:38:00, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine JAZZY pipe \lsarpc fnum 0x7623 bind request returned ok. [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED) [2006/07/25 11:38:00, 1] utils/net_rpc.c:run_rpc_command(170) rpc command function failed! (NT_STATUS_ACCESS_DENIED) [2006/07/25 11:38:00, 2] utils/net.c:main(988) return code = 1 ----- What could be causing this error? The only thing that catches my eyes is the following.... [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 Anyone have any pointers ? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba