Re: [Samba] net rpc join failed ?
1. what kind of domain controller you are trying to join ?? 2.. does the machine that you are trying to join has valid A and PTR records in the dns 3. before trying to join the domain did you try the following kinit [principal] and checked if the ticket is created by the principal name or not using klist 4. kindly send krb configuration + samba configuration reagrds On Thu, Feb 11, 2010 at 7:13 AM, Annada Prasana Prusty annadapras...@gmail.com wrote: Hi, i have further investigated. i got this error message get_trust_pw_clear: could not fetch clear text trust account password for domain my_domain. It is looking for machine password inside secrets.tdb with key = SECRETS/MACHINE_PASSWORD/MY_DOMAIN, but there is no record at the same offset. But tdbdump shows the record inside tdb file, even in hexdump also shows the record in different offset. So i am not able to trace it, where is the problem. I have tried with old samba versions also, but the same result. Please help. Thanks Annada === On Fri, Feb 5, 2010 at 7:48 PM, Annada Prasana Prusty annadapras...@gmail.com wrote: Hi, I am using samba-3.4.5. I am trying for join to domain controller, with security=domain in smb.conf. But it fails with following debug messages. * rpccli_netlogon_set_trust_password: unable to setup creds (NT_STATUS_ACCESS_DENIED) ! rpc command function failed ! (NT_STATUS_ACCESS_DENIED) .. get_schannel_session_key: could not fetch trust account password for domain 'MYDOMAIN' net_rpc_join_ok: failed to get schannel session key for server MYSERVER for domain MYDOMAIN. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO. unable to join domain MYDOMAIN return code = -1.* Can you please help , where is the problem. Thanks Annada -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] net rpc join failed ?
Hi, i have further investigated. i got this error message get_trust_pw_clear: could not fetch clear text trust account password for domain my_domain. It is looking for machine password inside secrets.tdb with key = SECRETS/MACHINE_PASSWORD/MY_DOMAIN, but there is no record at the same offset. But tdbdump shows the record inside tdb file, even in hexdump also shows the record in different offset. So i am not able to trace it, where is the problem. I have tried with old samba versions also, but the same result. Please help. Thanks Annada === On Fri, Feb 5, 2010 at 7:48 PM, Annada Prasana Prusty annadapras...@gmail.com wrote: Hi, I am using samba-3.4.5. I am trying for join to domain controller, with security=domain in smb.conf. But it fails with following debug messages. * rpccli_netlogon_set_trust_password: unable to setup creds (NT_STATUS_ACCESS_DENIED) ! rpc command function failed ! (NT_STATUS_ACCESS_DENIED) .. get_schannel_session_key: could not fetch trust account password for domain 'MYDOMAIN' net_rpc_join_ok: failed to get schannel session key for server MYSERVER for domain MYDOMAIN. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO. unable to join domain MYDOMAIN return code = -1.* Can you please help , where is the problem. Thanks Annada -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] net rpc join failed ?
Hi, I am using samba-3.4.5. I am trying for join to domain controller, with security=domain in smb.conf. But it fails with following debug messages. * rpccli_netlogon_set_trust_password: unable to setup creds (NT_STATUS_ACCESS_DENIED) ! rpc command function failed ! (NT_STATUS_ACCESS_DENIED) .. get_schannel_session_key: could not fetch trust account password for domain 'MYDOMAIN' net_rpc_join_ok: failed to get schannel session key for server MYSERVER for domain MYDOMAIN. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO. unable to join domain MYDOMAIN return code = -1.* Can you please help , where is the problem. Thanks Annada -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba: net rpc join unable to setup creds
Hi experts, I am getting the error when trying to join samba server into domain. net rpc join -U user%password returns with rpccli_netlogon_set_trust_password: - unable to setup creds NT_STATUS_ACCESS_DENIED ! rpc command failed ! NT_STATUS_ACCESS_DENIED. what is the error in smb.conf. i am running samba-3.4.5 Thanks AP -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] net rpc join -U root error
Thanks, I figured it out. looking at /var/log/samba/smbd it was trying to connect to openldap but couldn't. I had to rerun smbpasswd -w xx and then it was ok, and then I ran: [EMAIL PROTECTED] ~]# net rpc join -D ADMIN -U root Password: Joined domain ADMIN. [EMAIL PROTECTED] ~]# net rpc join -U root Password: Joined domain ADMIN. [EMAIL PROTECTED] ~]# net rpc testjoin -S GOMER -U root Join to 'ADMIN' is OK -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join -U root error
On my server, I have root in LDAP, and am following the Samba3 by example book, but I'm unable to get it to join the domain. I'm running samba 3.0.25b. [EMAIL PROTECTED] samba]# net rpc join -U root% Unable to find a suitable server [EMAIL PROTECTED] samba]# net rpc testjoin -S GOMER -U root%xxx Join to 'ADMIN' is OK [EMAIL PROTECTED] samba]# net rpc testjoin -D DOMAIN -U root%xxx Unable to find a suitable server Join to domain 'ADMIN' is not valid I google searched for the error, but didn't find a solution. Any ideas? smb.conf: [global] unix charset = LOCALE workgroup = ADMIN netbios name = GOMER server string = Samba Server %v on gomer interfaces = eth0, lo bind interfaces only = Yes passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us enable privileges = Yes username map = /etc/samba/smbusers log level = 5 syslog = 0 log file = /var/log/samba/%m max log size = 50 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS show add printer wizard = no add user script = /usr/sbin/smbldap-useradd -a -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-groupmod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = scripts\logon.bat logon path = \\%L\profiles\%U logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us idmap backend = ldap:ldap://gomer.mdah.state.ms.us idmap uid = 1 - 2 idmap gid = 1 - 2 map acl inherit = Yes printing = cups printer admin = root, awilliam [homes] comment = Home Directories valid users = %S read only = no browseable = No [accounts] comment = Accounting Files path = /data/accounts read only = No [netlogon] comment = network logon service path = /var/lib/samba/netlogon guest ok = Yes locking = No [profiles] comment = Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes [print$] comment = Printer Drivers path = /var/lib/samba/drivers browseable = yes guest ok = no read only = yes write list = root, awilliam ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us -w xxx -x # extended LDIF # # LDAPv3 # base uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us with scope subtree # filter: (objectclass=*) # requesting: ALL # # root, People, gomer.mdah.state.ms.us dn: uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us uid: root cn: root sn: root mail: [EMAIL PROTECTED] objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword:: xxx shadowLastChange: 13704 shadowMax: 9 shadowWarning: 7 loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: root # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [EMAIL PROTECTED] samba]# ps ax|grep winbind 6511 pts/1S+ 0:00 grep winbind 29280 ?Ss 0:00 winbindd 29282 ?S 0:00 winbindd 29285 ?S 0:00 winbindd 29286 ?S 0:00 winbindd [EMAIL PROTECTED] samba]# cat /etc/nsswitch.conf |grep wins hosts: files dns wins -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join -U root error
On my server, I have root in LDAP, and am following the Samba3 by example book, but I'm unable to get it to join the domain. I'm running samba 3.0.25b. [EMAIL PROTECTED] samba]# net rpc join -U root% Unable to find a suitable server [EMAIL PROTECTED] samba]# net rpc testjoin -S GOMER -U root%tical123 Join to 'ADMIN' is OK [EMAIL PROTECTED] samba]# net rpc testjoin -D DOMAIN -U root%tical123 Unable to find a suitable server Join to domain 'ADMIN' is not valid I google searched for the error, but didn't find a solution. Any ideas? smb.conf: [global] unix charset = LOCALE workgroup = ADMIN netbios name = GOMER server string = Samba Server %v on gomer interfaces = eth0, lo bind interfaces only = Yes passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us enable privileges = Yes username map = /etc/samba/smbusers log level = 5 syslog = 0 log file = /var/log/samba/%m max log size = 50 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS show add printer wizard = no add user script = /usr/sbin/smbldap-useradd -a -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-groupmod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = scripts\logon.bat logon path = \\%L\profiles\%U logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us idmap backend = ldap:ldap://gomer.mdah.state.ms.us idmap uid = 1 - 2 idmap gid = 1 - 2 map acl inherit = Yes printing = cups printer admin = root, awilliam [homes] comment = Home Directories valid users = %S read only = no browseable = No [accounts] comment = Accounting Files path = /data/accounts read only = No [netlogon] comment = network logon service path = /var/lib/samba/netlogon guest ok = Yes locking = No [profiles] comment = Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes [print$] comment = Printer Drivers path = /var/lib/samba/drivers browseable = yes guest ok = no read only = yes write list = root, awilliam ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us -w xxx -x # extended LDIF # # LDAPv3 # base uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us with scope subtree # filter: (objectclass=*) # requesting: ALL # # root, People, gomer.mdah.state.ms.us dn: uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us uid: root cn: root sn: root mail: [EMAIL PROTECTED] objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword:: xxx shadowLastChange: 13704 shadowMax: 9 shadowWarning: 7 loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: root # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [EMAIL PROTECTED] samba]# ps ax|grep winbind 6511 pts/1S+ 0:00 grep winbind 29280 ?Ss 0:00 winbindd 29282 ?S 0:00 winbindd 29285 ?S 0:00 winbindd 29286 ?S 0:00 winbindd [EMAIL PROTECTED] samba]# cat /etc/nsswitch.conf |grep wins hosts: files dns wins -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
have you tried restarting both samba and winbind services ?? or as Roy from the IT Crowd says.. Have you tried turning it off and on again? :P Diego On Nov 7, 2007 5:11 PM, Adam Williams [EMAIL PROTECTED] wrote: yeah, that works, but thats not what the Samba 3 by Example book has. [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. But, winbind is still broken. [EMAIL PROTECTED] etc]# wbinfo -g Error looking up domain groups [EMAIL PROTECTED] etc]# wbinfo -u Error looking up domain users any ideas on that? Diego Obetko wrote: I've been using # net rpc join -S (domain) -U root Diego -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
yeah, no luck :( [EMAIL PROTECTED] ~]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] ~]# net rpc join -U root%xxx Unable to find a suitable server Diego Obetko wrote: have you tried restarting both samba and winbind services ?? or as Roy from the IT Crowd says.. Have you tried turning it off and on again? :P Diego On Nov 7, 2007 5:11 PM, Adam Williams [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: yeah, that works, but thats not what the Samba 3 by Example book has. [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. But, winbind is still broken. [EMAIL PROTECTED] etc]# wbinfo -g Error looking up domain groups [EMAIL PROTECTED] etc]# wbinfo -u Error looking up domain users any ideas on that? Diego Obetko wrote: I've been using # net rpc join -S (domain) -U root Diego -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
On Nov 7, 2007 6:34 PM, Adam Williams [EMAIL PROTECTED] wrote: yeah, no luck :( [EMAIL PROTECTED] ~]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] ~]# net rpc join -U root%xxx Unable to find a suitable server but you used that sintax that didn't work again.. try this # net rpc join -S GOMER -U root then # /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart then # wbinfo -u On Nov 7, 2007 5:11 PM, Adam Williams [EMAIL PROTECTED] wrote: yeah, that works, but thats not what the Samba 3 by Example book has. [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. But, winbind is still broken. [EMAIL PROTECTED] etc]# wbinfo -g Error looking up domain groups [EMAIL PROTECTED] etc]# wbinfo -u Error looking up domain users any ideas on that? Diego Obetko wrote: I've been using # net rpc join -S (domain) -U root Diego -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
I turned on log level = 10 and got some more data. [EMAIL PROTECTED] samba]# net rpc join -S GOMER -U root [2007/11/07 15:52:27, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:52:27, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \NETLOGON fnum 0x7751returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Password: [2007/11/07 15:53:00, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:53:00, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \samr fnum 0x7775returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Creation of workstation account failed Unable to join domain ADMIN. [EMAIL PROTECTED] samba]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users Diego Obetko wrote: but you used that sintax that didn't work again.. try this # net rpc join -S GOMER -U root then # /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart then # wbinfo -u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
Make sure that the version of samba are all the same. Somehow, the 3.0.26 version is not compatible with 3.0.24. If your PDC has an earlier version to that machine you are trying to join, you will not be able to join it to the domain. Adam Williams wrote: I turned on log level = 10 and got some more data. [EMAIL PROTECTED] samba]# net rpc join -S GOMER -U root [2007/11/07 15:52:27, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:52:27, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \NETLOGON fnum 0x7751returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Password: [2007/11/07 15:53:00, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:53:00, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \samr fnum 0x7775returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Creation of workstation account failed Unable to join domain ADMIN. [EMAIL PROTECTED] samba]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users Diego Obetko wrote: but you used that sintax that didn't work again.. try this # net rpc join -S GOMER -U root then # /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart then # wbinfo -u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
i'm sorry but he did join the machine in an earlier reply.. don't know if it's the same machine or situation... [quote] [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. [/quote] On Nov 7, 2007 7:04 PM, Ivan Ordonez [EMAIL PROTECTED] wrote: Make sure that the version of samba are all the same. Somehow, the 3.0.26 version is not compatible with 3.0.24. If your PDC has an earlier version to that machine you are trying to join, you will not be able to join it to the domain. Adam Williams wrote: I turned on log level = 10 and got some more data. [EMAIL PROTECTED] samba]# net rpc join -S GOMER -U root [2007/11/07 15:52:27, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:52:27, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \NETLOGON fnum 0x7751returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Password: [2007/11/07 15:53:00, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:53:00, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \samr fnum 0x7775returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Creation of workstation account failed Unable to join domain ADMIN. [EMAIL PROTECTED] samba]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users Diego Obetko wrote: but you used that sintax that didn't work again.. try this # net rpc join -S GOMER -U root then # /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart then # wbinfo -u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
Yeah, odd that that command isn't working now. samba is running: [EMAIL PROTECTED] ~]# ps ax|grep mbd 6765 ?Ss 0:00 smbd -D 6768 ?Ss 0:00 nmbd -D 6769 ?S 0:00 nmbd -D but when I nmap scan, it looks like its not responding on ports 139 and 445. [EMAIL PROTECTED] nmap-4.20]# ./nmap -sS -O -T insane gomer Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-07 16:23 CST Interesting ports on gomer.mdah.state.ms.us (10.8.3.37): Not shown: 1685 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 389/tcp open ldap 610/tcp open npmp-local 614/tcp open unknown 826/tcp open unknown 992/tcp open telnets 1023/tcp open netvenuechat 2049/tcp open nfs 3306/tcp open mysql [EMAIL PROTECTED] mnt]# mount //gomer/adam /mnt/gomer -o username=adam Password: mount error 111 = Connection refused but i have in my smb.conf interfaces = eth0, lo bind interfaces only = Yes any ideas? Diego Obetko wrote: i'm sorry but he did join the machine in an earlier reply.. don't know if it's the same machine or situation... [quote] [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. [/quote] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
I think he did a net rpc testjoin command and got a no suitable server response. Diego Obetko wrote: i'm sorry but he did join the machine in an earlier reply.. don't know if it's the same machine or situation... [quote] [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. [/quote] On Nov 7, 2007 7:04 PM, Ivan Ordonez [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Make sure that the version of samba are all the same. Somehow, the 3.0.26 version is not compatible with 3.0.24. If your PDC has an earlier version to that machine you are trying to join, you will not be able to join it to the domain. Adam Williams wrote: I turned on log level = 10 and got some more data. [EMAIL PROTECTED] samba]# net rpc join -S GOMER -U root [2007/11/07 15:52:27, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:52:27, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \NETLOGON fnum 0x7751returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Password: [2007/11/07 15:53:00, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:53:00, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \samr fnum 0x7775returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Creation of workstation account failed Unable to join domain ADMIN. [EMAIL PROTECTED] samba]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users Diego Obetko wrote: but you used that sintax that didn't work again.. try this # net rpc join -S GOMER -U root then # /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart then # wbinfo -u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join -U root error
[quote] [EMAIL PROTECTED] samba]# net rpc join -U root% Unable to find a suitable server [EMAIL PROTECTED] samba]# net rpc testjoin -S GOMER -U root%xxx Join to 'ADMIN' is OK [EMAIL PROTECTED] samba]# net rpc testjoin -D DOMAIN -U root%xxx Unable to find a suitable server Join to domain 'ADMIN' is not valid [/quote] What is the samba server netbios name and workgroup ?? as far as i can see the domain is ADMIN and the samba netbios name is GOMER so, what is DOMAIN in [EMAIL PROTECTED] samba]# net rpc testjoin -D DOMAIN -U root another thing, you don't need to pass the password in that command.. you can issue it as i put it up here and it will as you for root's password... Diego On Nov 7, 2007 9:08 PM, Ivan Ordonez [EMAIL PROTECTED] wrote: I think he did a net rpc testjoin command and got a no suitable server response. Diego Obetko wrote: i'm sorry but he did join the machine in an earlier reply.. don't know if it's the same machine or situation... [quote] [EMAIL PROTECTED] etc]# net rpc join -S GOMER -U root Password: Joined domain ADMIN. [/quote] On Nov 7, 2007 7:04 PM, Ivan Ordonez [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Make sure that the version of samba are all the same. Somehow, the 3.0.26 version is not compatible with 3.0.24. If your PDC has an earlier version to that machine you are trying to join, you will not be able to join it to the domain. Adam Williams wrote: I turned on log level = 10 and got some more data. [EMAIL PROTECTED] samba]# net rpc join -S GOMER -U root [2007/11/07 15:52:27, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:52:27, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \NETLOGON fnum 0x7751returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Password: [2007/11/07 15:53:00, 0] libsmb/clientgen.c:cli_receive_smb(112) Receiving SMB: Server stopped responding [2007/11/07 15:53:00, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) rpc_api_pipe: Remote machine GOMER pipe \samr fnum 0x7775returned critical error. Error was Call timed out: server did not respond after 1 milliseconds Creation of workstation account failed Unable to join domain ADMIN. [EMAIL PROTECTED] samba]# /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart Shutting down SMB services:[ OK ] Starting SMB services: [ OK ] Shutting down Winbind services:[ OK ] Starting Winbind services: [ OK ] [EMAIL PROTECTED] samba]# wbinfo -u Error looking up domain users Diego Obetko wrote: but you used that sintax that didn't work again.. try this # net rpc join -S GOMER -U root then # /etc/rc.d/init.d/smb restart /etc/rc.d/init.d/winbind restart then # wbinfo -u -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join: Percent sign in password
Hello, How can I pass a password that contains the percent sign to the net rpc join command? I use the format: Net rpc join -U user%password Does escaping work? If so, how? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join: Percent sign in password
On Mi, Jul 11, 2007 at 11:23:16 +0300, Eyal Ben David wrote: How can I pass a password that contains the percent sign to the net rpc join command? I use the format: Net rpc join -U user%password Does escaping work? If so, how? No escaping needed. The first % sign is the separator. The following is taken verbatim as password. Cheers, Michael -- Michael Adam [EMAIL PROTECTED] SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.SerNet.DE, mailto: Info @ SerNet.DE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join fails the first time but succeeds the second
Hi. I'm having some trouble when trying to join a SAMBA machine, acting as a member server, to a NT-style domain server managed by a SAMBA PDC using an LDAP back-end. Both machines are running samba-3.0.10-1.4E.6 on Red Hat Enterprise Linux 4.1 Update 3 for AMD64. When trying to add the member server to the domain, it fails with an error message. However, if I try to add it again, the operation succeeds. The first try to add the member server fails with this error message: [EMAIL PROTECTED] ~]# net rpc join CENTRAL -U Administrator%password [2006/05/19 13:01:08, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319) Error domain join verification (reused connection): NT_STATUS_ACCESS_DENIED Unable to join domain CENTRAL. I can see the SAMBA machine account has been created: [EMAIL PROTECTED] ~]# pdbedit -L Administrator:0:Domain Administrator member$:10001:Machine Then, immediately, I try to add the member server, once again: [EMAIL PROTECTED] ~]# net rpc join CENTRAL -U Administrator%password Joined domain CENTRAL. Both, the member server and PDC are using nss_ldap. Thus: [EMAIL PROTECTED] ~]# id Administrator uid=0(root) gid=0(root) groups=0(root) The smb.conf for the PDC is: [global] # Store SAMBA data into an LDAP backend passdb backend = ldapsam:ldap://ldap/ ldap admin dn = cn=Directory Manager ldap suffix = dc=central ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups # Scripts for managing users and computers add user script = /usr/sbin/luseradd -g Domain Users %u delete user script = /usr/sbin/luserdel -r %u add group script = /usr/sbin/lgroupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/lgroupmod -A %u %g delete user from group script = /usr/sbin/lgroupmod -R %u %g add machine script = /usr/sbin/luseradd -g Domain Computers -c Machine -s /bin/false -d /dev/null -n -M %u workgroup = CENTRAL netbios name = NDS1 server string = CENTRAL Samba Domain Controller load printers = no log file = /var/log/samba/%m.log security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 35 local master = yes domain master = yes preferred master = yes domain logons = yes logon path = wins support = yes The smb.conf for the member server is: [global] workgroup = CENTRAL server string = CENTRAL File Server netbios name = FS1 log file = /var/log/samba/%m.log max log size = 50 security = domain encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Any ideas? Thank you very much. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join fails the first time but succeeds the second
Hi, if you create a new user with luseradd, is this new user immediately available? Or do you have to wait some time between the following two commands: /usr/sbin/luseradd -g Domain Computers -c Machine -s /bin/false -d /dev/null -n -M testuser id testuser Mark On Fri, May 19, 2006 at 01:13:21PM +0200, Felipe Alfaro Solana wrote: Hi. I'm having some trouble when trying to join a SAMBA machine, acting as a member server, to a NT-style domain server managed by a SAMBA PDC using an LDAP back-end. Both machines are running samba-3.0.10-1.4E.6 on Red Hat Enterprise Linux 4.1 Update 3 for AMD64. When trying to add the member server to the domain, it fails with an error message. However, if I try to add it again, the operation succeeds. The first try to add the member server fails with this error message: [EMAIL PROTECTED] ~]# net rpc join CENTRAL -U Administrator%password [2006/05/19 13:01:08, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319) Error domain join verification (reused connection): NT_STATUS_ACCESS_DENIED Unable to join domain CENTRAL. I can see the SAMBA machine account has been created: [EMAIL PROTECTED] ~]# pdbedit -L Administrator:0:Domain Administrator member$:10001:Machine Then, immediately, I try to add the member server, once again: [EMAIL PROTECTED] ~]# net rpc join CENTRAL -U Administrator%password Joined domain CENTRAL. Both, the member server and PDC are using nss_ldap. Thus: [EMAIL PROTECTED] ~]# id Administrator uid=0(root) gid=0(root) groups=0(root) The smb.conf for the PDC is: [global] # Store SAMBA data into an LDAP backend passdb backend = ldapsam:ldap://ldap/ ldap admin dn = cn=Directory Manager ldap suffix = dc=central ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups # Scripts for managing users and computers add user script = /usr/sbin/luseradd -g Domain Users %u delete user script = /usr/sbin/luserdel -r %u add group script = /usr/sbin/lgroupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/lgroupmod -A %u %g delete user from group script = /usr/sbin/lgroupmod -R %u %g add machine script = /usr/sbin/luseradd -g Domain Computers -c Machine -s /bin/false -d /dev/null -n -M %u workgroup = CENTRAL netbios name = NDS1 server string = CENTRAL Samba Domain Controller load printers = no log file = /var/log/samba/%m.log security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 35 local master = yes domain master = yes preferred master = yes domain logons = yes logon path = wins support = yes The smb.conf for the member server is: [global] workgroup = CENTRAL server string = CENTRAL File Server netbios name = FS1 log file = /var/log/samba/%m.log max log size = 50 security = domain encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Any ideas? Thank you very much. -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] net rpc join fails the first time but succeeds the second
Your domain member is not configured correctly, you need it to be able to authenticate with ldap. Should look something like this as per Chapter 7 Samba 3 by Example.. http://samba.org/samba/docs/man/Samba-Guide/unixclients.html#sdcsdmldap Example 7.1. Samba Domain Member in Samba Domain Using LDAP smb.conf File # Global parameters [global] unix charset = LOCALE workgroup = MEGANET2 security = DOMAIN username map = /etc/samba/smbusers log level = 10 syslog = 0 log file = /var/log/samba/%m max log size = 50 smb ports = 139 name resolve order = wins bcast hosts printcap name = CUPS wins server = 192.168.2.1 ldap suffix = dc=abmas,dc=biz ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=abmas,dc=biz idmap backend = ldap:ldap://lapdc.abmas.biz idmap uid = 1-2 idmap gid = 1-2 winbind trusted domains only = Yes printer admin = root printing = cups Stick to the official docs, will save you days/years of time. Adrian Sender. From: Felipe Alfaro Solana [EMAIL PROTECTED] To: Samba Mailing List samba@lists.samba.org Subject: [Samba] net rpc join fails the first time but succeeds the second Sent: Friday, 19 May 2006 9:13:21 PM Hi. I'm having some trouble when trying to join a SAMBA machine, acting as a member server, to a NT-style domain server managed by a SAMBA PDC using an LDAP back-end. Both machines are running samba-3.0.10-1.4E.6 on Red Hat Enterprise Linux 4.1 Update 3 for AMD64. When trying to add the member server to the domain, it fails with an error message. However, if I try to add it again, the operation succeeds. The first try to add the member server fails with this error message: [EMAIL PROTECTED] ~]# net rpc join CENTRAL -U Administrator%password [2006/05/19 13:01:08, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319) Error domain join verification (reused connection): NT_STATUS_ACCESS_DENIED Unable to join domain CENTRAL. I can see the SAMBA machine account has been created: [EMAIL PROTECTED] ~]# pdbedit -L Administrator:0:Domain Administrator member$:10001:Machine Then, immediately, I try to add the member server, once again: [EMAIL PROTECTED] ~]# net rpc join CENTRAL -U Administrator%password Joined domain CENTRAL. Both, the member server and PDC are using nss_ldap. Thus: [EMAIL PROTECTED] ~]# id Administrator uid=0(root) gid=0(root) groups=0(root) The smb.conf for the PDC is: [global] # Store SAMBA data into an LDAP backend passdb backend = ldapsam:ldap://ldap/ ldap admin dn = cn=Directory Manager ldap suffix = dc=central ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups # Scripts for managing users and computers add user script = /usr/sbin/luseradd -g Domain Users %u delete user script = /usr/sbin/luserdel -r %u add group script = /usr/sbin/lgroupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/lgroupmod -A %u %g delete user from group script = /usr/sbin/lgroupmod -R %u %g add machine script = /usr/sbin/luseradd -g Domain Computers -c Machine -s /bin/false -d /dev/null -n -M %u workgroup = CENTRAL netbios name = NDS1 server string = CENTRAL Samba Domain Controller load printers = no log file = /var/log/samba/%m.log security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 35 local master = yes domain master = yes preferred master = yes domain logons = yes logon path = wins support = yes The smb.conf for the member server is: [global] workgroup = CENTRAL server string = CENTRAL File Server netbios name = FS1 log file = /var/log/samba/%m.log max log size = 50 security = domain encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Any ideas? Thank you very much. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join aborts and segfaults in 3.0.20b
I'm trying to migrate a TAS PDC to Samba 3.0.20b on Solaris 9. Trying to use the NT migration guide gets stopped pretty quickly at just trying to join the domain: ---8- bash-2.05# net rpc join -S fillager -W LIU -U admin Password: [2005/10/24 00:21:28, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(175) error opening lsa policy handle: NT_STATUS_UNSUCCESSFUL Unable to join domain Segmentation Fault (core dumped) ---8- Using and debuglevel above 0 prevents the segfault and prints a pretty uninitialized-looking domainname instead: ---8- bash-2.05# net rpc join -d 1 -S fillager -W LIU -U admin [2005/10/24 00:37:41, 1] libsmb/cliconnect.c:cli_full_connection(1495) failed session setup with NT_STATUS_ACCESS_DENIED [2005/10/24 00:37:41, 1] utils/net.c:connect_to_ipc_anonymous(208) Cannot connect to server (anonymously). Error was NT_STATUS_ACCESS_DENIED Password: [2005/10/24 00:37:43, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(175) error opening lsa policy handle: NT_STATUS_UNSUCCESSFUL Unable to join domainÿÿC. ---8- So the interesting question is it unable to open the lsa policy handle? What can I do to debug this? The account is created on the PDC and none of the around 1000 Windows NT4, 2000 and XP machines we have connected to this system on the University seems to have any problem joining the domain. -- Peter Bortas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'net rpc join -U Administrator' on Samba + LDAP PDC
Hey again Craig, Considering your last comment about the problem over Pdbedit -Lv 'testuser,' I decided to start fresh. I paid close attention to what you have pointed out on my new installation.It took me only 1:30 to get to where I am at right now. I don't recieve the object class error anymore. However, I am where I startedjoining the domain. I will go over the samba (10) and ldap (256) log files and let you know the results tommorow afternoon. 'pdbedit -Lv 'testuser1' is working now. so the problem can not be the luck of samba's ability to get user information from ldap backend (highly unlikely). Oh well, I guess I have a lot of reading to do before tommorow afternoon :) Talk to you later, Ambex Ps: Even though I know it is not very helpful, here is the error message :) The following error occured attempting to join the domain AGUILAS: the user name could not be found. __ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'net rpc join -U Administrator' on Samba + LDAP PDC
On Sat, 2004-07-10 at 22:54, abebe lsslp wrote: I am having trouble joining a Samba + LDAP PDC. Here are the steps I took and the results I have received. General Information: . Fedora Core 1 machine . Samba 3.0.0 . Openldap 2.1.22-8 . Netbios Name: EAGLEX . Domain name: AGUILAS Symptoms: Step 1: [EMAIL PROTECTED] root]# net rpc join -UAdministrator%xx The username or password was not correct. '/var/log/messages': Jul 10 12:30:47 eaglex smbd[9253]: [2004/07/10 12:30:47, 0] rpc_server/srv_netlog_nt.c:get_md4pw(201) Jul 10 12:30:47 eaglex smbd[9253]: get_md4pw: Workstation EAGLEX$: no account in domain Step 2: [EMAIL PROTECTED] root]#smbldap-useradd -w EAGLEX$ [EMAIL PROTECTED] root]# Step 3: repeated step 1. Same problem Step 4: [EMAIL PROTECTED] root]# net rpc join -U root%xx Create of workstation account failed Unable to join domain AGUILAS Step 5: [EMAIL PROTECTED] root]# pdbedit -L -v Administrator Unix username:Administrator NT username: Administrator Account Flags:[U ] User SID: S-1-5-21-952094410-1508517273-1204454084-2996 Primary Group SID: S-1-5-21-952094410-1508517273-1204454084-512 Full Name:Administrator Home Directory: \\EAGLEX\home\%U HomeDir Drive:H: Logon Script: logon.bat Profile Path: Domain: AGUILAS Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 21:14:07 GMT Kickoff time: Mon, 18 Jan 2038 21:14:07 GMT Password last set:Sat, 10 Jul 2004 11:39:00 GMT Password can change: Sat, 10 Jul 2004 11:39:00 GMT Password must change: Mon, 18 Jan 2038 21:14:07 GMT I have also tried everything on Google group ([samba] The username or password was not correct). Nobody really offered any real solution. I am sure for those of you who have encountered this problem before already know the symptoms and hopefully the solutions as well. I am begging for help. I have been working on this thing for the last 3 weeks now.:( It's so much easier to have LDAP working and understood prior to integration with samba. #1 what does... ldapsearch -x -h localhost -D 'binddn' -W '(uid=Administrator)' give you (replace binddn with your binddn) #2 if uidNumber of Administrator is not 0, you will probably have to use root to add new users/machines (make sure that root has SambaSamAccount in this case) #3 Much easier to join domain directly from an NT/Win2K/XP Professional machine. (see note 2) #4 upgrade samba - samba/fedora core 1 is up to 3.0.4 #5 if EAGLEX is the PDC, it doesn't need to join domain Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'net rpc join -U Administrator' on Samba + LDAP PDC
--- Craig White [EMAIL PROTECTED] wrote: On Sat, 2004-07-10 at 22:54, abebe lsslp wrote: I am having trouble joining a Samba + LDAP PDC. Here are the steps I took and the results I have received. General Information: . Fedora Core 1 machine . Samba 3.0.0 . Openldap 2.1.22-8 . Netbios Name: EAGLEX . Domain name: AGUILAS Symptoms: Step 1: [EMAIL PROTECTED] root]# net rpc join -UAdministrator%xx The username or password was not correct. '/var/log/messages': Jul 10 12:30:47 eaglex smbd[9253]: [2004/07/10 12:30:47, 0] rpc_server/srv_netlog_nt.c:get_md4pw(201) Jul 10 12:30:47 eaglex smbd[9253]: get_md4pw: Workstation EAGLEX$: no account in domain Hey Craig, You know, You have given me detailed steps for me to take. I really appreciate that! It is still not working though. Do you have any other ideas? See below for more information :). If anybody else have any idea how to fix this, pealse give it a try. It's so much easier to have LDAP working and understood prior to integration with samba. #1 what does... ldapsearch -x -h localhost -D 'binddn' -W '(uid=Administrator)' give you (replace binddn with your binddn) [EMAIL PROTECTED] etc]# ldapsearch -x -h localhost -D cn=Manager,dc=wbcoll,dc=edu -W '(uid=Administrator)' # Administrator, Users, wbcoll.edu dn: uid=Administrator,ou=Users,dc=wbcoll,dc=edu cn: Administrator sn: Administrator objectClass: inetOrgPerson objectClass: sambaSAMAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 512 uid: Administrator uidNumber: 0 homeDirectory: /home/ sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 1089477540 sambaHomePath: \\EAGLEX\home\%U sambaHomeDrive: H: sambaPrimaryGroupSID: S-1-5-21-952094410-1508517273-1204454084-512 sambaSID: S-1-5-21-952094410-1508517273-1204454084-2996 loginShell: /bin/false gecos: Netbios Domain Administrator sambaPwdMustChange: 2147483647 sambaAcctFlags: [U ] sambaPwdLastSet: 1089477540 sambaLMPassword: C7D36D999A7B2082AAD3B435B51404EE sambaNTPassword: 2176503CCD06D05BBCE3E934465C555A userPassword:: e1NNRDV9SnpzQmYxTHg0Q0ExMlVpSExnamp0ODRhRTRNPQ== #2 if uidNumber of Administrator is not 0, you will probably have to use root to add new users/machines (make sure that root has SambaSamAccount in this case) I guess #1 takes care of this step. #3 Much easier to join domain directly from an NT/Win2K/XP Professional machine. (see note 2) I removed all the log files from '/var/log/samba/' directory and tried to join Win XP pro (xppro) to the domain. Two log files were created for the xp machine: 192.168.1.18.log and xppro.log. xppro.log is empty, but 192.168.1.18.log contains the following [2004/07/11 00:34:26, 1] smbd/process.c:process_smb(1085) [2004/07/11 00:34:26, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2004/07/11 00:34:26, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2004/07/11 00:34:26, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 5 bytes to socket 22: ERRNO = Connection reset by peer [2004/07/11 00:34:26, 0] lib/util_sock.c:send_smb(647) Error writing 5 bytes to client. -1. (Connection reset by peer) #4 upgrade samba - samba/fedora core 1 is up to 3.0.4 I upgraded samba 3.0.0 to samba 3.0.5 #5 if EAGLEX is the PDC, it doesn't need to join domain Ok,thanks :) Ambex __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'net rpc join -U Administrator' on Samba + LDAP PDC
On Sun, 2004-07-11 at 10:55, abebe lsslp wrote: You know, You have given me detailed steps for me to take. I really appreciate that! It is still not working though. Do you have any other ideas? See below for more information :). If anybody else have any idea how to fix this, pealse give it a try. I removed all the log files from '/var/log/samba/' directory and tried to join Win XP pro (xppro) to the domain. Two log files were created for the xp machine: 192.168.1.18.log and xppro.log. xppro.log is empty, but 192.168.1.18.log contains the following [2004/07/11 00:34:26, 1] smbd/process.c:process_smb(1085) [2004/07/11 00:34:26, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2004/07/11 00:34:26, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2004/07/11 00:34:26, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 5 bytes to socket 22: ERRNO = Connection reset by peer [2004/07/11 00:34:26, 0] lib/util_sock.c:send_smb(647) Error writing 5 bytes to client. -1. (Connection reset by peer) I have seen this error and this seems to be a general networking error - in my case, it was a bad wire from one switch to another switch and the problem would temporarily disappear when I reset the switches (hubs) but it would come back. Just to make certain do these things... 1 - power cycle all the involved hubs/switches 2 - check all the link lights 3 - turn up log levels on both openldap and samba temporarily to log everything (i.e. level 256 on openldap and 10 on samba) 4 - make sure that firewall on both Linux machine and Windows machine are off 5 - make sure that you haven't attached to any resource on the PDC from the winXP Pro machine since the last restart of the WinXP Pro computer (i.e. to be certain, restart the machine and then immediately try to join) Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 'net rpc join -U Administrator' on Samba + LDAP PDC
I am having trouble joining a Samba + LDAP PDC. Here are the steps I took and the results I have received. General Information: . Fedora Core 1 machine . Samba 3.0.0 . Openldap 2.1.22-8 . Netbios Name: EAGLEX . Domain name: AGUILAS Symptoms: Step 1: [EMAIL PROTECTED] root]# net rpc join -UAdministrator%xx The username or password was not correct. '/var/log/messages': Jul 10 12:30:47 eaglex smbd[9253]: [2004/07/10 12:30:47, 0] rpc_server/srv_netlog_nt.c:get_md4pw(201) Jul 10 12:30:47 eaglex smbd[9253]: get_md4pw: Workstation EAGLEX$: no account in domain Step 2: [EMAIL PROTECTED] root]#smbldap-useradd -w EAGLEX$ [EMAIL PROTECTED] root]# Step 3: repeated step 1. Same problem Step 4: [EMAIL PROTECTED] root]# net rpc join -U root%xx Create of workstation account failed Unable to join domain AGUILAS Step 5: [EMAIL PROTECTED] root]# pdbedit -L -v Administrator Unix username:Administrator NT username: Administrator Account Flags:[U ] User SID: S-1-5-21-952094410-1508517273-1204454084-2996 Primary Group SID: S-1-5-21-952094410-1508517273-1204454084-512 Full Name:Administrator Home Directory: \\EAGLEX\home\%U HomeDir Drive:H: Logon Script: logon.bat Profile Path: Domain: AGUILAS Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 21:14:07 GMT Kickoff time: Mon, 18 Jan 2038 21:14:07 GMT Password last set:Sat, 10 Jul 2004 11:39:00 GMT Password can change: Sat, 10 Jul 2004 11:39:00 GMT Password must change: Mon, 18 Jan 2038 21:14:07 GMT I have also tried everything on Google group ([samba] The username or password was not correct). Nobody really offered any real solution. I am sure for those of you who have encountered this problem before already know the symptoms and hopefully the solutions as well. I am begging for help. I have been working on this thing for the last 3 weeks now.:( Thanks Ambex __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join || smbpasswd
Hi ! I'm trying to join my samba3 print server to an existing NT4 domain. I'm on mdk 9.1 prosuite and samba3 rpms. I did urpmi samba3-server samba3-winbind without problem. I'm using this doc: http://us1.samba.org/samba/docs/man/howto/FastStart.html#id2509604 when i do: net rpc join -S THE_PDC -U AN_ ADMIN i got: bash:net:command not found --- Do i have to use smbpasswd -j DOMAIN -r PDC -UAdmin_count%the_passwd ??? thanks by advance -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join
net help rpc join net rpc join -U username[%password] [options] to join a domain with admin username password password will be prompted if none is specified snip Valid miscellaneous options are: -U or --user=name user name snip On Thu, Apr 25, 2002 at 05:07:33PM -0700, Matt Rice wrote: testing a recent cvs snapshot i noticed that smbpasswd -j is deprecated net rpc join doesnt seem to work when RestrictAnonymous is enabled on my windows system it doesn't seem like there is a -U switch which was essential to smbpasswd actually being able to create a machine account. matt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Douglas G. Phillips ITS/User Services Eastern Illinois University -- If A equals success, then the formula is: A = X + Y + Z, X is work. Y is play. Z is keep your mouth shut. - Albert Einstein -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join
testing a recent cvs snapshot i noticed that smbpasswd -j is deprecated net rpc join doesnt seem to work when RestrictAnonymous is enabled on my windows system it doesn't seem like there is a -U switch which was essential to smbpasswd actually being able to create a machine account. matt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba