Greetings,
I am in the process of testing Samba 3.0.23a with our own passdb
plugin. As part of mytesting I am trying to join the domin so here are
the steps I take...
1 - get local sid
/usr/local/samba/bin/net getlocalsid
SID for domain JAZZY is: S-1-5-21-1016995387-3159270912-1426853295
2 - create group mappings
[EMAIL PROTECTED] ~]$ /usr/local/samba/bin/net groupmap list
Domain Users (S-1-5-21-1016995387-3159270912-1426853295-513) -> users
Domain Admins (S-1-5-21-1016995387-3159270912-1426853295-512) -> tech
Domain Guests (S-1-5-21-1016995387-3159270912-1426853295-514) -> nobody
[EMAIL PROTECTED] ~]$
3 - Assign privileges to tech group so they can join machines to the
domain.
net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege
[EMAIL PROTECTED] sbin]$ /usr/local/samba/bin/net -d 3 -S JAZZY rpc rights
grant 'JAZZY\tech' SeMachineAccountPrivilege
[2006/07/25 11:37:50, 3] param/loadparm.c:lp_load(4945)
lp_load: refreshing parameters
[2006/07/25 11:37:50, 3] param/loadparm.c:init_globals(1410)
Initialising global parameters
[2006/07/25 11:37:50, 3] param/params.c:pm_process(572)
params.c:pm_process() - Processing configuration file
"/usr/local/samba/lib/smb.conf"
[2006/07/25 11:37:50, 3] param/loadparm.c:do_section(3687)
Processing section "[global]"
[2006/07/25 11:37:50, 1] param/loadparm.c:lp_do_parameter(3426)
WARNING: The "printer admin" option is deprecated
[2006/07/25 11:37:50, 2] lib/interface.c:add_interface(81)
added interface ip=130.xx.xx.xx bcast=130.xx.xx.xx
nmask=255.255.255.0
[2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_lmhosts(939)
resolve_lmhosts: Attempting lmhosts lookup for name JAZZY<0x20>
[2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_wins(836)
resolve_wins: Attempting wins lookup for name JAZZY<0x20>
[2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_wins(875)
resolve_wins: using WINS server 130.xx.xx.xx and tag '*'
[2006/07/25 11:37:50, 2] libsmb/namequery.c:name_query(577)
Got a positive name query response from 130.xx.xx.xx ( 130.xx.xx.xx
)
Password:
[2006/07/25 11:38:00, 3]
libsmb/cliconnect.c:cli_start_connection(1417)
Connecting to host=JAZZY
[2006/07/25 11:38:00, 3] lib/util_sock.c:open_socket_out(874)
Connecting to 130.xx.xx.xx at port 445
[2006/07/25 11:38:00, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(723)
Doing spnego session setup (blob length=58)
[2006/07/25 11:38:00, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(748)
got OID=1 3 6 1 4 1 311 2 2 10
[2006/07/25 11:38:00, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(757)
got principal=NONE
[2006/07/25 11:38:00, 3]
libsmb/ntlmssp.c:ntlmssp_client_challenge(941)
Got challenge flags:
[2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0x60890215
[2006/07/25 11:38:00, 3]
libsmb/ntlmssp.c:ntlmssp_client_challenge(963)
NTLMSSP: Set final flags:
[2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0x60080215
[2006/07/25 11:38:00, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338)
NTLMSSP Sign/Seal - Initialising with flags:
[2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0x60080215
[2006/07/25 11:38:00, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine JAZZY pipe \lsarpc fnum 0x7622 bind
request returned ok.
[2006/07/25 11:38:00, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine JAZZY pipe \lsarpc fnum 0x7623 bind
request returned ok.
[2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224)
lsa_io_sec_qos: length c does not match size 8
[2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224)
lsa_io_sec_qos: length c does not match size 8
Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED)
[2006/07/25 11:38:00, 1] utils/net_rpc.c:run_rpc_command(170)
rpc command function failed! (NT_STATUS_ACCESS_DENIED)
[2006/07/25 11:38:00, 2] utils/net.c:main(988)
return code = 1
-
What could be causing this error? The only thing that catches my eyes
is the following
[2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224)
lsa_io_sec_qos: length c does not match size 8
[2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224)
lsa_io_sec_qos: length c does not match size 8
Anyone have any pointers ?
Thanks
Paul
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba