I've followed all instructions I've found but I still can't get to join
the domain!! (Samba version 2.0.7 - version 2.0.6 failed with the
infamous SIGSEGV ).
This is the normal sequence of events to try to achieve this:
1) Remove the NT machine account for the linux box I'm about to add
(from NT Server Manager)
2) Create a new NT machine account for the same machine name (let's say
3) Go to LINUX_BOX, and stop all samba services running
4) As root, type 'smbpasswd -j DOMAIN -r DOMAIN_CONTROLLER' (naturally,
smb.conf has 'workgroup = DOMAIN', 'security = domain' and 'password
server = *' - as per new 2.0.7 doc's, but password encryption is turned
5) This is the complete (names changed, except for *SMBSERVER which is
exactly as it comes out) error message:
attempt_netbios_session_request: DOMAIN_CONTROLLER rejected the session
for name *SMBSERVER with error Called name not present
modify_trust_password: machine DOMAIN_CONTROLLER rejected the NetBIOS
session request. Error was code 0
2000/05/01 14:09:11 : change_trust_account_password: Failed to change
password for domain DOMAIN.
Unable to join domain DOMAIN
I've tried multiple variations:
a) Enable password encryption
b) Explicitly set 'password server = DOMAIN_CONTROLLER' in smb.conf
c) Changing the name of LINUX_BOX to something else, and repeating (in
case residual information is interfereing)
d) Run smbpasswd AFTER starting the samba servers
e) Removing MACHINE.SID before running smbpasswd
In the past, I used to be able to join the domain (with this SAME
smb.conf file), by just using smbpasswd -j DOMAIN, but it didn't allow
me to "see" the machine DOMAIN_CONTROLLER on the network - which I NEED
to do since that's where version control is stored.
I've ruled out a network problem, since I CAN connect to an oracle
database on that machine (via TCP/IP).
Any help will be appreciated.
Another weird thing - I CAN see all machines that have logged on to that
domain. I can also access their resources.... According to my
understanding of NT domain security....should'nt I NOT be able to do
that if I haven't joined the domain?
Sent via Deja.com http://www.deja.com/
Before you buy.