Hi. I am still having problems: Quick synopsis: NT workstation cannot have machine acccount successfully trusted by PDC. ---------Here’s my problem------(LONG)------------------ I have several W2k Workstations, with a SAMBA 2.2.3 PDC. I screwed up something, and removed all of the important parts of the server validation. Here's the story: OUTLAND is domain, W2k/ clients are milo and lola They WERE working fine on the domain. I did SOMETHING (??) and now I get a message that says ** Error Message 1** (when I try and log on: The system cannot log you on to this domain because the system computer account in its primary domain is missing or the password on that account is incorrect. ++Step 1++: I tried to delete the machine accounts (milo$ and lola$) using userdel and smbpasswd -x to eliminate all traces. ++Step 2++: Tried to change out of domain, changed machine name, log in: still no good, same messages. ++Step 3++: Tried the same thing, but this time also deleted the secrets.tdb file, and the MACHINE file. Then did a smbpasswd to add the root account again. STILL same problem. ++Step 4++: Then changed the machine name and (domain) out of the outland domain. So I changed the name of the client to stevedallas, and the workgroup to temp. That change worked ok. After this, I logged in, ok (as admin), and was then able to change back to the outland domain. ++Step 5++: Next logged in as workstation/administator and I added new user/browse and it did see the outland domain. Then, clicked my outland domain name, and next and next error message was ** Error Message ** : The user could not be added because the following error has occurred. The trust relationship between this workstation and the primary domain failed. SO I am stuck without getting any user logins (at least I can login as admin. please point me in the right direction??? thanks Step 6: REINSTALLED WIN2k.. SAME results. Step 7: Posted the SMB.conf, as well as the machine logs and rejects to List. GOT No responses whatsoever. Step 8: I am desperate.. I tried the following: Stopped all clients, and server. Removed SMB.conf and brought it to almost clean state. THEN removed smbpasswd , secrets,tdb as well as the MACHINE file Then started up. Same series of messages. NOTE: I deleted all comments from here for brevity (ha...) ===== NEW (still failing ) SMB.conf file ====#Mitch SMB.conf 8/13/02 [global] workgroup = OUTLAND netbios name = OUTLANDSVR server string = Samba Server %v %U log file = /var/log/samba/log.%m max log size = 50 hosts allow = 192.168.10.0 hosts deny = 68.0.0.0 security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 66 domain master = yes preferred master = yes domain logons = yes logon script = %m.bat logon script = welcome.bat logon path = \\%L\Profiles\%U ; logon home = \\%L\%U\.profile add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u domain admin group = root @wheel @admins mbruntel name resolve order = wins lmhosts bcast wins support = yes dns proxy = yes #=======Share Definitions ===========[homes] comment = Home Directories browseable = no writable = yes [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon read list = @family write list = mbruntel ntadmin @admins @family force group = @family guest ok = yes writable = no [Profiles] comment = samba roaming profiles here path = /var/lib/samba/profiles browseable = yes guest ok = yes [mbruntel] comment = Mitch's Home Stuff path = /home/mbruntel/dosroot/realroot valid users = mbruntel writable = yes max connections = 8 browseable = yes [cbruntel] comment = Cheryl's Home Stuff path = /home/cbruntel/dosroot/realroot valid users = cbruntel mbruntel writable = yes max connections = 8 [software] comment = SW shared directory path = /software valid users = cbruntel mbruntel @family zbruntel moogirl writable = yes [bigfiles] comment = Files directory path = /files valid users = cbruntel mbruntel @family zbruntel moogirl writable = yes force group = @family guest ok = Yes read only = No [files] comment = Files directory path = /files valid users = cbruntel mbruntel @family zbruntel moogirl writable = yes force group = @family guest ok = Yes read only = No inherit permissions = Yes [mail] comment = Mail Home directory path = /var/spool/mail valid users = cbruntel mbruntel admin users = cbruntel mbruntel sync always = Yes strict sync = Yes writable = Yes force group = @family guest ok = Yes read only = No inherit permissions = Yes === End of (still failing ) SMB.conf file == ===Start machine log : Stevedallas: (before changing to domain outland)== [2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) get_md4pw: Workstation stevedallas$: no account in domain [2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248) stevedallas (192.168.10.184) couldn't find service bigfiles [2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [root@mitchbnj1 samba]# ===ENDmachine log : Stevedallas: (before changing to domain outland)== ===Start machine log : lola: (after changing to domain outland)== [2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) get_md4pw: Workstation stevedallas$: no account in domain [2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248) stevedallas (192.168.10.184) couldn't find service bigfiles [2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) [2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381) mbruntel logged in as admin user (root privileges) ***Start NMBD file *** This is Mitch's NMBD file: Netbios nameserver version 2.2.3a started. Copyright Andrew Tridgell and the Samba Team 1994-2002 [2002/08/13 15:47:37, 0] nmbd/asyncdns.c:start_async_dns(148) started asyncdns process 1381 [2002/08/13 15:47:37, 0] libsmb/namequery.c:getlmhostsent(514) getlmhostsent: too many columns in lmhosts file (obsolete syntax) [2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156) add_domain_logon_names: Attempting to become logon server for workgroup OUTLAND on subnet 192.168.10.187 [2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156) add_domain_logon_names: Attempting to become logon server for workgroup OUTLAND on subnet UNICAST_SUBNET [2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(339) become_domain_master_browser_wins: Attempting to become domain master browser on workgroup OUTLAND, subnet UNICAST_SUBNET. [2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(352) become_domain_master_browser_wins: querying WINS server at IP 192.168.10.187 for domain master browser name OUTLAND on workgroup OUTLAND [2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(114) become_logon_server_success: Samba is now a logon server for workgroup OUTLAND on subnet UNICAST_SUBNET [2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115) ***** Samba server OUTLANDSVR is now a domain master browser for workgroup OUTLAND on subnet UNICAST_SUBNET ***** [2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291) become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup OUTLAND on subnet 192.168.10.187 [2002/08/13 15:47:37, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(304) become_domain_master_browser_bcast: querying subnet 192.168.10.187 for domain master browser on workgroup OUTLAND [2002/08/13 15:47:41, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(114) become_logon_server_success: Samba is now a logon server for workgroup OUTLAND on subnet 192.168.10.187 [2002/08/13 15:47:41, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(236) find_response_record: response packet id 23895 received with no matching record. [2002/08/13 15:47:41, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(236) find_response_record: response packet id 23896 received with no matching record. [2002/08/13 15:47:45, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115) ***** Samba server OUTLANDSVR is now a domain master browser for workgroup OUTLAND on subnet 192.168.10.187 ***** [2002/08/13 15:48:00, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(404) ***** Samba name server OUTLANDSVR is now a local master browser for workgroup OUTLAND on subnet 192.168.10.187 ***** ***END of NMBD file *** *** log.smbd [2002/08/13 15:07:23.870957, 3, effective(0, 0), real(0, 0)] smbd/server.c:exit_server(492) Server exit (caught signal) [2002/08/13 15:47:36, 0] smbd/server.c:main(698) smbd version 2.2.3a started. Copyright Andrew Tridgell and the Samba Team 1992-2002 [root@mitchbnj1 samba]# _[K *** log.smbd ------------------------------------------------ Join Excite! - http://www.excite.com The most personalized portal on the Web!
Rasmus Reinholdt Nielsen
2002-Aug-14 00:16 UTC
[Samba] w2k pro no longer trusted by 2.2.3 pdc
Hi Try this line for useradd script, add user script = /usr/sbin/adduser -n -g 100 -c %m -d /dev/null -s /bin/false %m$ Since you %u add's the username instead of the machinename. What OS are you using? Rasmus At 17:47 13-08-2002 -0400, mitchbnj@excite.com wrote:>Hi. I am still having problems: >Quick synopsis: >NT workstation cannot have machine acccount successfully trusted by PDC. > > ---------Here's my problem------(LONG)------------------ > >I have several W2k Workstations, with a SAMBA 2.2.3 PDC. >I screwed up something, and removed all of the important parts of the >server validation. > Here's the story: OUTLAND is domain, W2k/ clients are milo and lola >They WERE working fine on the domain. I did SOMETHING (??) and now I get >a message that says >** Error Message 1** > (when I try and log on: The system cannot log you on to this domain > because the system computer account in its primary domain is missing or > the password on that account is incorrect. > >++Step 1++: I tried to delete the machine accounts (milo$ and lola$) using >userdel and smbpasswd -x to eliminate all traces. >++Step 2++: Tried to change out of domain, changed machine name, log in: >still no good, same messages. >++Step 3++: Tried the same thing, but this time also deleted the >secrets.tdb file, and the MACHINE file. Then did a smbpasswd to add the >root account again. STILL same problem. >++Step 4++: Then changed the machine name and (domain) out of the outland >domain. So I changed the name of the client to stevedallas, and the >workgroup to temp. That change worked ok. After this, I logged in, ok >(as admin), and was then able to change back to the outland domain. > >++Step 5++: Next logged in as workstation/administator and I added new >user/browse and it did see the outland domain. Then, clicked my outland >domain name, and next and >next error message was >** Error Message ** : The user could not be added because the following >error has occurred. The trust relationship between this workstation and >the primary domain failed. > >SO I am stuck without getting any user logins (at least I can login >as admin. please point me in the right direction??? thanks > >Step 6: REINSTALLED WIN2k.. SAME results. > >Step 7: Posted the SMB.conf, as well as the machine logs and rejects to >List. >GOT No responses whatsoever. > >Step 8: I am desperate.. I tried the following: >Stopped all clients, and server. > >Removed SMB.conf and brought it to almost clean state. >THEN removed smbpasswd , secrets,tdb as well as the MACHINE file > >Then started up. > >Same series of messages. > >NOTE: I deleted all comments from here for brevity (ha...) > >===== NEW (still failing ) SMB.conf file ====>#Mitch SMB.conf 8/13/02 >[global] >workgroup = OUTLAND >netbios name = OUTLANDSVR >server string = Samba Server %v %U > >log file = /var/log/samba/log.%m > >max log size = 50 > >hosts allow = 192.168.10.0 >hosts deny = 68.0.0.0 > >security = user >encrypt passwords = yes >smb passwd file = /etc/samba/smbpasswd > >unix password sync = Yes >passwd program = /usr/bin/passwd %u >passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n >*passwd:*all*authentication*tokens*updated*successfully* > >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > >local master = yes >os level = 66 >domain master = yes >preferred master = yes >domain logons = yes > >logon script = %m.bat >logon script = welcome.bat > >logon path = \\%L\Profiles\%U > >; logon home = \\%L\%U\.profile > >add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine >Account' -s /bin/false -M %u >domain admin group = root @wheel @admins mbruntel > >name resolve order = wins lmhosts bcast > >wins support = yes > >dns proxy = yes > > >#=======Share Definitions ===========>[homes] >comment = Home Directories >browseable = no >writable = yes > >[netlogon] >comment = Network Logon Service >path = /var/lib/samba/netlogon >read list = @family >write list = mbruntel ntadmin @admins @family >force group = @family >guest ok = yes >writable = no > > >[Profiles] >comment = samba roaming profiles here >path = /var/lib/samba/profiles >browseable = yes >guest ok = yes > >[mbruntel] >comment = Mitch's Home Stuff >path = /home/mbruntel/dosroot/realroot >valid users = mbruntel >writable = yes >max connections = 8 >browseable = yes > >[cbruntel] >comment = Cheryl's Home Stuff >path = /home/cbruntel/dosroot/realroot >valid users = cbruntel mbruntel >writable = yes >max connections = 8 > >[software] >comment = SW shared directory >path = /software >valid users = cbruntel mbruntel @family zbruntel moogirl >writable = yes > >[bigfiles] >comment = Files directory >path = /files >valid users = cbruntel mbruntel @family zbruntel moogirl >writable = yes >force group = @family >guest ok = Yes >read only = No > >[files] >comment = Files directory >path = /files >valid users = cbruntel mbruntel @family zbruntel moogirl >writable = yes >force group = @family >guest ok = Yes >read only = No >inherit permissions = Yes > >[mail] >comment = Mail Home directory >path = /var/spool/mail >valid users = cbruntel mbruntel >admin users = cbruntel mbruntel >sync always = Yes >strict sync = Yes >writable = Yes >force group = @family >guest ok = Yes >read only = No >inherit permissions = Yes > >=== End of (still failing ) SMB.conf file ==> >===Start machine log : Stevedallas: > (before changing to domain outland)==> >[2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) > get_md4pw: Workstation stevedallas$: no account in domain >[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248) > stevedallas (192.168.10.184) couldn't find service bigfiles >[2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[root@mitchbnj1 samba]# >===ENDmachine log : Stevedallas: > (before changing to domain outland)==> > >===Start machine log : lola: > (after changing to domain outland)==> >[2002/08/13 16:05:08, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) > get_md4pw: Workstation stevedallas$: no account in domain >[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:05:15, 0] smbd/service.c:make_connection(248) > stevedallas (192.168.10.184) couldn't find service bigfiles >[2002/08/13 16:05:22, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:12:06, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:12:11, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) >[2002/08/13 16:13:24, 0] smbd/service.c:make_connection(381) > mbruntel logged in as admin user (root privileges) > > >***Start NMBD file *** > >This is Mitch's NMBD file: > > Netbios nameserver version 2.2.3a started. > Copyright Andrew Tridgell and the Samba Team 1994-2002 >[2002/08/13 15:47:37, 0] nmbd/asyncdns.c:start_async_dns(148) > started asyncdns process 1381 >[2002/08/13 15:47:37, 0] libsmb/namequery.c:getlmhostsent(514) > getlmhostsent: too many columns in lmhosts file (obsolete syntax) >[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156) > add_domain_logon_names: > Attempting to become logon server for workgroup OUTLAND on subnet > 192.168.10.187 >[2002/08/13 15:47:37, 0] nmbd/nmbd_logonnames.c:add_logon_names(156) > add_domain_logon_names: > Attempting to become logon server for workgroup OUTLAND on subnet > UNICAST_SUBNET >[2002/08/13 15:47:37, 0] >nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(339) > become_domain_master_browser_wins: > Attempting to become domain master browser on workgroup OUTLAND, subnet > UNICAST_SUBNET. >[2002/08/13 15:47:37, 0] >nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(352) > become_domain_master_browser_wins: querying WINS server at IP > 192.168.10.187 for domain master browser name OUTLAND on workgroup OUTLAND >[2002/08/13 15:47:37, 0] >nmbd/nmbd_logonnames.c:become_logon_server_success(114) > become_logon_server_success: Samba is now a logon server for workgroup > OUTLAND on subnet UNICAST_SUBNET >[2002/08/13 15:47:37, 0] >nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115) > ***** > > Samba server OUTLANDSVR is now a domain master browser for workgroup > OUTLAND on subnet UNICAST_SUBNET > > ***** >[2002/08/13 15:47:37, 0] >nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291) > become_domain_master_browser_bcast: > Attempting to become domain master browser on workgroup OUTLAND on > subnet 192.168.10.187 >[2002/08/13 15:47:37, 0] >nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(304) > become_domain_master_browser_bcast: querying subnet 192.168.10.187 for > domain master browser on workgroup OUTLAND >[2002/08/13 15:47:41, 0] >nmbd/nmbd_logonnames.c:become_logon_server_success(114) > become_logon_server_success: Samba is now a logon server for workgroup > OUTLAND on subnet 192.168.10.187 >[2002/08/13 15:47:41, 0] >nmbd/nmbd_responserecordsdb.c:find_response_record(236) > find_response_record: response packet id 23895 received with no > matching record. >[2002/08/13 15:47:41, 0] >nmbd/nmbd_responserecordsdb.c:find_response_record(236) > find_response_record: response packet id 23896 received with no > matching record. >[2002/08/13 15:47:45, 0] >nmbd/nmbd_become_dmb.c:become_domain_master_stage2(115) > ***** > > Samba server OUTLANDSVR is now a domain master browser for workgroup > OUTLAND on subnet 192.168.10.187 > > ***** >[2002/08/13 15:48:00, 0] >nmbd/nmbd_become_lmb.c:become_local_master_stage2(404) > ***** > > Samba name server OUTLANDSVR is now a local master browser for > workgroup OUTLAND on subnet 192.168.10.187 > > ***** ***END of NMBD file *** > >*** log.smbd > >[2002/08/13 15:07:23.870957, 3, effective(0, 0), real(0, 0)] >smbd/server.c:exit_server(492) > Server exit (caught signal) >[2002/08/13 15:47:36, 0] smbd/server.c:main(698) > smbd version 2.2.3a started. > Copyright Andrew Tridgell and the Samba Team 1992-2002 >[root@mitchbnj1 samba]# _[K > >*** log.smbd > > > >------------------------------------------------ >Join Excite! - http://www.excite.com >The most personalized portal on the Web! >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba
Seemingly Similar Threads
- help (Still) w2k pro no longer trusted by 2.2.3 pdc
- W2k no longer has Trust to samba pdc
- FW: BHA--W2k wSMB no longer trusted. help
- [faslink@excite.com: FW: W2k wkstation no longer recognized by samba pdc]
- (fwd from jra@samba.org) [faslink@excite.com: FW: W2k wkstation no longer recognized by samba pdc]