Hammond, James T.S.
2001-Dec-22 18:35 UTC
"Secret is bad" -- Winbind with Samba 2.2.2 and Windows 2000 (native mode)
I'm having problems getting "Secret is bad" with the command "wbinfo -t". I get good results with "wbinfo -u", "wbinfo -g", and "wbinfo -m". I also have positive results with all the samba tests in DIAGNOSIS.txt. I've tried deleting the computer account and recreating many times on my Windows 2000 Domain Controller (everything is native mode). I then use the "smbpasswd -j DOM" command to join my domain. Even though it says it joined, I'm not convinced it's joining correctly since I get the "Secret is bad" message. I'm running on a Rehat 7.2 box with Samba 2.2.2. Daemons smdb, nmdb, and winbindd are all running. My ultimate goal is to login to my Redhat box with Windows usernames (like DOM+username) and passwords that are authenticated from my Windows 2000 domain controllers. Hence my use of Winbind, which seems written exactly for this purpose... Help!
Andrew Bartlett
2001-Dec-29 19:52 UTC
"Secret is bad" -- Winbind with Samba 2.2.2 and Windows 2000 (native mode)
"Hammond, James T.S." wrote:> > I'm having problems getting "Secret is bad" with the command "wbinfo > -t". > > I get good results with "wbinfo -u", "wbinfo -g", and "wbinfo -m".Are you sure you are running in native mode? These should fail if thats the case...> I also have positive results with all the samba tests in DIAGNOSIS.txt. > > I've tried deleting the computer account and recreating many times on my > Windows 2000 Domain Controller (everything is native mode). I then use > the "smbpasswd -j DOM" command to join my domain. Even though it says > it joined, I'm not convinced it's joining correctly since I get the > "Secret is bad" message. > > I'm running on a Rehat 7.2 box with Samba 2.2.2. Daemons smdb, nmdb, > and winbindd are all running. > > My ultimate goal is to login to my Redhat box with Windows usernames > (like DOM+username) and passwords that are authenticated from my Windows > 2000 domain controllers. Hence my use of Winbind, which seems written > exactly for this purpose...If you are truly running a native mod domain, you might want to look into the recent Samba 3.0 alphas, as there has been a *lot* of work in real native mode support. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net