Hello, Having a problem with trust accounts failing after creation. The following is the system that I'm running Samba on: Fedora Core 2 (compiled from source) Samba 3.0.11 OpenLDAP 2.2.23 BerkeleyDB 4.3.27 Windows 2000 client machine I have a script to add machine trust accounts to LDAP. The first part adds a posix Account and attributes to LDAP, the second uses smbpasswd to add the Samba account and attributes. I use PAM to point to the LDAP directory for user, group info and authentication. This method has worked on Samba 3.0.0 with ldap 2.1.30 backend systems fine. I add the account using root, the account is created in LDAP, and I get a "Welcome to blah blah domain" message. After I reboot and attempt to login, I get a trust account failure error message. I compared the sid for the domain and the machine account and they are identical. The only password that is created is sambaNTPassword. The following are attributes that are found in LDAP after account creation: [root@fdc2_1 root]# ldapsearch -xv -b "ou=computers,dc=tow,dc=net" uid=wms-0106$ldap_initialize( <DEFAULT> ) filter: uid=wms-0106$ requesting: ALL # extended LDIF # # LDAPv3 # base <ou=computers,dc=tow,dc=net> with scope sub # filter: uid=wms-0106$ # requesting: ALL # # wms-0106$, Computers, tow.net dn: uid=wms-0106$,ou=Computers,dc=tow,dc=net objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSamAccount uid: wms-0106$ cn: wms-0106$ sn: wms-0106$ uidNumber: 8049 gidNumber: 502 homeDirectory: /dev/null description: Computer loginShell: /bin/false sambaSID: S-1-5-21-1129281578-1295143107-3311307472-17098 sambaPrimaryGroupSID: S-1-5-21-1129281578-1295143107-3311307472-515 displayName: wms-0106$ sambaPwdCanChange: 1109349002 sambaPwdMustChange: 2147483647 sambaNTPassword: 6B92BAAA9FAD3E498BF4665F0B42BF95 sambaPwdLastSet: 1109349002 sambaAcctFlags: [W ] # search result search: 2 result: 0 Success Any suggestions? Kent L. Nasveschuk Wareham Public Schools
Misty Stanley-Jones
2005-Mar-01 16:05 UTC
[Samba] Fedora core 2 domain trust account fails
On Tuesday 01 March 2005 11:30 am, kent wrote:> Hello, > Having a problem with trust accounts failing after creation. The following > is the system that I'm running Samba on: > > Fedora Core 2 > (compiled from source) > Samba 3.0.11 > OpenLDAP 2.2.23 > BerkeleyDB 4.3.27If you read the release notes for 3.0.12pre1 you will see there is a bug with interdomain trusts in 3.0.11. Nobody ever told me that even though I have asked repeated on the mailing list. I wlll save you the time I wasted and let you know. Misty
I haven't read them but I will, thanks. Kent Misty Stanley-Jones <misty@borkholder.com> wrote:> On Tuesday 01 March 2005 11:30 am, kent wrote: > > Hello, > > Having a problem with trust accounts failing after creation. The following > > is the system that I'm running Samba on: > > > > Fedora Core 2 > > (compiled from source) > > Samba 3.0.11 > > OpenLDAP 2.2.23 > > BerkeleyDB 4.3.27 > > If you read the release notes for 3.0.12pre1 you will see there is a bug with > interdomain trusts in 3.0.11. Nobody ever told me that even though I have > asked repeated on the mailing list. I wlll save you the time I wasted and > let you know. > > Misty > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >