samba - Dec 2000 - Samba joining NT domain (*not* the DOMAIN_MEMBER.txt FAQ)

After reading all of the DOMAIN_MEMBER.txt documentation, I am still
running into problems having my Linux machine running Samba 2.0.7 join
an NT domain. I think the thing that throws a monkey wrench into the
whole scenario that is outlined in the documentation is that in my case
the machine was added to the PDC back when it was a Windows NT machine.
Now when I try to join the domain, I get:

# smbpasswd -j CISCO_ENG
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine
CISCO-ENG-SJC05. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
Unable to join domain CISCO_ENG.

Now I *know* that the machine is added to the PDC because I can reboot
the same machine into Windows NT and login to the domain without any
problems.

Is it possible that a unique identifier (MACHINE.SID?) needs to be
extracted from the Windows NT side and used under Samba? I would rather
not delete the machine from the PDC and readd it.

Thanks,

Berend

Berend Ozceri writes:
> After reading all of the DOMAIN_MEMBER.txt documentation, I am still
> running into problems having my Linux machine running Samba 2.0.7 join
> an NT domain. I think the thing that throws a monkey wrench into the
> whole scenario that is outlined in the documentation is that in my case
> the machine was added to the PDC back when it was a Windows NT machine.
Try going in to the server manager, deleting the machine and
adding it again.  Then try running smbpasswd as per usual.

When the machine has been freshly added to the server manager the
trust account password is set to a well-known value.  This allows
smbpasswd (and the NT Control Panel networking applet) to join
the domain.  Since you are currently joined to the domain with
the NT machine, the trust account password is not known.


Regards,

Tim.