I am trying to use DOMAIN security with samba. Some weeks ago I had started this and successfully joined the domain with smbpasswd -j. (that was with samba 2.2.1a-4 from RedHat Rawhide). All was fine for a few days. For some reason, though (this may have been my own mistake), after a while my server couldn't connect to the PDC for password queries any more (access denied). Subsequent attempts to do smbpasswd -j again failed with "Access denied" errors, too. I upgraded to the official samba-2.2.2 package, with no effect. We then deleted my host in the server manager in the NT 4.0 PDC and re-inserted it shortly after (this is the procedure recommended in all postings I found related to this or similar problems). Since then, all my attempts to join the domain have resulted in errors like this (log level 3): Connecting to 172.25.186.156 at port 139 LSA_QUERYINFOPOLICY (level 5): domain:SYNERGY.DOM domain sid:S-1-5-21-2023499377-1970097340-1307212239 cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials to machine SYNERGY. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. The corresponding error event on the NT box is #5723 (No SAM trust account). I have reinstalled samba, rebooted both my machine, PDC, and BDC, and deleted the secrets.tdb file - with no success. I also deleted and reinserted my machine several times on the PDC, I even tried to give it another name. Always the same problem. I have tried deleting/reinserting my box on the PDC with and without samba running on my box - no effect. I am definitely out of ideas now. This is samba-2.2.2-20011013 on RedHat 7.1. It looks as if something went wrong on the PDC, actually - unfortunately I can't prove that to my NT administrators... I read through all the related documentation I could get my hands at, but all the authors seem to assume that smbpasswd -j succeeds, which it doesn't in my case. Someone told me to use `smbpasswd -j DOMAIN -r host -U admininistrator', but that didn't help, either. Any help is greatly appreciated. Martin -- Martin Wilck Phone: +49 5251 8 15113 Fujitsu Siemens Computers Fax: +49 5251 8 20409 Heinz-Nixdorf-Ring 1 mailto:Martin.Wilck@Fujitsu-Siemens.com D-33106 Paderborn http://www.fujitsu-siemens.com/primergy