We've encountered a problem with getting a newly installed Samba based machine to join the domain. Here's the command line and error response: [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn Password: error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE Unable to join domain COLUMBIA. [root@chain samba]# Installation is a RedHat 7.2 (from KRUD) box with freshly installed Samba RPMs version 2.2.3a-6. smb.conf was created by a cut and paste from a working installation on another box on our network, changing the server name and share paths as necessary. murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup) and the BDC are NT4 boxes. As the Linux guy I don't know what this error message means. The NT admins are at a loss to explain the problem. Curiosities: I've used the same software version to add a box to our domain Essentially the same config is used on the working and non-working boxes, so I'm puzzled about what configuration issue could be causing this. Bottom Line Question: do you know what causes this error and how I can resolve this issue and have the machine chain join the COLUMBIA domain? Where did I miss whatever it is in the documentation? -- Michael Rasmussen - Network Engineer, Columbia Management voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com NOTICE: This communication may contain confidential or other privileged information. If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this email in error, and delete the copy you received. Any communication that does not relate to official Columbia business is that of the sender and is neither given nor endorsed by Columbia. Thank you.
Did you create the Computer in the Domain first? Try that (without the -U murphyn). Jim> -----Original Message----- > From: Michael Rasmussen [mailto:rasmussenm@columbiafunds.com] > Sent: Thursday, June 06, 2002 8:15 AM > To: samba@lists.samba.org > Cc: IT Server Group > Subject: [Samba] problem joining the domain > > > We've encountered a problem with getting a newly installed Samba based > machine to join the domain. > > Here's the command line and error response: > > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn > Password: > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE > Unable to join domain COLUMBIA. > [root@chain samba]# > > Installation is a RedHat 7.2 (from KRUD) box with freshly > installed Samba > RPMs version 2.2.3a-6. smb.conf was created by a cut and paste from a > working installation on another box on our network, changing > the server name > and share paths as necessary. > > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup) > and the BDC are > NT4 boxes. > > As the Linux guy I don't know what this error message means. > The NT admins > are at a loss to explain the problem. > > Curiosities: > > I've used the same software version to add a box to our domain > Essentially the same config is used on the working and > non-working > boxes, so I'm puzzled about what configuration issue could be > causing this. > > Bottom Line Question: > > do you know what causes this error and how I can resolve > this issue and > have the machine chain join the COLUMBIA domain? > > Where did I miss whatever it is in the documentation? > > -- > Michael Rasmussen - Network Engineer, Columbia Management > voice: 971-925-6723 cell: 503-807-1447 > rasmussenm@columbiafunds.com > <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com > > NOTICE: This communication may contain confidential or other > privileged information. If you are not the intended > recipient, or believe that you have received this > communication in error, please do not print, copy, > retransmit, disseminate, or otherwise use the information. > Also, please indicate to the sender that you have received > this email in error, and delete the copy you received. Any > communication that does not relate to official Columbia > business is that of the sender and is neither given nor > endorsed by Columbia. Thank you. > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Did you add your linux machine into the WindowsNT PDC? I belive it's in Server manager into Administration menus. Yannick> -----Original Message----- > From: samba-admin@lists.samba.org [mailto:samba-admin@lists.samba.org]On > Behalf Of Michael Rasmussen > Sent: Thursday, June 06, 2002 11:15 AM > To: samba@lists.samba.org > Cc: IT Server Group > Subject: [Samba] problem joining the domain > > > We've encountered a problem with getting a newly installed Samba based > machine to join the domain. > > Here's the command line and error response: > > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn > Password: > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE > Unable to join domain COLUMBIA. > [root@chain samba]# > > Installation is a RedHat 7.2 (from KRUD) box with freshly installed Samba > RPMs version 2.2.3a-6. smb.conf was created by a cut and paste from a > working installation on another box on our network, changing the > server name > and share paths as necessary. > > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup) and the BDC are > NT4 boxes. > > As the Linux guy I don't know what this error message means. The > NT admins > are at a loss to explain the problem. > > Curiosities: > > I've used the same software version to add a box to our domain > Essentially the same config is used on the working and non-working > boxes, so I'm puzzled about what configuration issue could be > causing this. > > Bottom Line Question: > > do you know what causes this error and how I can resolve this issue and > have the machine chain join the COLUMBIA domain? > > Where did I miss whatever it is in the documentation? > > -- > Michael Rasmussen - Network Engineer, Columbia Management > voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com > <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com > > NOTICE: This communication may contain confidential or other > privileged information. If you are not the intended recipient, > or believe that you have received this communication in error, > please do not print, copy, retransmit, disseminate, or otherwise > use the information. Also, please indicate to the sender that > you have received this email in error, and delete the copy you > received. Any communication that does not relate to official > Columbia business is that of the sender and is neither given nor > endorsed by Columbia. Thank you. > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Yes, the machine pre-existed in the domain. As in, "Domain Admin, please add chain so I can have it join the domain." Which domain admin did. In truth, we tried joining the domain first, that failed so we had the admin add chain to the domain they tried to join and . . . -- Michael Rasmussen - Network Engineer, Columbia Management voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com> -----Original Message----- > From: Yannick Tousignant [mailto:ytousignant@oka-info.com] > Sent: Thursday, June 06, 2002 8:24 AM > To: Michael Rasmussen > Cc: samba@samba.org > Subject: RE: [Samba] problem joining the domain > > > > Did you add your linux machine into the WindowsNT PDC? > > I belive it's in Server manager into Administration menus. > > Yannick > > > > -----Original Message----- > > From: samba-admin@lists.samba.org > [mailto:samba-admin@lists.samba.org]On > > Behalf Of Michael Rasmussen > > Sent: Thursday, June 06, 2002 11:15 AM > > To: samba@lists.samba.org > > Cc: IT Server Group > > Subject: [Samba] problem joining the domain > > > > > > We've encountered a problem with getting a newly installed > Samba based > > machine to join the domain. > > > > Here's the command line and error response: > > > > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn > > Password: > > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE > > Unable to join domain COLUMBIA. > > [root@chain samba]# > > > > Installation is a RedHat 7.2 (from KRUD) box with freshly > installed Samba > > RPMs version 2.2.3a-6. smb.conf was created by a cut and > paste from a > > working installation on another box on our network, changing the > > server name > > and share paths as necessary. > > > > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup) > and the BDC are > > NT4 boxes. > > > > As the Linux guy I don't know what this error message means. The > > NT admins > > are at a loss to explain the problem. > > > > Curiosities: > > > > I've used the same software version to add a box to our domain > > Essentially the same config is used on the working and > non-working > > boxes, so I'm puzzled about what configuration issue could be > > causing this. > > > > Bottom Line Question: > > > > do you know what causes this error and how I can resolve > this issue and > > have the machine chain join the COLUMBIA domain? > > > > Where did I miss whatever it is in the documentation? > > > > -- > > Michael Rasmussen - Network Engineer, Columbia Management > > voice: 971-925-6723 cell: 503-807-1447 > rasmussenm@columbiafunds.com > > <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com > > > > NOTICE: This communication may contain confidential or other > > privileged information. If you are not the intended recipient, > > or believe that you have received this communication in error, > > please do not print, copy, retransmit, disseminate, or otherwise > > use the information. Also, please indicate to the sender that > > you have received this email in error, and delete the copy you > > received. Any communication that does not relate to official > > Columbia business is that of the sender and is neither given nor > > endorsed by Columbia. Thank you. > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > >NOTICE: This communication may contain confidential or other privileged information. If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this email in error, and delete the copy you received. Any communication that does not relate to official Columbia business is that of the sender and is neither given nor endorsed by Columbia. Thank you.
As in: smbpasswd -j COLUMBIA -r cmc-bkup What the ... Yes, that's what you mean and yes it worked. When I went to check with the domain admins to verify the addition of the machine one of them replied, "well, yes. since the machine was already in the domain." Which translates to me to mean: If machine is defined in the domain do smbpasswd -j DOMAIN -r PDC else smbpasswd -j DOMAIN -r PDC -U DOMAIN_ADMIN Thank you Jim. -- Michael Rasmussen - Network Engineer, Columbia Management voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com> -----Original Message----- > From: Van Sickler, Jim [mailto:vansickj-eodc@Kaman.com] > Sent: Thursday, June 06, 2002 8:23 AM > To: 'Michael Rasmussen'; samba@lists.samba.org > Cc: IT Server Group > Subject: RE: [Samba] problem joining the domain > > > Did you create the Computer in the Domain first? > Try that (without the -U murphyn). > > Jim > > > -----Original Message----- > > From: Michael Rasmussen [mailto:rasmussenm@columbiafunds.com] > > Sent: Thursday, June 06, 2002 8:15 AM > > To: samba@lists.samba.org > > Cc: IT Server Group > > Subject: [Samba] problem joining the domain > > > > > > We've encountered a problem with getting a newly installed > Samba based > > machine to join the domain. > > > > Here's the command line and error response: > > > > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn > > Password: > > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE > > Unable to join domain COLUMBIA. > > [root@chain samba]# > > > > Installation is a RedHat 7.2 (from KRUD) box with freshly > > installed Samba > > RPMs version 2.2.3a-6. smb.conf was created by a cut and > paste from a > > working installation on another box on our network, changing > > the server name > > and share paths as necessary. > > > > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup) > > and the BDC are > > NT4 boxes. > > > > As the Linux guy I don't know what this error message means. > > The NT admins > > are at a loss to explain the problem. > > > > Curiosities: > > > > I've used the same software version to add a box to our domain > > Essentially the same config is used on the working and > > non-working > > boxes, so I'm puzzled about what configuration issue could be > > causing this. > > > > Bottom Line Question: > > > > do you know what causes this error and how I can resolve > > this issue and > > have the machine chain join the COLUMBIA domain? > > > > Where did I miss whatever it is in the documentation? > > > > -- > > Michael Rasmussen - Network Engineer, Columbia Management > > voice: 971-925-6723 cell: 503-807-1447 > > rasmussenm@columbiafunds.com > > <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com > > > > NOTICE: This communication may contain confidential or other > > privileged information. If you are not the intended > > recipient, or believe that you have received this > > communication in error, please do not print, copy, > > retransmit, disseminate, or otherwise use the information. > > Also, please indicate to the sender that you have received > > this email in error, and delete the copy you received. Any > > communication that does not relate to official Columbia > > business is that of the sender and is neither given nor > > endorsed by Columbia. Thank you. > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > >NOTICE: This communication may contain confidential or other privileged information. If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this email in error, and delete the copy you received. Any communication that does not relate to official Columbia business is that of the sender and is neither given nor endorsed by Columbia. Thank you.
Michael: You said " Yes, the machine pre-existed in the domain." This implies that there was a pre-existing machine account that was in use for the server. Every time you want to add a samba server to a domain, the MACHINE ACCOUNT HAS TO BE DELETED AND READDED. In other words, every time you run "smbpasswd -j mydomain" (or something like that), the machine account on the PDC has to be deleted and readded. This should really be added to the samba documentation. The reason I put it in caps is that NT admins have a hard time believing this. Also, make sure that your "PDC" machine account (which is now called a domain controller) has the option called "allow pre-Windows 2000 computers to use/join/whatever" checked off. Samba spoofs a NT 4.0 server, so this option needs to be used. ALSO: make sure your Domain Controller can do PDC emulation (it's some service that's run). Futz around with the options you're giving smbpasswd, too. I would just try "smbpasswd -j domain" first, so long as your "password server" is set to the right one in your smb.conf. Hope that helps. -t Thomas Klopf MMS - Gulf Region (ACS-GS contractor) Phone: 504.736.2444 Mobile: 504.319.2600 -----Original Message----- From: Michael Rasmussen [mailto:rasmussenm@columbiafunds.com] Sent: Thursday, June 06, 2002 10:32 AM To: Yannick Tousignant Cc: samba@lists.samba.org Subject: RE: [Samba] problem joining the domain Yes, the machine pre-existed in the domain. As in, "Domain Admin, please add chain so I can have it join the domain." Which domain admin did. In truth, we tried joining the domain first, that failed so we had the admin add chain to the domain they tried to join and . . . -- Michael Rasmussen - Network Engineer, Columbia Management voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com> -----Original Message----- > From: Yannick Tousignant [mailto:ytousignant@oka-info.com] > Sent: Thursday, June 06, 2002 8:24 AM > To: Michael Rasmussen > Cc: samba@samba.org > Subject: RE: [Samba] problem joining the domain > > > > Did you add your linux machine into the WindowsNT PDC? > > I belive it's in Server manager into Administration menus. > > Yannick > > > > -----Original Message----- > > From: samba-admin@lists.samba.org > [mailto:samba-admin@lists.samba.org]On > > Behalf Of Michael Rasmussen > > Sent: Thursday, June 06, 2002 11:15 AM > > To: samba@lists.samba.org > > Cc: IT Server Group > > Subject: [Samba] problem joining the domain > > > > > > We've encountered a problem with getting a newly installed > Samba based > > machine to join the domain. > > > > Here's the command line and error response: > > > > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn > > Password: > > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE > > Unable to join domain COLUMBIA. > > [root@chain samba]# > > > > Installation is a RedHat 7.2 (from KRUD) box with freshly > installed Samba > > RPMs version 2.2.3a-6. smb.conf was created by a cut and > paste from a > > working installation on another box on our network, changing the > > server name > > and share paths as necessary. > > > > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup) > and the BDC are > > NT4 boxes. > > > > As the Linux guy I don't know what this error message means. The > > NT admins > > are at a loss to explain the problem. > > > > Curiosities: > > > > I've used the same software version to add a box to our domain > > Essentially the same config is used on the working and > non-working > > boxes, so I'm puzzled about what configuration issue could be > > causing this. > > > > Bottom Line Question: > > > > do you know what causes this error and how I can resolve > this issue and > > have the machine chain join the COLUMBIA domain? > > > > Where did I miss whatever it is in the documentation? > > > > -- > > Michael Rasmussen - Network Engineer, Columbia Management > > voice: 971-925-6723 cell: 503-807-1447 > rasmussenm@columbiafunds.com > > <mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com > > > > NOTICE: This communication may contain confidential or other > > privileged information. If you are not the intended recipient, > > or believe that you have received this communication in error, > > please do not print, copy, retransmit, disseminate, or otherwise > > use the information. Also, please indicate to the sender that > > you have received this email in error, and delete the copy you > > received. Any communication that does not relate to official > > Columbia business is that of the sender and is neither given nor > > endorsed by Columbia. Thank you. > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > >NOTICE: This communication may contain confidential or other privileged information. If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this email in error, and delete the copy you received. Any communication that does not relate to official Columbia business is that of the sender and is neither given nor endorsed by Columbia. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
(Embedded
image moved Tom.Klopf@mms.gov
to file: 06/06/2002 01:59 PM
pic00941.pcx)
Michael:
You said " Yes, the machine pre-existed in the domain."
This implies that there was a pre-existing machine account that was
in use for the server. Every time you want to add a samba server to a
domain, the MACHINE ACCOUNT HAS TO BE DELETED AND READDED. In other words,
every time you run "smbpasswd -j mydomain" (or something like that),
the
machine account on the PDC has to be deleted and readded. This should really
be added to the samba documentation. The reason I put it in caps is that NT
admins have a hard time believing this.
Also, make sure that your "PDC" machine account (which is now
called
a domain controller) has the option called "allow pre-Windows 2000
computers
to use/join/whatever" checked off. Samba spoofs a NT 4.0 server, so this
option needs to be used. ALSO: make sure your Domain Controller can do PDC
emulation (it's some service that's run).
Futz around with the options you're giving smbpasswd, too. I would
just try "smbpasswd -j domain" first, so long as your "password
server" is
set to the right one in your smb.conf.
Hope that helps.
-t
Thomas Klopf
MMS - Gulf Region (ACS-GS contractor)
Phone: 504.736.2444
Mobile: 504.319.2600
-----Original Message-----
From: Michael Rasmussen [mailto:rasmussenm@columbiafunds.com]
Sent: Thursday, June 06, 2002 10:32 AM
To: Yannick Tousignant
Cc: samba@lists.samba.org
Subject: RE: [Samba] problem joining the domain
Yes, the machine pre-existed in the domain. As in, "Domain Admin, please
add chain so I can have it join the domain." Which domain admin did.
In truth, we tried joining the domain first, that failed so we had the admin
add chain to the domain they tried to join and . . .
--
Michael Rasmussen - Network Engineer, Columbia Management
voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com
<mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com
> -----Original Message-----
> From: Yannick Tousignant [mailto:ytousignant@oka-info.com]
> Sent: Thursday, June 06, 2002 8:24 AM
> To: Michael Rasmussen
> Cc: samba@samba.org
> Subject: RE: [Samba] problem joining the domain
>
>
>
> Did you add your linux machine into the WindowsNT PDC?
>
> I belive it's in Server manager into Administration menus.
>
> Yannick
>
>
> > -----Original Message-----
> > From: samba-admin@lists.samba.org
> [mailto:samba-admin@lists.samba.org]On
> > Behalf Of Michael Rasmussen
> > Sent: Thursday, June 06, 2002 11:15 AM
> > To: samba@lists.samba.org
> > Cc: IT Server Group
> > Subject: [Samba] problem joining the domain
> >
> >
> > We've encountered a problem with getting a newly installed
> Samba based
> > machine to join the domain.
> >
> > Here's the command line and error response:
> >
> > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn
> > Password:
> > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE
> > Unable to join domain COLUMBIA.
> > [root@chain samba]#
> >
> > Installation is a RedHat 7.2 (from KRUD) box with freshly
> installed Samba
> > RPMs version 2.2.3a-6. smb.conf was created by a cut and
> paste from a
> > working installation on another box on our network, changing the
> > server name
> > and share paths as necessary.
> >
> > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup)
> and the BDC are
> > NT4 boxes.
> >
> > As the Linux guy I don't know what this error message means. The
> > NT admins
> > are at a loss to explain the problem.
> >
> > Curiosities:
> >
> > I've used the same software version to add a box to our domain
> > Essentially the same config is used on the working and
> non-working
> > boxes, so I'm puzzled about what configuration issue could be
> > causing this.
> >
> > Bottom Line Question:
> >
> > do you know what causes this error and how I can resolve
> this issue and
> > have the machine chain join the COLUMBIA domain?
> >
> > Where did I miss whatever it is in the documentation?
> >
> > --
> > Michael Rasmussen - Network Engineer, Columbia Management
> > voice: 971-925-6723 cell: 503-807-1447
> rasmussenm@columbiafunds.com
> > <mailto:rasmussenm@columbiafunds.com>
http://www.columbiafunds.com
> >
> > NOTICE: This communication may contain confidential or other
> > privileged information. If you are not the intended recipient,
> > or believe that you have received this communication in error,
> > please do not print, copy, retransmit, disseminate, or otherwise
> > use the information. Also, please indicate to the sender that
> > you have received this email in error, and delete the copy you
> > received. Any communication that does not relate to official
> > Columbia business is that of the sender and is neither given nor
> > endorsed by Columbia. Thank you.
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
NOTICE: This communication may contain confidential or other privileged
information. If you are not the intended recipient, or believe that you
have received this communication in error, please do not print, copy,
retransmit, disseminate, or otherwise use the information. Also, please
indicate to the sender that you have received this email in error, and
delete the copy you received. Any communication that does not relate to
official Columbia business is that of the sender and is neither given nor
endorsed by Columbia. Thank you.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic00941.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20020606/eef28a46/pic00941.obj
(Embedded
image moved Tom.Klopf@mms.gov
to file: 06/06/2002 01:59 PM
pic18794.pcx)
(Embedded
image moved Tom.Klopf@mms.gov
to file: 06/06/2002 01:59 PM
pic00941.pcx)
Michael:
You said " Yes, the machine pre-existed in the domain."
This implies that there was a pre-existing machine account that was
in use for the server. Every time you want to add a samba server to a
domain, the MACHINE ACCOUNT HAS TO BE DELETED AND READDED. In other words,
every time you run "smbpasswd -j mydomain" (or something like that),
the
machine account on the PDC has to be deleted and readded. This should really
be added to the samba documentation. The reason I put it in caps is that NT
admins have a hard time believing this.
Also, make sure that your "PDC" machine account (which is now
called
a domain controller) has the option called "allow pre-Windows 2000
computers
to use/join/whatever" checked off. Samba spoofs a NT 4.0 server, so this
option needs to be used. ALSO: make sure your Domain Controller can do PDC
emulation (it's some service that's run).
Futz around with the options you're giving smbpasswd, too. I would
just try "smbpasswd -j domain" first, so long as your "password
server" is
set to the right one in your smb.conf.
Hope that helps.
-t
Thomas Klopf
MMS - Gulf Region (ACS-GS contractor)
Phone: 504.736.2444
Mobile: 504.319.2600
-----Original Message-----
From: Michael Rasmussen [mailto:rasmussenm@columbiafunds.com]
Sent: Thursday, June 06, 2002 10:32 AM
To: Yannick Tousignant
Cc: samba@lists.samba.org
Subject: RE: [Samba] problem joining the domain
Yes, the machine pre-existed in the domain. As in, "Domain Admin, please
add chain so I can have it join the domain." Which domain admin did.
In truth, we tried joining the domain first, that failed so we had the admin
add chain to the domain they tried to join and . . .
--
Michael Rasmussen - Network Engineer, Columbia Management
voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com
<mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com
> -----Original Message-----
> From: Yannick Tousignant [mailto:ytousignant@oka-info.com]
> Sent: Thursday, June 06, 2002 8:24 AM
> To: Michael Rasmussen
> Cc: samba@samba.org
> Subject: RE: [Samba] problem joining the domain
>
>
>
> Did you add your linux machine into the WindowsNT PDC?
>
> I belive it's in Server manager into Administration menus.
>
> Yannick
>
>
> > -----Original Message-----
> > From: samba-admin@lists.samba.org
> [mailto:samba-admin@lists.samba.org]On
> > Behalf Of Michael Rasmussen
> > Sent: Thursday, June 06, 2002 11:15 AM
> > To: samba@lists.samba.org
> > Cc: IT Server Group
> > Subject: [Samba] problem joining the domain
> >
> >
> > We've encountered a problem with getting a newly installed
> Samba based
> > machine to join the domain.
> >
> > Here's the command line and error response:
> >
> > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn
> > Password:
> > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE
> > Unable to join domain COLUMBIA.
> > [root@chain samba]#
> >
> > Installation is a RedHat 7.2 (from KRUD) box with freshly
> installed Samba
> > RPMs version 2.2.3a-6. smb.conf was created by a cut and
> paste from a
> > working installation on another box on our network, changing the
> > server name
> > and share paths as necessary.
> >
> > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup)
> and the BDC are
> > NT4 boxes.
> >
> > As the Linux guy I don't know what this error message means. The
> > NT admins
> > are at a loss to explain the problem.
> >
> > Curiosities:
> >
> > I've used the same software version to add a box to our domain
> > Essentially the same config is used on the working and
> non-working
> > boxes, so I'm puzzled about what configuration issue could be
> > causing this.
> >
> > Bottom Line Question:
> >
> > do you know what causes this error and how I can resolve
> this issue and
> > have the machine chain join the COLUMBIA domain?
> >
> > Where did I miss whatever it is in the documentation?
> >
> > --
> > Michael Rasmussen - Network Engineer, Columbia Management
> > voice: 971-925-6723 cell: 503-807-1447
> rasmussenm@columbiafunds.com
> > <mailto:rasmussenm@columbiafunds.com>
http://www.columbiafunds.com
> >
> > NOTICE: This communication may contain confidential or other
> > privileged information. If you are not the intended recipient,
> > or believe that you have received this communication in error,
> > please do not print, copy, retransmit, disseminate, or otherwise
> > use the information. Also, please indicate to the sender that
> > you have received this email in error, and delete the copy you
> > received. Any communication that does not relate to official
> > Columbia business is that of the sender and is neither given nor
> > endorsed by Columbia. Thank you.
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
NOTICE: This communication may contain confidential or other privileged
information. If you are not the intended recipient, or believe that you
have received this communication in error, please do not print, copy,
retransmit, disseminate, or otherwise use the information. Also, please
indicate to the sender that you have received this email in error, and
delete the copy you received. Any communication that does not relate to
official Columbia business is that of the sender and is neither given nor
endorsed by Columbia. Thank you.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic00941.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20020606/691e6d6e/pic00941.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic18794.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20020606/691e6d6e/pic18794.obj
(Embedded
image moved Tom.Klopf@mms.gov
to file: 06/06/2002 01:59 PM
pic06895.pcx)
(Embedded
image moved Tom.Klopf@mms.gov
to file: 06/06/2002 01:59 PM
pic18794.pcx)
(Embedded
image moved Tom.Klopf@mms.gov
to file: 06/06/2002 01:59 PM
pic00941.pcx)
Michael:
You said " Yes, the machine pre-existed in the domain."
This implies that there was a pre-existing machine account that was
in use for the server. Every time you want to add a samba server to a
domain, the MACHINE ACCOUNT HAS TO BE DELETED AND READDED. In other words,
every time you run "smbpasswd -j mydomain" (or something like that),
the
machine account on the PDC has to be deleted and readded. This should really
be added to the samba documentation. The reason I put it in caps is that NT
admins have a hard time believing this.
Also, make sure that your "PDC" machine account (which is now
called
a domain controller) has the option called "allow pre-Windows 2000
computers
to use/join/whatever" checked off. Samba spoofs a NT 4.0 server, so this
option needs to be used. ALSO: make sure your Domain Controller can do PDC
emulation (it's some service that's run).
Futz around with the options you're giving smbpasswd, too. I would
just try "smbpasswd -j domain" first, so long as your "password
server" is
set to the right one in your smb.conf.
Hope that helps.
-t
Thomas Klopf
MMS - Gulf Region (ACS-GS contractor)
Phone: 504.736.2444
Mobile: 504.319.2600
-----Original Message-----
From: Michael Rasmussen [mailto:rasmussenm@columbiafunds.com]
Sent: Thursday, June 06, 2002 10:32 AM
To: Yannick Tousignant
Cc: samba@lists.samba.org
Subject: RE: [Samba] problem joining the domain
Yes, the machine pre-existed in the domain. As in, "Domain Admin, please
add chain so I can have it join the domain." Which domain admin did.
In truth, we tried joining the domain first, that failed so we had the admin
add chain to the domain they tried to join and . . .
--
Michael Rasmussen - Network Engineer, Columbia Management
voice: 971-925-6723 cell: 503-807-1447 rasmussenm@columbiafunds.com
<mailto:rasmussenm@columbiafunds.com> http://www.columbiafunds.com
> -----Original Message-----
> From: Yannick Tousignant [mailto:ytousignant@oka-info.com]
> Sent: Thursday, June 06, 2002 8:24 AM
> To: Michael Rasmussen
> Cc: samba@samba.org
> Subject: RE: [Samba] problem joining the domain
>
>
>
> Did you add your linux machine into the WindowsNT PDC?
>
> I belive it's in Server manager into Administration menus.
>
> Yannick
>
>
> > -----Original Message-----
> > From: samba-admin@lists.samba.org
> [mailto:samba-admin@lists.samba.org]On
> > Behalf Of Michael Rasmussen
> > Sent: Thursday, June 06, 2002 11:15 AM
> > To: samba@lists.samba.org
> > Cc: IT Server Group
> > Subject: [Samba] problem joining the domain
> >
> >
> > We've encountered a problem with getting a newly installed
> Samba based
> > machine to join the domain.
> >
> > Here's the command line and error response:
> >
> > [root@chain samba]# smbpasswd -j COLUMBIA -r cmc-bkup -U murphyn
> > Password:
> > error creating domain user: NT_STATUS_INVALID_DOMAIN_ROLE
> > Unable to join domain COLUMBIA.
> > [root@chain samba]#
> >
> > Installation is a RedHat 7.2 (from KRUD) box with freshly
> installed Samba
> > RPMs version 2.2.3a-6. smb.conf was created by a cut and
> paste from a
> > working installation on another box on our network, changing the
> > server name
> > and share paths as necessary.
> >
> > murphyn is a domain admin for COLUMBIA, the PDC (cmc-bkup)
> and the BDC are
> > NT4 boxes.
> >
> > As the Linux guy I don't know what this error message means. The
> > NT admins
> > are at a loss to explain the problem.
> >
> > Curiosities:
> >
> > I've used the same software version to add a box to our domain
> > Essentially the same config is used on the working and
> non-working
> > boxes, so I'm puzzled about what configuration issue could be
> > causing this.
> >
> > Bottom Line Question:
> >
> > do you know what causes this error and how I can resolve
> this issue and
> > have the machine chain join the COLUMBIA domain?
> >
> > Where did I miss whatever it is in the documentation?
> >
> > --
> > Michael Rasmussen - Network Engineer, Columbia Management
> > voice: 971-925-6723 cell: 503-807-1447
> rasmussenm@columbiafunds.com
> > <mailto:rasmussenm@columbiafunds.com>
http://www.columbiafunds.com
> >
> > NOTICE: This communication may contain confidential or other
> > privileged information. If you are not the intended recipient,
> > or believe that you have received this communication in error,
> > please do not print, copy, retransmit, disseminate, or otherwise
> > use the information. Also, please indicate to the sender that
> > you have received this email in error, and delete the copy you
> > received. Any communication that does not relate to official
> > Columbia business is that of the sender and is neither given nor
> > endorsed by Columbia. Thank you.
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
NOTICE: This communication may contain confidential or other privileged
information. If you are not the intended recipient, or believe that you
have received this communication in error, please do not print, copy,
retransmit, disseminate, or otherwise use the information. Also, please
indicate to the sender that you have received this email in error, and
delete the copy you received. Any communication that does not relate to
official Columbia business is that of the sender and is neither given nor
endorsed by Columbia. Thank you.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic00941.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20020606/803ec58a/pic00941.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic18794.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20020606/803ec58a/pic18794.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic06895.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20020606/803ec58a/pic06895.obj