Zoltan Zolcer
2003-May-19 23:41 UTC
[Samba] NT_STATUS_NO_TRUST_SAM_ACCOUNT - but it exists!
Dear All, What can I do if my Windows PDC won't recognize the machine account it has just created for my samba server? I made sure I followed all instructions in the DOMAIN-SECURITY HOWTO: # smbpasswd -j DOM -r DOMPDC1 -Uadministrator%password Joined domain DOM. # And smb.conf containing the following: [global] security = domain domain logons = yes workgroup = DOM password server = DOMPDC1 But here's what I get when I try to access the samba shares: (client.log:) [2003/05/20 01:14:11, 2] libsmb/namequery.c:name_query(421) Got a positive name query response from 10.0.0.2 ( 10.0.0.2 ) [2003/05/20 01:14:12, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157) cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT [2003/05/20 01:14:12, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72) cli_nt_setup_creds: auth2 challenge failed [2003/05/20 01:14:12, 0] smbd/password.c:connect_to_domain_password_server(1367) connect_to_domain_password_server: unable to setup the PDC credentials to machine DOMPDC1. Error was : NT_STATUS_OK. [2003/05/20 01:14:12, 0] smbd/password.c:domain_client_validate(1599) domain_client_validate: Domain password server not available. [2003/05/20 01:14:12, 2] smbd/password.c:pass_check_smb(575) pass_check_smb failed - invalid password for user [zoltan] [2003/05/20 01:14:12, 2] smbd/reply.c:reply_sesssetup_and_X(975) NT Password did not match for user 'zoltan'! (log.nmbd:) [2003/05/20 00:02:02, 0] nmbd/nmbd_logonnames.c:add_logon_names(165) add_domain_logon_names: Attempting to become logon server for workgroup DOM on subnet 10.0.0.3 [2003/05/20 00:02:02, 2] nmbd/nmbd_logonnames.c:become_logon_server(136) become_logon_server: Atempting to become logon server for workgroup DOM on subnet 10.0.0.3 [2003/05/20 00:02:06, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124) become_logon_server_success: Samba is now a logon server for workgroup DOM on subnet 10.0.0.3 [2003/05/20 00:02:06, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 21063 received with no matching record. [2003/05/20 00:02:06, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 21064 received with no matching record. Strange ... I can see the samba server's SAM account using the Active Directory MMC snap-in, but Windows seems to deny it exists. Could anybody please shed some light on this? I'm running 2.2.7a on Red Hat 9 and Windows 2000 Server SP3, mixed-mode, German. Many thanks in advance, Zoltan
Seemingly Similar Threads
- Samba as a DC w/ Win98 Clients :: "Incorrect Parameter"
- client with W2K browse through server disc
- help (Still) w2k pro no longer trusted by 2.2.3 pdc
- Access Denied when trying to login to samba PDC
- problem logging on to samba domain (pdc) from a win xp workstation