On Tue, 2003-09-30 at 02:38, Simran Hansrai wrote:> Hi Guys, > > I have installed and configure samba on a redhate 8.0 box to act as a > PDC. When I try and add a user to my domain from my WinXP client > machine, I get the following error: > > "The user could not be added because of the following error has occured: > The trust relationship between this workstation and the primary domain > failed." > > I have search google.com and have tried a couple of different things but > none seem to work. > > The following is my entry for my workstations in /etc/passwd: > enermax$:x:534:201:enermax:/dev/null:/bin/false > jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false > > /etc/smbpasswd: > jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W > ]:LCT-3F78B510: > enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W > ]:LCT-3F78CF75:You should either patch the registry on your XP workstations to disable the signing or switch to Samba 3.0. Jelmer -- Jelmer Vernooij - http://jelmer.vernstok.nl/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030930/fddcc61e/attachment.bin
Hi Guys, I have installed and configure samba on a redhate 8.0 box to act as a PDC. When I try and add a user to my domain from my WinXP client machine, I get the following error: "The user could not be added because of the following error has occured: The trust relationship between this workstation and the primary domain failed." I have search google.com and have tried a couple of different things but none seem to work. The following is my entry for my workstations in /etc/passwd: enermax$:x:534:201:enermax:/dev/null:/bin/false jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false /etc/smbpasswd: jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W ]:LCT-3F78B510: enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W ]:LCT-3F78CF75: ----- smb.conf ----- [global] ;basic server settings workgroup = chamkila.org netbios name = manak server string = Samba PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ ;PDC and master browser settings os level = 64 preferred master = yes local master = yes domain master = yes domain logons = yes domain admin group = simran administrator aman ;security and logging settings security = user status = yes encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 max log size = 50 hosts allow = 127.0.0.1 192.168.0.0/255.255.255.0 ;user profiles and home directory logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U logon script = netlogon.bat wins support = yes dns proxy = yes wins proxy = yes # ==== shares ===[homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no write list = tom -------------------- Is there something that I am missing? Any suggestions or comments would be grately appreciated. Thanks in advance, -- Simran H. linux@chamkila.org
On Mon, 29 Sep 2003, Simran Hansrai wrote:> Hi Guys, > > I have installed and configure samba on a redhate 8.0 box to act as a > PDC. When I try and add a user to my domain from my WinXP client > machine, I get the following error:How are you doing this? What tool are you using? - John T.> > "The user could not be added because of the following error has occured: > The trust relationship between this workstation and the primary domain > failed." > > I have search google.com and have tried a couple of different things but > none seem to work. > > The following is my entry for my workstations in /etc/passwd: > enermax$:x:534:201:enermax:/dev/null:/bin/false > jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false > > /etc/smbpasswd: > jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W > ]:LCT-3F78B510: > enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W > ]:LCT-3F78CF75: > > > ----- > smb.conf > ----- > [global] > > ;basic server settings > workgroup = chamkila.org > netbios name = manak > server string = Samba PDC running %v > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 > SO_RCVBUF=8192 > unix password sync = yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* > %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n > *passwd: *all*authentication*tokens*updated*successfully* > add user script = /usr/sbin/adduser -n -g machines -c Machine -d > /dev/null -s /bin/false %m$ > > ;PDC and master browser settings > os level = 64 > preferred master = yes > local master = yes > domain master = yes > domain logons = yes > domain admin group = simran administrator aman > > ;security and logging settings > security = user > status = yes > encrypt passwords = yes > log file = /var/log/samba/log.%m > log level = 2 > max log size = 50 > hosts allow = 127.0.0.1 192.168.0.0/255.255.255.0 > ;user profiles and home directory > > logon home = \\%L\%U\ > logon drive = H: > logon path = \\%L\profiles\%U > logon script = netlogon.bat > > wins support = yes > dns proxy = yes > wins proxy = yes > # ==== shares ===> [homes] > comment = Home Directories > browseable = no > writeable = yes > [profiles] > path = /home/samba/profiles > writeable = yes > browseable = no > create mask = 0600 > directory mask = 0700 > [netlogon] > comment = Network Logon Service > path = /home/netlogon > read only = yes > browseable = no > write list = tom > > -------------------- > > Is there something that I am missing? Any suggestions or comments would > be grately appreciated. > > Thanks in advance, > -- > Simran H. > linux@chamkila.org > > >-- John H Terpstra Email: jht@samba.org
Just in-case anyone needs to know the solution so that is is documented.... Thanks to Jelmer and a close friend of mine for pointing me into the right direction. For WinXP client machines the following needs to be done: In your registry change the values for the following entries to 0: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requiresignorseal"=dword:00000000 "signsecurechannel"=dword:00000000 [root@kuldipmanak root]# smbd -V Version 2.2.7-security-rollup-fix This has resolved the issues I was experiencing. Thanks, -- Simran H. linux@chamkila.org Jelmer Vernooij wrote:>On Tue, 2003-09-30 at 02:38, Simran Hansrai wrote: > > >>Hi Guys, >> >>I have installed and configure samba on a redhate 8.0 box to act as a >>PDC. When I try and add a user to my domain from my WinXP client >>machine, I get the following error: >> >>"The user could not be added because of the following error has occured: >> The trust relationship between this workstation and the primary domain >>failed." >> >>I have search google.com and have tried a couple of different things but >>none seem to work. >> >>The following is my entry for my workstations in /etc/passwd: >>enermax$:x:534:201:enermax:/dev/null:/bin/false >>jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false >> >>/etc/smbpasswd: >>jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W >> ]:LCT-3F78B510: >>enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W >> ]:LCT-3F78CF75: >> >> >You should either patch the registry on your XP workstations to disable >the signing or switch to Samba 3.0. > >Jelmer > > >-- >Jelmer Vernooij - http://jelmer.vernstok.nl/ > >