On Tue, 2003-09-30 at 02:38, Simran Hansrai wrote:> Hi Guys, > > I have installed and configure samba on a redhate 8.0 box to act as a > PDC. When I try and add a user to my domain from my WinXP client > machine, I get the following error: > > "The user could not be added because of the following error has occured: > The trust relationship between this workstation and the primary domain > failed." > > I have search google.com and have tried a couple of different things but > none seem to work. > > The following is my entry for my workstations in /etc/passwd: > enermax$:x:534:201:enermax:/dev/null:/bin/false > jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false > > /etc/smbpasswd: > jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W > ]:LCT-3F78B510: > enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W > ]:LCT-3F78CF75:You should either patch the registry on your XP workstations to disable the signing or switch to Samba 3.0. Jelmer -- Jelmer Vernooij - http://jelmer.vernstok.nl/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030930/fddcc61e/attachment.bin
Hi Guys,
I have installed and configure samba on a redhate 8.0 box to act as a
PDC. When I try and add a user to my domain from my WinXP client
machine, I get the following error:
"The user could not be added because of the following error has occured:
The trust relationship between this workstation and the primary domain
failed."
I have search google.com and have tried a couple of different things but
none seem to work.
The following is my entry for my workstations in /etc/passwd:
enermax$:x:534:201:enermax:/dev/null:/bin/false
jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false
/etc/smbpasswd:
jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W
]:LCT-3F78B510:
enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W
]:LCT-3F78CF75:
-----
smb.conf
-----
[global]
;basic server settings
workgroup = chamkila.org
netbios name = manak
server string = Samba PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192
SO_RCVBUF=8192
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password*
%n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*passwd: *all*authentication*tokens*updated*successfully*
add user script = /usr/sbin/adduser -n -g machines -c Machine -d
/dev/null -s /bin/false %m$
;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes
domain logons = yes
domain admin group = simran administrator aman
;security and logging settings
security = user
status = yes
encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
hosts allow = 127.0.0.1 192.168.0.0/255.255.255.0
;user profiles and home directory
logon home = \\%L\%U\
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat
wins support = yes
dns proxy = yes
wins proxy = yes
# ==== shares ===[homes]
comment = Home Directories
browseable = no
writeable = yes
[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700
[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no
write list = tom
--------------------
Is there something that I am missing? Any suggestions or comments would
be grately appreciated.
Thanks in advance,
--
Simran H.
linux@chamkila.org
On Mon, 29 Sep 2003, Simran Hansrai wrote:> Hi Guys, > > I have installed and configure samba on a redhate 8.0 box to act as a > PDC. When I try and add a user to my domain from my WinXP client > machine, I get the following error:How are you doing this? What tool are you using? - John T.> > "The user could not be added because of the following error has occured: > The trust relationship between this workstation and the primary domain > failed." > > I have search google.com and have tried a couple of different things but > none seem to work. > > The following is my entry for my workstations in /etc/passwd: > enermax$:x:534:201:enermax:/dev/null:/bin/false > jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false > > /etc/smbpasswd: > jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W > ]:LCT-3F78B510: > enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W > ]:LCT-3F78CF75: > > > ----- > smb.conf > ----- > [global] > > ;basic server settings > workgroup = chamkila.org > netbios name = manak > server string = Samba PDC running %v > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 > SO_RCVBUF=8192 > unix password sync = yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* > %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n > *passwd: *all*authentication*tokens*updated*successfully* > add user script = /usr/sbin/adduser -n -g machines -c Machine -d > /dev/null -s /bin/false %m$ > > ;PDC and master browser settings > os level = 64 > preferred master = yes > local master = yes > domain master = yes > domain logons = yes > domain admin group = simran administrator aman > > ;security and logging settings > security = user > status = yes > encrypt passwords = yes > log file = /var/log/samba/log.%m > log level = 2 > max log size = 50 > hosts allow = 127.0.0.1 192.168.0.0/255.255.255.0 > ;user profiles and home directory > > logon home = \\%L\%U\ > logon drive = H: > logon path = \\%L\profiles\%U > logon script = netlogon.bat > > wins support = yes > dns proxy = yes > wins proxy = yes > # ==== shares ===> [homes] > comment = Home Directories > browseable = no > writeable = yes > [profiles] > path = /home/samba/profiles > writeable = yes > browseable = no > create mask = 0600 > directory mask = 0700 > [netlogon] > comment = Network Logon Service > path = /home/netlogon > read only = yes > browseable = no > write list = tom > > -------------------- > > Is there something that I am missing? Any suggestions or comments would > be grately appreciated. > > Thanks in advance, > -- > Simran H. > linux@chamkila.org > > >-- John H Terpstra Email: jht@samba.org
Just in-case anyone needs to know the solution so that is is documented.... Thanks to Jelmer and a close friend of mine for pointing me into the right direction. For WinXP client machines the following needs to be done: In your registry change the values for the following entries to 0: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requiresignorseal"=dword:00000000 "signsecurechannel"=dword:00000000 [root@kuldipmanak root]# smbd -V Version 2.2.7-security-rollup-fix This has resolved the issues I was experiencing. Thanks, -- Simran H. linux@chamkila.org Jelmer Vernooij wrote:>On Tue, 2003-09-30 at 02:38, Simran Hansrai wrote: > > >>Hi Guys, >> >>I have installed and configure samba on a redhate 8.0 box to act as a >>PDC. When I try and add a user to my domain from my WinXP client >>machine, I get the following error: >> >>"The user could not be added because of the following error has occured: >> The trust relationship between this workstation and the primary domain >>failed." >> >>I have search google.com and have tried a couple of different things but >>none seem to work. >> >>The following is my entry for my workstations in /etc/passwd: >>enermax$:x:534:201:enermax:/dev/null:/bin/false >>jeonamur$:x:535:201:jeonamur:/dev/null:/bin/false >> >>/etc/smbpasswd: >>jeonamur$:535:AE7D4C9527EFD952B97F4EB3E2D4130F:3E7FE739CDEB16486F4686B96ED02CBF:[W >> ]:LCT-3F78B510: >>enermax$:534:DA838D55F99FD0BC6879F19168D4B105:F47AE8F4B8B7E2B13F237B73849D4799:[W >> ]:LCT-3F78CF75: >> >> >You should either patch the registry on your XP workstations to disable >the signing or switch to Samba 3.0. > >Jelmer > > >-- >Jelmer Vernooij - http://jelmer.vernstok.nl/ > >