samba - Jul 2004 - 'net rpc join -U Administrator' on Samba + LDAP PDC

I am having trouble joining a Samba + LDAP PDC. Here
are the steps I took and the results I have received. 

General Information:
. Fedora Core 1 machine
. Samba 3.0.0
. Openldap 2.1.22-8
. Netbios Name: EAGLEX
. Domain name: AGUILAS 

Symptoms:
Step 1:
[root@eaglex root]# net rpc join
-UAdministrator%xxxxxx 
The username or password was not correct.

'/var/log/messages':
Jul 10 12:30:47 eaglex smbd[9253]: [2004/07/10
12:30:47, 0] rpc_server/srv_netlog_nt.c:get_md4pw(201)
Jul 10 12:30:47 eaglex smbd[9253]:   get_md4pw:
Workstation EAGLEX$: no account in domain

Step 2:
[root@eaglex root]#smbldap-useradd -w EAGLEX$
[root@eaglex root]#

Step 3: repeated step 1. Same problem

Step 4:
[root@eaglex root]# net rpc join -U root%xxxxxx
Create of workstation account failed
Unable to join domain AGUILAS

Step 5:
[root@eaglex root]# pdbedit -L -v Administrator
Unix username:        Administrator
NT username:          Administrator
Account Flags:        [U          ]
User SID:            
S-1-5-21-952094410-1508517273-1204454084-2996
Primary Group SID:   
S-1-5-21-952094410-1508517273-1204454084-512
Full Name:            Administrator
Home Directory:       \\EAGLEX\home\%U
HomeDir Drive:        H:
Logon Script:         logon.bat
Profile Path:
Domain:               AGUILAS
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Mon, 18 Jan 2038 21:14:07 GMT
Kickoff time:         Mon, 18 Jan 2038 21:14:07 GMT
Password last set:    Sat, 10 Jul 2004 11:39:00 GMT
Password can change:  Sat, 10 Jul 2004 11:39:00 GMT
Password must change: Mon, 18 Jan 2038 21:14:07 GMT

I have also tried everything on Google group ([samba]
"The username or password was not correct"). Nobody
really offered any real solution. I am sure for those
of you who have encountered this problem before
already know the symptoms and hopefully the solutions
as well. I am begging for help. I have been working on
this thing for the last 3 weeks now.:(

Thanks

Ambex


		
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

On Sat, 2004-07-10 at 22:54, abebe lsslp wrote:
> I am having trouble joining a Samba + LDAP PDC. Here
> are the steps I took and the results I have received. 
> 
> General Information:
> . Fedora Core 1 machine
> . Samba 3.0.0
> . Openldap 2.1.22-8
> . Netbios Name: EAGLEX
> . Domain name: AGUILAS 
> 
> Symptoms:
> Step 1:
> [root@eaglex root]# net rpc join
> -UAdministrator%xxxxxx 
> The username or password was not correct.
> 
> '/var/log/messages':
> Jul 10 12:30:47 eaglex smbd[9253]: [2004/07/10
> 12:30:47, 0] rpc_server/srv_netlog_nt.c:get_md4pw(201)
> Jul 10 12:30:47 eaglex smbd[9253]:   get_md4pw:
> Workstation EAGLEX$: no account in domain
> 
> Step 2:
> [root@eaglex root]#smbldap-useradd -w EAGLEX$
> [root@eaglex root]#
> 
> Step 3: repeated step 1. Same problem
> 
> Step 4:
> [root@eaglex root]# net rpc join -U root%xxxxxx
> Create of workstation account failed
> Unable to join domain AGUILAS
> 
> Step 5:
> [root@eaglex root]# pdbedit -L -v Administrator
> Unix username:        Administrator
> NT username:          Administrator
> Account Flags:        [U          ]
> User SID:            
> S-1-5-21-952094410-1508517273-1204454084-2996
> Primary Group SID:   
> S-1-5-21-952094410-1508517273-1204454084-512
> Full Name:            Administrator
> Home Directory:       \\EAGLEX\home\%U
> HomeDir Drive:        H:
> Logon Script:         logon.bat
> Profile Path:
> Domain:               AGUILAS
> Account desc:
> Workstations:
> Munged dial:
> Logon time:           0
> Logoff time:          Mon, 18 Jan 2038 21:14:07 GMT
> Kickoff time:         Mon, 18 Jan 2038 21:14:07 GMT
> Password last set:    Sat, 10 Jul 2004 11:39:00 GMT
> Password can change:  Sat, 10 Jul 2004 11:39:00 GMT
> Password must change: Mon, 18 Jan 2038 21:14:07 GMT
> 
> I have also tried everything on Google group ([samba]
> "The username or password was not correct"). Nobody
> really offered any real solution. I am sure for those
> of you who have encountered this problem before
> already know the symptoms and hopefully the solutions
> as well. I am begging for help. I have been working on
> this thing for the last 3 weeks now.:(
----
It's so much easier to have LDAP working and understood prior to
integration with samba.

#1 what does...
ldapsearch -x -h localhost -D 'binddn' -W '(uid=Administrator)'
give you (replace binddn with your binddn)

#2 if uidNumber of Administrator is not 0, you will probably have to use
root to add new users/machines (make sure that root has SambaSamAccount
in this case)

#3 Much easier to join domain directly from an NT/Win2K/XP Professional
machine. (see note 2)

#4 upgrade samba - samba/fedora core 1 is up to 3.0.4

#5 if EAGLEX is the PDC, it doesn't need to join domain

Craig

Hey again Craig,

Considering your last comment about the problem over
Pdbedit -Lv 'testuser,' I decided to start fresh. I
paid close attention to what you have pointed out on
my new installation.It took me only 1:30 to get to
where I am at right now. I don't recieve the object
class error anymore. However, I am where I
started....joining the domain. I will go over the
samba (10) and ldap (256) log files and let you know
the results tommorow afternoon. 

'pdbedit -Lv 'testuser1' is working now. so the
problem  can not be the luck of samba's ability to get
user information from ldap backend (highly unlikely).
Oh well, I guess I have a lot of reading to do before
tommorow afternoon :)

Talk to you later,

Ambex

Ps: Even though I know it is not very helpful, here is
the error message :)  

The following error occured attempting to join the
domain "AGUILAS":
the user name could not be found.


		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail