Hello, Im stumped - never had this problem before (just setting up a development server so I can properly document all the steps I took to get a samba pdc working before). Everything else works but joining the domain. Its a Solaris 9/Sun ONE ldap/Samba 3.0.14a PDC. I have no problems with accessing file shares, and all the idealx scripts appear to be working fine (in fact - nice job to the folks who updated them since the last I used them!). I can change my password, my gecos, or add a user account with them. When I try to join from an XPSP2 client I get the error: "The following error occurred attempting to join the domain "SUNDEV": The user name could not be found When I intentionally try to join with an invalid account I get: "The following error occurred attempting to join the domain "SUNDEV": Logon failure: unknown user name or bad password So at least I know its getting that far. It happens with either the uid 0 "Administrator" account, or the Domain Admin account (I gave domain admins machine adding rights). At log level 10 this is all I get: [2005/07/28 08:26:00, 0] lib/util_sock.c:read_socket_data(384) read_socket_data: recv failure for 4. Error = Connection reset by peer sh: /usr/local/samba/acctscrp/smbldap-useradd: cannot execute [2005/07/28 08:26:01, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/local/samba/acctscrp/smbldap-useradd -w "vpcpc$"' gave 1 However the machine account DOES get put into LDAP. The client just doesn't seem to know that. Testparm doesn't give me any errors, and here is the line for adding machines in smb.conf: add machine script = /usr/local/samba/acctscrp/smbldap-useradd -w "%u" Does anyone have any ideas where I should go from here? Thanks, Tony
To update my post from yesterday. I went ahead and exported an LDIF and here is what my machine account looks like: dn: uid=vpcpc$,ou=Machines,dc=engr,dc=arizona,dc=edu objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: organizationalPerson objectClass: person cn: vpcpc$ sn: vpcpc$ uid: vpcpc$ uidNumber: 1007 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer creatorsName: cn=sambaagent,ou=profile,dc=engr,dc=arizona,dc=edu modifiersName: cn=sambaagent,ou=profile,dc=engr,dc=arizona,dc=edu createTimestamp: 20050727223420Z modifyTimestamp: 20050727223420Z nsUniqueId: 861f2581-1dd211b2-804df911-84f2b358 So it looks like the idealx script is working, but the samba piece isn't doing its part to complete the account. Does Samba still not recognize accounts that sit in another ou than the regular user accounts (I remember this behavior was by design, but wasn't it changed?)? Thanks, Tony
Seemingly Similar Threads
- Still having samba join domain problems
- kerberos_kinit_password host/SUNDEV@LEXI.COM.MX failed: Client not found in Kerberos database
- Compile problem: "lib/ldb/ldb_map/ldb_map.h", line 64: syntax error before or at: 0x20
- Profile permissions issue? Samba and FDS problem
- Help with auto vacation replies