hey i am trying to set up a server to act as a domain controller, but am having a bit of difficulty actually logging on. i have created UNIX accounts, samba passwords and a machine trust account for the relevant machine. when i try to join the domain on a windows 2000 machine i get the error message: "incorrect user name or password". Tha sambe log shows: [2006/01/09 15:12:45, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [rworkman] -> [rworkman] -> [rworkman] succeeded [2006/01/09 15:12:45, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2580) Returning domain sid for domain SUBDOM -> S-1-5-21-343446102-3839099577-2790099203 [2006/01/09 15:12:45, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2580) Returning domain sid for domain SUBDOM -> S-1-5-21-343446102-3839099577-2790099203 [2006/01/09 15:12:45, 0] passdb/pdb_tdb.c:tdbsam_tdbopen(195) Unable to open/create TDB passwd [2006/01/09 15:12:45, 0] passdb/pdb_tdb.c:tdb_update_sam(604) tdb_update_sam: Unable to open TDB passwd (/var/lib/samba/passdb.tdb)! [2006/01/09 15:12:45, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350) could not add user/computer three$ to passdb. Check permissions? [2006/01/09 15:12:45, 2] smbd/server.c:exit_server(609) Closing connections [2006/01/09 15:12:46, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/01/09 15:12:46, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/01/09 15:12:46, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [rworkman] -> [rworkman] -> [rworkman] succeeded [2006/01/09 15:12:46, 2] smbd/server.c:exit_server(609) Closing connections i am consfused. why can the machine acocunt not be added to passdb? why does it then claim that the authentication succeeded? can anyone help? Thanks. below is smb.conf i was using at the time: [global] workgroup = SUBDOM server string = Contract Server obey pam restrictions = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . passdb backend = tdbsam encrypt passwords = yes os level = 33 log level = 2 log file = /var/log/samba/log.%m max log size = 1000 preferred master = auto domain master = yes local master = yes security = user domain logons = yes logon path = \\%N\profiles\%U logon script = logon.cmd add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -m %u add user script = /usr/sbin/useradd -d /dev/null -g smbusers -s /bin/false -m %u panic action = /usr/share/samba/panic-action %d invalid users = root valid users = nobody, @smbusers read list = nobody, @smbusers [netlogon] path = /home/samba/netlogon guest ok = Yes browseable = No [profiles] path = /home/samba/profiles read only = no create mask = 0600 directory mask = 0700