Hello I have added a Linux member server (my laptop) to our production Windows 2003 ADS domain (with net ads join, not net rpc join). Yet, when I browse to it from an Xp client (member of the domain) I still get a username/password dialog. What works: - wbinfo -g and wbinfo -u show usernames and passwords (without DOMAIN+ prefix) - getent passwd works - smbclient and logging in to the member server with a valid domain username/pwd works What does not work: # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_ACCESS_DENIED (0xc0000022) Could not check secret I can see the host in AD users and computers but something still seems to be wrong with the machine account... how do I start to troubleshoot this? -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet?
Frank Van Damme wrote:> Hello > > I have added a Linux member server (my laptop) to our production > Windows 2003 ADS domain (with net ads join, not net rpc join). Yet, > when I browse to it from an Xp client (member of the domain) I still > get a username/password dialog. > > What works: > - wbinfo -g and wbinfo -u show usernames and passwords (without DOMAIN+ prefix) > - getent passwd works > - smbclient and logging in to the member server with a valid domain > username/pwd works > > What does not work: > # wbinfo -t > checking the trust secret via RPC calls failed > error code was NT_STATUS_ACCESS_DENIED (0xc0000022) > Could not check secret > > I can see the host in AD users and computers but something still seems > to be wrong with the machine account... how do I start to troubleshoot > this? > >If wbinfo -t fails, then you have not joined the domain. This is usually due to wrong time. See this: aeronetworks.ca/LinuxActiveDirectory.html for troubleshooting tips. Cheers, Herman