Hi all, I'm trying to join several RHEL 4.7 based machines (Samba
3.0.28) to our domain here. I'm trying to do this via the net rpc
commands as this has typically worked fine in the past (iow: not doing
net ads join).
My smb.conf is as follows:
[global]
workgroup = DOMAIN
netbios name = RHEL47TEST
security = DOMAIN
log file = /var/log/samba/%m.log
max log size = 500
wins server = 10.1.1.1
dns proxy = no
log level = 10
password server = *
#username map = /etc/samba/username.map
#log level = 0
socket options = TCP_NODELAY
Pretty straightforward.
When I do the following however, I get:
# net rpc join -U Administrator -w DOMAIN -d 4
<snip configuration file stuff>
[2008/08/15 11:42:37, 4] param/loadparm.c:lp_load(5071)
pm_process() returned Yes
[2008/08/15 11:42:37, 2] lib/interface.c:add_interface(81)
added interface ip=10.27.51.107 bcast=10.27.255.255 nmask=255.255.0.0
[2008/08/15 11:42:37, 3] libsmb/cliconnect.c:cli_start_connection(1556)
Connecting to host=DC1
[2008/08/15 11:42:37, 3] lib/util_sock.c:open_socket_out(866)
Connecting to 10.1.1.1 at port 445
[2008/08/15 11:42:37, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine DC1 pipe \lsarpc fnum 0x801b bind request
returned ok.
[2008/08/15 11:42:37, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine DC1 pipe \NETLOGON fnum 0x801c bind request
returned ok.
[2008/08/15 11:42:37, 4] rpc_client/cli_netlogon.c:rpccli_net_req_chal(46)
cli_net_req_chal: LSA Request Challenge from RHEL47TEST to \\DC1
[2008/08/15 11:42:37, 4] rpc_client/cli_netlogon.c:rpccli_net_auth2(170)
cli_net_auth2: srv:\\DC1 acct:RHEL47TEST$ sc:2 mc: RHEL47TEST neg: 600fffff
[2008/08/15 11:42:37, 3] libsmb/trusts_util.c:just_change_the_password(57)
just_change_the_password: unable to setup creds
(NT_STATUS_NO_TRUST_SAM_ACCOUNT)!
[2008/08/15 11:42:37, 1] utils/net_rpc.c:run_rpc_command(170)
rpc command function failed! (NT_STATUS_NO_TRUST_SAM_ACCOUNT)
Connection failed: NT_STATUS_UNSUCCESSFUL
[2008/08/15 11:42:37, 2] utils/net.c:main(1075)
return code = 1
Now, normally I would expect this to mean there's a conflicting machine
already in the domain somewhere... but per our domain admins, there is
not.
I've tried using other user accounts (although it doesn't even appear
to be getting far enough to matter) and specifying many options on the
command line (the server, ip, etc).
Any suggestions? I'll be trying an older version of Samba from RHEL
4.6 as well as on other Linux boxes to make sure this isn't some sort
of regression, but maybe someone here can point me in the right
direction.
Thanks,
Ray