Re: [Samba] PDC: Linux Client can't join the domain.

Fri, 15 May 2009 08:58:25 -0700

Hi Adam. I'm sorry for the late answer. Ok I've added the machine account manually with a .ldif. Then, when the client join the domain, samba modifiy the entry, with sambaSID and other. 
On the client I receive: Joined Domain DOMINIO

but on log I still receive:
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client DEBIAN machine account DEBIAN$ 

then with an high loglevel on samba I get this:

[2009/05/14 15:15:57, 10] libsmb/credentials.c:creds_server_init(186)
 creds_server_init: client chal : A047C2F85202142F
[2009/05/14 15:15:57, 10] libsmb/credentials.c:creds_server_init(187)
 creds_server_init: server chal : 0012364D7628C4B5
[2009/05/14 15:15:57,  5] libsmb/credentials.c:creds_init_128(70)
 creds_init_128
[2009/05/14 15:15:57,  5] libsmb/credentials.c:creds_init_128(71)
       clnt_chal_in: A047C2F85202142F
[2009/05/14 15:15:57,  5] libsmb/credentials.c:creds_init_128(72)
       srv_chal_in : 0012364D7628C4B5
[2009/05/14 15:15:57, 10] libsmb/credentials.c:creds_server_init(205)
 creds_server_init: clnt : 9E53396C4265DCC1
[2009/05/14 15:15:57, 10] libsmb/credentials.c:creds_server_init(206)
 creds_server_init: server : DE8F791907CC3E7A
[2009/05/14 15:15:57, 10] libsmb/credentials.c:creds_server_init(207)
 creds_server_init: seed : 9E53396C4265DCC1

[2009/05/14 15:15:57,  5] 
libsmb/credentials.c:netlogon_creds_server_check(221)

 netlogon_creds_server_check: challenge : ADBFFA3C1575AA41

[2009/05/14 15:15:57,  5] 
libsmb/credentials.c:netlogon_creds_server_check(222)

 calculated: 9E53396C4265DCC1

[2009/05/14 15:15:57,  2] 
libsmb/credentials.c:netlogon_creds_server_check(223)

 netlogon_creds_server_check: credentials check failed.



Another thing, after joined the domain, i can see domain users with 
getent passwd? Or I must add ldap support on the client computer?


Thanks in advance

Adam Williams wrote:

i would delete uid=debian$,ou=Computers,dc=DOMINIO and load this ldif:

dn: uid=debian$,ou=Computers,dc=DOMINIO
objectClass: person
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: debian$
uid: debian$
sn: debian$
uidNumber: 1001
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
displayName: DEBIAN$
userPassword: {crypt}!!
shadowLastChange: 13916
shadowMax: 99999
shadowWarning: 7

then on DEBIAN do net join -D DOMINIO -S PDC_SERVER_NAME -U root%password
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to