I think I have narrowed this down even further. I have been working through getting rid of error messages in the logs, and I have updated Samba to 3.4.3. This might have fixed the issue, and I won't know for some time, but I can still see the following error appearing in the logs, which seems to line up with the core issue of machine trust accounts expiring.
rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client AC-2150 machine account AC-2150$ I have noticed that the new Windows 7 machines say the password has expired on the same date that is in "sambaPwdLastSet". I added the "X" attribute in sambaAcctFlags in an attempt to stop the accounts from expiring. Below is an ldif of a Windows 7 machine trust account dn: uid=ac-2150$,ou=computers,dc=domain,dc=local objectClass: top objectClass: account objectClass: posixAccount objectClass: sambaSamAccount cn: ac-2150$ uid: ac-2150$ uidNumber: 1111 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer sambaDomainName: DOMAIN sambaPrimaryGroupSID: S-1-5-21-3581057417-3103041693-70022037-515 sambaSID: S-1-5-21-3581057417-3103041693-70022037-3222 sambaNTPassword: DABA25E3910551C63347D399520C123D sambaAcctFlags: [WX ] sambaPwdLastSet: 1260776037 Any help would be appreciated. aF -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
