I have a few errors I'm trying to chase down in an effort to get a Win7 client in my domain. WinXP works -- tested unjoining and rejoining today, and it can still join.
I have the registry adds for DNSNameResolutionRequired=0 under LanmanServer&Client/Params (put it in both places in attempt to get things working), as well as a DomainCompatibilityMode=1 I've tried moving to winbind for some flexibility, and it led me down an interesting path with some log messages on startup: initialize_winbindd_cache: clearing cache and re-creating with version number 1 [2010/01/13 15:46:06, 2] winbindd/winbindd_util.c:235(add_trusted_domain) Added domain BUILTIN S-1-5-32 [2010/01/13 15:46:06, 2] winbindd/winbindd_util.c:235(add_trusted_domain) Added domain BLISS S-1-5-21-33333-77777-33333 [2010/01/13 15:46:08, 0] libsmb/namequery.c:75(saf_store) saf_store: refusing to store 0 length domain or servername! [2010/01/13 15:46:08, 1] rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pd u) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR receiv ed from host ISHTAR! Anyone seen an error about 0 length names before? The OP_RNG error led me to try some ops with net rpc on ishtar. I tried a "net rpc samdump" and got: get_schannel_session_key: could not fetch trust account password for domain 'BLISS' cli_rpc_pipe_open_schannel: failed to get schannel session key from server 127.0.0.1 for domain BLISS. Could not initialise schannel netlogon pipe. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO ---- I presume this isn't just a 'noise level' problem? How can I re-initialize the schannel session key for Bliss? I even tried changing the trustpassword to see if that would reset the the schannel key. It failed due to an inability to get the schannel session key. Also, maybe it's unimportant, but with winbind running, I tried to fetch the DC name for my domain with "wbinfo --getdcname 'Bliss'", but it returned "Could not get dc name for Bliss". Should this work with samba 3.4.3 ? The Windows client goes from getting 'Domain name can't be found" to "Access Denied" depending on combinations of the Sign/Seal level of security and NTLM/LM/NTLMv2 params (trying various combinations. Note: I've tried the identical settings of the XP client without success). Anyone solved these problems or seen them before? Thanks, Linda -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
