I've set the passwords for Administrator and for root with smbpassword and that doesn't seem to help.As far as I can tell I should be able to join the domain with the root account (added with smbldap-useradd -a -G 512 -m -s /bin/false -d /dev/null -F "" -P root). But all I get for my efforts is an error dialog "The following error occurred attempting to join the domain 'BI': The network path was not found".
If you're using the stock idealx setup (I believe) that you could be using the Administrator account, make sure that you have the password for that account, change it with smbpasswd if not. Your root user may or may not be set up right, I don't know the syntax of the command off hand.
Try to change your double quotes to single quotes, I believe that has been known to cause issues.
Do you mean the double quotes in the smbldap-useradd command above?
The sambaDomain object does exist and was created by the idealx setup script I believe. At any rate it shows up in my LDAP tree. From my gui LDAP browser, this is what my directory looks like:
Have you set the password for your manager DN? Does your sambaDomain object exist?
World
> iiw
> bibleinfo
> bi #sambaDomain object?
* Computers
* Groups
* Idmap
% Manager
% NextFreeUnixId
* People
% Administrator
% User1
% User2
.
.
% nobody
% proxyagent
% root
% user3
.
.
I'm using JXplorer and the symbols > * % above translate to icons as follows:
> = small round circle (generic object icon I think)
* = an icon looking like a cluster or tree of boxes (container for objects?)
% = an icon consisting of a little face (user) and a sheet of paper (properties)
Grasping at straws a bit here since your log doesn't seem to say anything blatantly obvious.
Speaking of logs. I bumped the log level down to 2 and this is what was printed for two consecutive domain joining attempts (one with the root user, and one with the Administrator user)
[2004/12/08 09:03:34, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2004/12/08 09:03:34, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2004/12/08 09:03:34, 2] passdb/pdb_ldap.c:init_sam_from_ldap(485)
init_sam_from_ldap: Entry found for user: root
[2004/12/08 09:03:35, 2] passdb/pdb_ldap.c:init_group_from_ldap(1902)
init_group_from_ldap: Entry found for group: 512
[2004/12/08 09:03:35, 2] passdb/pdb_ldap.c:init_group_from_ldap(1902)
init_group_from_ldap: Entry found for group: 1000
[2004/12/08 09:03:35, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded
[2004/12/08 09:03:36, 2] smbd/server.c:exit_server(571)
Closing connections
[2004/12/08 09:10:53, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2004/12/08 09:10:53, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2004/12/08 09:10:53, 2] passdb/pdb_ldap.c:init_sam_from_ldap(485)
init_sam_from_ldap: Entry found for user: Administrator
[2004/12/08 09:10:53, 2] passdb/pdb_ldap.c:init_group_from_ldap(1902)
init_group_from_ldap: Entry found for group: 512
[2004/12/08 09:10:53, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [Administrator] -> [Administrator] -> [Administrator] succeeded
[2004/12/08 09:10:54, 2] smbd/server.c:exit_server(571)
Closing connections
A log level of 3 gives much more detail, but that's a lot to post here and I don't see anything that jumps out at me error-wise. Would it be a problem with an obscure setting on the XP machine somehow?
I've tried disabling "Domain member: Digitally encrypt or sign secure channel data (always)" as suggested by Chuck, but I still get the same error. ("The network path was not found")
I presume this is the same as another suggestion I found about changing the registry:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameter s]
"requiresignorseal"=dword:00000000
"signsecurechannel"=dword:00000000
So the bottom line is still no luck. Anyone have additional suggestions?
-Andrew
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
