it's a bug in rc1 already fixed in the svn and in the final 3.0.11.
John H Terpstra wrote:
David,
Get rid of the "Administrator" account. Use the "root" account instead. You have ambiguous names that can NOT unambiguously resolve to one identity.
ie: Is uid=0 root or is it Administrator? Does uid=0 map to the Administrator SID or to some other SID?
Also, use: net rpc join -S 'PDC_Name' -Uroot%secret
PS: It is best to populate your LDAP directory using:
"smbldap-populate -a root", not just the default which creates an "Administrator" account.
- John T.
On Wednesday 02 February 2005 15:11, MONGAN, DAVID (JSC-DV2) (USA) wrote:
net rpc join
Create of workstation account failed User specified does not have administrator privileges Unable to join domain BOB
I'm logged in as root. I setup ldap using the Idealx instructions and latest scripts. I can add users and see the samba server ie smbclient -L bob -Uroot%secret I set the password for the Administrator account and it is also set uid 0. I set the secrets.tdb password smbpasswd -w secret. I also have a ldap-secret file. I checked the SID for net getlocalsid to the SID's in the ldap database, all matched up. I tried running net rpc join -Uadministrator%secret For simplicity all the passwords I set are the same "secret".
Could someone please explain what the command;
net rpc join
is trying to authenticate? Why can't it create a "workstations account"? What "administrator privileges" is it looking for?
I am able to join the domain if I don't use the ldap backend. What's the magic setting for ldap?
Thanks,
David Mongan
-- Levente "Si vis pacem para bellum!"
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
