I had the same problem on my RHEL 4 system. after setting "machine password timeout = 0" the problems have gone away.
chris > -----Original Message----- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > ba.org] On Behalf Of Dukhan, Meir > Sent: Tuesday, January 24, 2006 8:15 PM > To: [email protected] > Cc: Dukhan, Meir > Subject: [Samba] Machine failing to keep its trust with > Domain Controller > > Hi, > > We have a Linux (RHEL 3.0, update 3) Samba 3 server which worked fine > for months > but suddently have trouble to keep its trust with the DC server. > > The only way to recover is to reset the machine account from > the Windows > DC side > and do a "net join" to the domain from the Linux side. The > Linux machine > is able to > keep its "trust" with the domain exactly 7 days, which, AFAIU, is the > default in Samba and > also in the DC side. > > It is somewhat surprizing since this Linux Samba server w/o > problems for > months. > >From the Windows DC side, the only thing which was done just > before this > problem > appeared, was to patch the DC to SP1 as far as I remember. > > Below are the messages we can see in the > /var/log/samba/samba.log file: > > [2006/01/18 10:49:57, 0] > smbd/change_trust_pw.c:change_trust_account_password(45) > Can't get IP for PDC for domain MY_DOMAIN > [2006/01/18 10:49:57, 0] > smbd/change_trust_pw.c:change_trust_account_password(93) > 2006/01/18 10:49:57 : change_trust_account_password: Failed > to change > password for domain MY_DOMAIN. > > Linux Kernel: 2.4.21-20.ELsmp > Samba: > samba-3.0.4-6.3E > samba-common-3.0.4-6.3E > > /etc/smb.conf: see below > > Tia > > -- Meir > /etc/smb.conf > # Global parameters > > [global] > workgroup = MY_DOMAIN > netbios name = Samba_Server > server string = Samba Server > security = DOMAIN > encrypt passwords = Yes > password server = mydc-server.com > log file = /var/log/samba/samba.log > log level = 1 > max log size = 0 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > dns proxy = No > wins server = our_wins > kernel oplocks = No > create mask = 0775 > directory mask = 0775 > oplocks = No > username map = /etc/samba/username.map > case sensitive = no > preserve case = yes > local master = no > use sendfile = no > > [homes] > comment = Home Directories > valid users = %S > read only = No > create mask = 0664 > browseable = No > > > > > > ************************************************************** > ********************* > This email message and any attachments thereto are intended > only for use by the addressee(s) named above, and may contain > legally privileged and/or confidential information. If the > reader of this message is not the intended recipient, or the > employee or agent responsible to deliver it to the intended > recipient, you are hereby notified that any dissemination, > distribution or copying of this communication is strictly > prohibited. If you have received this communication in error, > please immediately notify the [EMAIL PROTECTED] and destroy > the original message. > ************************************************************** > ********************* > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
