The problem is caused by the client not having the address of the domain controller.
On a windows client, you need to populate %SYSTEM_ROOT%\system32\drivers\etc\lmhosts use UPPERCASE names regardless of what the MS docs say. On 10/10/2007, Matt Anderson <[EMAIL PROTECTED]> wrote: > Dear Help, > > Here is my situation: > We have offices located in several areas around the country, all of which can > communicate with each other through VPNs we have established. I have set up a > Samba domain in which the PDC is located here in our home office, and there > are > BDCs for the same domain in each of the remote offices. > > I have been able to successfully join machines here in our home office to the > domain through Windows, but am not having any luck when I try to join the > domain > at one of the remote locations. When I go through the manual process of > joining > the domain on a Windows XP machine, I get a password prompt for the domain > user > that can add the machine (so I know it's at least finding the BDC)... but then > after I type in the username and password, I get the following error: > "The following error occurred attempting to join the domain "ourdomain": The > specified domain either does not exist or could not be contacted." > > I've searched Google for this error and have not found anything useful. I've > gone back through the Samba-HowTo on BDC configuration and have not yet found > anything. > > Any help would be greatly appreciated! -Matt > > Here are my configuration files. (Oh, and for whatever reason, even with a > log > level of 5, whenever I attempt to join the machine to the domain, no log entry > is created). > > For the PDC: > [global] > netbios name = ds-pdc-1 > workgroup = OURDOMAIN > server string = Samba PDC %v %h > obey pam restrictions = Yes > passdb backend = "ldapsam:ldaps://IP.HERE ldaps://IP.HERE" > security = user > log level = 3 > log file = /var/log/samba/%m.log > max log size = 5000 > add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null/ -g > machine -c > 'Machine Account for %u' -s /bin/false %u > logon path = > logon home = > domain logons = Yes > os level = 128 > preferred master = Yes > domain master = Yes > ldap admin dn = cn=admin,o=ORGANIZATION > ldap group suffix = ou=Groups > ldap idmap suffix = ou=IDMap > ldap machine suffix = ou=Workstations > ldap user suffix = > ldap filter = (cn=%u) > ldap suffix = o=ORGANZIATION > ldap passwd sync = No > unix password sync = Yes > passwd program = /usr/sbin/smbldap-passwd -u %u > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > idmap backend = "ldaps://IP.HERE ldaps://IP.HERE" > idmap uid = 10000-20000 > idmap gid = 10000-20000 > veto files = /.?*/ > dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd > wins support = Yes > encrypt passwords = Yes > logon script = %U.bat > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > write list = root > browseable = No > share modes = No > > And here is a BDC -- located offsite: > [global] > workgroup = OURDOMAIN > server string = Samba BDC %v %h > obey pam restrictions = Yes > passdb backend = "ldapsam:ldaps://IP.HERE ldaps://IP.HERE" > log level = 2 > log file = /var/log/samba/%m.log > max log size = 1000 > logon path = > logon home = > domain logons = Yes > domain master = No > preferred master = Yes > ldap admin dn = cn=admin,o=ORGANIZATION > ldap group suffix = ou=Groups > ldap idmap suffix = ou=IDMap > ldap machine suffix = ou=Workstations > ldap suffix = o=ORGANIZATION > ldap passwd sync = No > unix password sync = Yes > passwd program = /usr/sbin/smbldap-passwd -u %u > passwd chat = *New*password* %n\n *retype*new*password* %n\n > idmap backend = "ldaps://IP.HERE ldaps://IP.HERE" > idmap uid = 10000-20000 > idmap gid = 10000-20000 > veto files = /.?*/ > dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd > wins server = IP.OF.PDC.HERE > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > write list = root > browseable = No > share modes = No > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
