[Samba] pdbedit will only add users to the local machine domain, not the global domain
in [Samba]
|
From: John T. Guthrie III on 12 Aug 2008 13:50 Hello all, When I try to add a user to my secrets.tdb file on my Samba 3.2.0 PDC, the users are always added under the local machine domain, not the global domain. That is, if my PDC machine name is srv1, and it is PDC for the domain DOM1, then whenever I add a user using "pdbedit -a -u username", then that user gets placed under the local domain SRV1, not the global domain DOM1. So my first question is how to I get accounts to appear under the global domain, DOM1? Now, if I understand things correctly, the SRV1 domain and the DOM1 domain are supposed to have the same SID. So perhaps this doesn't matter. But when I try to run net rpc testjoin on a second machine srv2, I get [2008/08/12 04:31:57, 0] rpc_client/cli_pipe.c:get_schannel_session_key_common(2449) get_schannel_session_key: could not fetch trust account password for domain 'DOM1' [2008/08/12 04:31:57, 0] utils/net_rpc_join.c:net_rpc_join_ok(87) net_rpc_join_ok: failed to get schannel session key from server srv1 for domain DOM1. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO Join to domain 'DOM1' is not valid: NT_STATUS_CANT_ACCESS_DOMAIN_INFO (I get the same result with "net rpc testjoin -S srv1" as well.) When I look for the machine account srv1$ using "net rpc" commands, I can see the account, but it appears under the domain SRV1, not under the domain DOM1 like the error message would seem to indicate that it should be under. Here is my PDC config: [global] workgroup = DOM1 security = user encrypt passwords = yes passdb backend = tdbsam:/etc/samba/private/secrets.tdb local master = yes os level = 33 domain master = yes preferred master = yes Thanks in advance for any help that anyone can offer. John Guthrie guthrie(a)counterexample.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
Pages: 1 Prev: [Samba] net user error Next: pdbedit will only add users to the local machine domain, |