Samba – Create SAMBA node trust relationship to Windows 2003 PDC server

domain-controlleropenvmssambawindows-server-2003

I am having problems creating a trust relationship
between an OpenVMS/IA64 node running V/IA64 8.3-1H1,
TCPIP 5.6 ECO 5, CIFS 1.1 ECO1 PS11 (SAMBA 3.0.28a)
and Windows 2003 server running as a PDC.

I do have two other OpenVMS/Alpha nodes running V/A 8.3,
TCPIP 5.6 ECO 4, CIS 1.1 ECO1 PS10 (SAMBA 3.0.28a)
with working trust relationships to the same Windows 2003 server.

Looking for assistance in resolving the trust "handshake".

              \\

Details from failing node.

Unless otherwise noted, corresponding files on working nodes
are similar or identical.

SMB.CONF extract:

[global]
server string = Samba %v running on %h (OpenVMS)
workgroup = WILMA
netbios name = %h
security = DOMAIN
encrypt passwords = Yes
name resolve order = lmhosts host wins bcast
Password server = *
log file = /samba$log/log.%m
printcap name = /sys$manager/ucx$printcap.dat
guest account = DYMAX
print command = print %f/queue=%p/delete/passall/name="""""%s"""""
lprm command = delete/entry=%j
map archive = No
printing = OpenVMS

net rpc testjoin
[2010/08/13 16:09:28, 0] SAMBA$SRC:[SOURCE.RPC_CLIENT]CLI_PIPE.C;1:(2443)
get_schannel_session_key: could not fetch trust account password for domain 'WILMA'
[2010/08/13 16:09:28, 0] SAMBA$SRC:[SOURCE.UTILS]NET_RPC_JOIN.C;1:(72)
net_rpc_join_ok: failed to get schannel session key from server W2K3AD2 for domain WILMA. Error was

NT_STATUS_CANT_ACCESS_DOMAIN_I
NFO
Join to domain 'WILMA' is not valid

net rpc join "-Uaccount%password"
tdb_open_isam: error verifying status of file SAMBA$ROOT:[PRIVATE]secrets.tdb
tdb_open_isam: errno value = 1
[2010/08/13 16:21:13, 0] SAMBA$SRC:[SOURCE.PASSDB]SECRETS.C;1:(72)
Failed to open /SAMBA$ROOT/PRIVATE/secrets.tdb
[2010/08/13 16:21:13, 0] SAMBA$SRC:[SOURCE.UTILS]NET_RPC.C;1:(322)
error storing domain sid for WILMA
tdb_open_isam: error verifying status of file SAMBA$ROOT:[PRIVATE]secrets.tdb
tdb_open_isam: errno value = 1
[2010/08/13 16:21:13, 0] SAMBA$SRC:[SOURCE.PASSDB]SECRETS.C;1:(72)
Failed to open /SAMBA$ROOT/PRIVATE/secrets.tdb
[2010/08/13 16:21:13, 0] SAMBA$SRC:[SOURCE.UTILS]NET_RPC_JOIN.C;1:(409)
error storing domain sid for WILMA
Unable to join domain WILMA.

   \\

Example from other node:

net rpc testjoin
Join to 'WILMA' is OK

Best Answer

Execution of the NET JOIN from OpenVMS "SYSTEM" account rather than other privileged account resolved errors.

Related Topic