×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Machines can't login after moving from smbpasswd to tdbsam

Machines can't login after moving from smbpasswd to tdbsam

Machines can't login after moving from smbpasswd to tdbsam

(OP)
Hi all,

We've decided to convert from smbpasswd to tdbsam for password
database.  We also upgraded our smb.conf file to bring it into line
with Samba 3 (our file hasn't changed in _years_).  So it includes
things like automated scripts for machine account logins etc.

We converted using pdbedit -i smbpasswd -e passwd.tdb and it appeared
to work correctly.

However, when users try to log in, they now get a message saying the
domain cannot be contacted, and this appears in the log file:

[2010/02/28 10:39:55,  0] rpc_server/srv_netlog_nt.c:336(get_md4pw)
 get_md4pw: Workstation JEFF-W7$: no account in domain
[2010/02/28 10:39:55,  0] rpc_server/srv_netlog_nt.c:
584(_netr_ServerAuthenticate3)
 _netr_ServerAuthenticate3: failed to get machine password for
account JEFF-W7$: NT_STATUS_ACCESS_DENIED

I've checked pdbedit and the machine "JEFF-W7" exists and is enabled
and all the other flags look correct (as they did in smbpasswd).

 I've obviously stuffed something up!  Could someone please point me
in the right direction?  I'm not sure if its some of the automated
scripts perhaps?

Thanks again!!!

Here is pdbedit -Lv for that particular PC:
---------------
Unix username:        JEFF-W7$
NT username:
Account Flags:        [W          ]
User SID:             S-1-5-21-3210725046-2967654944-2425555567-3034
Primary Group SID:    S-1-5-21-3210725046-2967654944-2425555567-513
Full Name:            Jeff Windows 7 64 Virtual Machine
Home Directory:
HomeDir Drive:        (null)
Logon Script:
Profile Path:
Domain:               UNIVERSE
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          never
Kickoff time:         never
Password last set:    Sun, 28 Feb 2010 10:52:17 EST
Password can change:  Sun, 28 Feb 2010 10:52:17 EST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
---------------


Here is my globals section of my smb.conf:

[global]

       workgroup = UNIVERSE
       netbios name = MAGTECH
       server string = Samba Server
       wins support = yes
       domain logons = yes
       preferred master = Yes
       domain master = yes
       local master = yes
       os level = 66
       dns proxy = yes
       name resolve order = wins lmhosts hosts bcast
       interfaces = eth0 eth1
       smb ports = 139
       bind interfaces only = true
       debug timestamp = yes
       log file = /var/log/samba/%m.log
       log level = 1
       max log size = 9216
       panic action = /usr/share/samba/panic-action %d
       security = user
       encrypt passwords = true
       passdb backend = tdbsam
       obey pam restrictions = no
       admin users = root, administator
       passwd program = /usr/bin/passwd %u
       passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX
\spassword:* %n\n *password\supdated\ssuccessfully* .
       add user script = /usr/sbin/useradd -m '%u'
       delete user script = /usr/sbin/userdel -r '%u'
       add group script = /user/sbin/groupdel '%g'
       add user to group script = /usr/sbin/usermod -G '%g' '%u'
       delete group script = /usr/sbin/groupdel '%g'
       add machine script = /user/sbin/useradd -s /bin/false -d /dev/null
'%u'
       logon path = \\%N\profiles\%U
       logon drive = P:
       logon script = %G.bat
       utmp = yes
       printing = cups
       printcap name = cups
       socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
       store dos attributes = yes
       hide files = /RECYCLER/desktop.ini/Desktop.ini/Thumbs.db/

Thanks a Million!

Max

RE: Machines can't login after moving from smbpasswd to tdbsam

(OP)
Hi all,

Any ideas for my post?

Thanks again,

Max

RE: Machines can't login after moving from smbpasswd to tdbsam

Have you tried turning on verbose logging for both samba and userenv on the client? It may shed some light on the subject.

RE: Machines can't login after moving from smbpasswd to tdbsam

Do your users' accounts work properly?

Can you use smbclient to log into a share as a user?

 

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close