Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
Message
General information
Forum:
Linux
Category:
SAMBA
Title:
Re: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
Miscellaneous
Thread ID:
00649128
Message ID:
00649232
Views:
19
>I am trying to get Linux-Mandrake (the latest version) to authenticate on a Windows TCP/IP network using DOMAIN security to a NT 4 Server named FEMC1 which is the primary domain controller for the domain FEMC. Linux is installed and functional on the network and Samba is working when the share is public, but I wanted to limit access to only those users who have a valid account in the NT domain. I turned off public access to the share and set SECURITY = DOMAIN and PASSWORD SERVER = * but in order for that to work I understood I had to generate a Microsoft-format machine password for the Linux-Mandrake server.
>
>Logged in as root on bradbury (the linux box), I issued the command,
>smbpasswd -j FEMC -r FEMC1
>
>I received this message:
>cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
>cli_nt_setup_creds: auth2 challenge failed
>modify_trust_password: unable to setup the PDC credentials to machine FEMC1.
>Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
>2002/04/23 12:58:07 : change_trust_account_password: Failed to change password for domain FEMC.
>Unable to join domain FEMC.
>
>On FEMC1, in the server manager utility, I can see Bradbury in the list.
>
>Does anyone know what my problem is here?

From the www:

"A server will show up in Server Manager even if it's not a domain
member (as long as it's in the workgroup with the same name as the
domain). There's an option in Server Manager to display only the
members of the domain. If the admin enables that option, your server
will not appear in the list. Tell him to create a computer account
anyway."

"Your NT Administrator needs to delete the reference to your machine, re-add
it, and then let you know. Once he does that, then you can perform the
Smbpasswd -j corporate -r vldpdc1. You can explain to him that the current
machine listed in the Server Manager has a different SID (Security ID) than
your current Linux machine. This process solved the problem for me."

"try disabling nt's chalenge responce and switching it to text mode."

"I think you need to have 'netbios name = Linux' in your smb.conf file.
This is the name that also needs to be added using Server Manager for Domains -
but it looks like that is already done.
I would run smbpasswd with smbd, and nmbd running so that you will
get netbios name resolution.
Then run smbpasswd -j FEMC -r FEMC1
Restart samba.
Hope that helps."


http://www.ale.org/archive/ale/ale-2002-01/msg00623.html

http://lists.samba.org/pipermail/samba/2002-January/064057.html

JLK
Nebraska Dept of Revenue
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform