Bug 10105 - net rpc join works, but Samba does not create machine account
Summary: net rpc join works, but Samba does not create machine account
Status: NEW
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: Tools (show other bugs)
Version: 4.0.8
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-08-22 11:25 UTC by Milan Kerslager
Modified: 2013-08-22 11:25 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Milan Kerslager 2013-08-22 11:25:42 UTC
I have Samba 4.0.8 set up as domain controler (PDC). I'm able to join to domain on this PDC with Windows XP and the I'm able to log to domain from this Windows machine.

I'm trying to join to the domain with Fedora 19 client machine, but "net ads join" fails (SEGV, see bug #10102 here). I tryed Fedora 18 too and it worked.

I read manual so I tryed "net rpc join". It worked, but account on the Samba machine was not created. In the logs I can see this:

==> /var/log/samba/log. <==
[2013/08/22 13:19:27.943215,  0] ../source3/passdb/lookup_sid.c:1490(get_primary_group_sid)
  Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client PITOMA machine account PITOMA$
[2013/08/22 13:19:27.949135,  0] ../source3/passdb/lookup_sid.c:1490(get_primary_group_sid)
  Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$Failed to find a Unix account for pitoma$_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client PITOMA machine account PITOMA$

I tryed to pre-create account, but it seems like credintials are not properly set, so I was not able to login via this join (trust).

It seems like final part of joining the domain does not work.

I saw domainjoin command too and atext abou common library with net command, but it seems like this tool was dropped in Samba 4.