Bug 3586 - Machine Accounts don't work after a "net rpc vampire"
Summary: Machine Accounts don't work after a "net rpc vampire"
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.0.20b
Hardware: Other Windows 2000
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2006-03-06 09:37 UTC by Luis Vinay
Modified: 2006-03-06 09:38 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Luis Vinay 2006-03-06 09:37:03 UTC
Trying to replace a NT4-PDC I have configured a Samba+LDAP server, and done an "net rpc vampire [...]", everything works fine but the machine accounts don't, obiously, if I join a workstation to domain it works fine. Also I've found something strange, If you previously logged in to that machine you can use the workstation and to the server shares and printers, with no problem (I know that you can login to a W2k workstation if the domain is not available).
I done some dbugging and the only error that seems (to me) to be related is this: 

All events have the same date

      01bc status      : NT_STATUS_OK
  api_rpcTNP: called NETLOGON successfully
  api_rpcTNP: rpc input buffer underflow (parse error?)
  010a : 00 00 8a e3 13 71 02 f4 36 71 01 40 04 00 01 00 00 00 03 00 00 00 44 06 04 00 80 2f 0b 00

by the way here is my smb.conf

        workgroup = IPLAN
        netbios name = PDCIPLAN
        server string = IplanTest Samba3 & OpenLDAP PDC Server
        interfaces = eth0
        bind interfaces only = Yes
        passdb backend = ldapsam:ldap://localhost
        enable privileges = Yes
        username map = /etc/samba/smbusers
        log level = 10
        syslog = 0
        log file = /var/log/samba/%m.log
        max log size = 1024
        logon path =
        logon drive = X:
        logon home =
        name resolve order = host wins bcast
        time server = Yes
        printing = cups
        printcap name = cups
        show add printer wizard = No
        add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u"
        delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u"
        add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g"
        delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g"
        add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
        delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
        set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
        add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u"
        passwd program = /opt/IDEALX/sbin/smbldap-passwd %u
        logon script = scripts\logon.bat
        domain logons = Yes
        printcap cache time = 3
        domain master = Yes
        local master = Yes
        preferred master = Yes
        os level = 65
        security = user
        wins support = Yes
        ldap suffix = dc=iplan,dc=com,dc=ar
        ldap machine suffix = ou=People
        ldap user suffix = ou=People
        ldap group suffix = ou=Groups
        ldap idmap suffix = ou=Idmap
        ldap admin dn = cn=Administrator,dc=iplan,dc=com,dc=ar
        idmap backend = ldap:ldap://
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        map acl inherit = Yes
Comment 1 Luis Vinay 2006-03-06 09:38:09 UTC
Duplicated bug