Bug 467 - Unable to join domain using net rpc join
Summary: Unable to join domain using net rpc join
Status: RESOLVED DUPLICATE of bug 442
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: net utility (show other bugs)
Version: 3.0.0preX
Hardware: All Linux
: P3 major
Target Milestone: none
Assignee: Jim McDonough
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-09-17 11:46 UTC by Rolf Østvik
Modified: 2005-11-14 09:29 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Rolf Østvik 2003-09-17 11:46:12 UTC
Trying to join a Windows 2000 domain controller.
Does not work for rc3 and rc4.
Does work for beta2 and rc1.
Uses same smb.conf file.

Example:
------------------------- rc4 --------
root # net --version
Version 3.0.0rc4
root # net rpc join -n AXITHPRDS20 -Ua7893
Password:
[2003/09/17 19:15:43, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(286)
  error setting trust account password: NT_STATUS_WRONG_PASSWORD
Unable to join domain AXXESSIT.
root#

------------------------- rc1 --------
root # net --version
Version 3.0.0rc1
root # net rpc join -n AXITHPRDS20 -Ua7893
Password:
Joined domain AXXESSIT.

Please a-mail me if more information is wanted.

smb.conf:
[global]
   workgroup = AXXESSIT
   hosts allow = 10.20.44.0/255.255.252.0 127.
   log file = /var/log/samba/log.%m
   max log size = 50
   security = domain
   password server = AXITHNTS10
   encrypt passwords = yes
   null passwords = true

#============================ Share Definitions ==============================
[homes]
   comment = Home Directory
   browseable = no
   writable = yes
Comment 1 Guenther Deschner 2003-09-19 05:39:49 UTC
While trying to do the same (joining via rpc to a win2k-domain) i got the same
result.

samba3.0.0rc4
win2kdc latest sp

oddly enough joining works fine via kerberos (net ads join).


here the error:
net rpc join -U administrator%password -d3 -S mydc1

[2003/09/19 13:59:38, 3] lib/util_sock.c:open_socket_out(690)
  Connecting to 192.168.10.10 at port 445
[2003/09/19 13:59:38, 3] rpc_client/cli_netlogon.c:cli_nt_setup_creds(283)
  cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED
[2003/09/19 13:59:38, 3] libsmb/trusts_util.c:just_change_the_password(43)
  just_change_the_password: unable to setup creds (NT_STATUS_ACCESS_DENIED)!
[2003/09/19 13:59:38, 1] utils/net_rpc.c:run_rpc_command(152)
  rpc command function failed! (NT_STATUS_ACCESS_DENIED)
[2003/09/19 13:59:38, 3] libsmb/cliconnect.c:cli_start_connection(1298)
  Connecting to host=mydc1
[2003/09/19 13:59:38, 3] lib/util_sock.c:open_socket_out(690)
  Connecting to 192.168.10.10 at port 445
[2003/09/19 13:59:38, 2] libsmb/cliconnect.c:cli_session_setup_spnego(643)
  Doing spnego session setup (blob length=111)
[2003/09/19 13:59:38, 3] libsmb/cliconnect.c:cli_session_setup_spnego(668)
  got OID=1 2 840 48018 1 2 2
[2003/09/19 13:59:38, 3] libsmb/cliconnect.c:cli_session_setup_spnego(668)
  got OID=1 2 840 113554 1 2 2
[2003/09/19 13:59:38, 3] libsmb/cliconnect.c:cli_session_setup_spnego(668)
  got OID=1 2 840 113554 1 2 2 3
[2003/09/19 13:59:38, 3] libsmb/cliconnect.c:cli_session_setup_spnego(668)
  got OID=1 3 6 1 4 1 311 2 2 10
[2003/09/19 13:59:38, 3] libsmb/cliconnect.c:cli_session_setup_spnego(675)
  got principal=mydc1$@MY.REALM
[2003/09/19 13:59:38, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(469)
  Got challenge flags:
[2003/09/19 13:59:38, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(33)
  Got NTLMSSP neg_flags=0x60890205
[2003/09/19 13:59:38, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(518)
  NTLMSSP: Set final flags:
[2003/09/19 13:59:38, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(33)
  Got NTLMSSP neg_flags=0x60080205
[2003/09/19 13:59:38, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(186)
  lsa_io_sec_qos: length c does not match size 8
[2003/09/19 13:59:38, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(286)
  error setting trust account password: NT_STATUS_WRONG_PASSWORD
Unable to join domain MYDOMAIN.
[2003/09/19 13:59:38, 2] utils/net.c:main(760)
  return code = 1

Comment 2 Gerald (Jerry) Carter (dead mail address) 2003-09-20 10:02:36 UTC

*** This bug has been marked as a duplicate of 442 ***
Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-02-07 09:04:53 UTC
originally reported against one of the 3.0.0rc[1-4] releases.
Cleaning up non-production versions.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:29:52 UTC
database cleanup