Thread-topic: Machine locked out of domain suddenly
User-agent: Microsoft-Entourage/11.2.0.050811
Jeremiah Sypult had the solution for me. Drop the Samba server to a
standalone server and then re-promote it to a PDC, using the Directory Admin
id and password to create the PDC. Did that and the machine instantly
re-joined the domain.
Tim Wilkinson
ITC-ACHS
University of Virginia
email@hidden
> From: John Gerth <email@hidden>
> Date: Tue, 04 Oct 2005 22:34:36 -0700
> To: "Timothy K. Wilkinson" <email@hidden>
> Cc: "email@hidden" <email@hidden>
> Subject: Re: Machine locked out of domain suddenly
>
> Timothy K. Wilkinson wrote:
>> We have an OS X 10.4.2 server running as a PDC on our subnet. We have one
>> Windows machine that has joined that domain and authenticated without
>> problem for over a year.
>>
>> The other day it suddenly couldn't find the domain or authenticate. We took
>> it out of the domain and then tried to re-join but we only get an "Access is
>> denied" error now.
>>
>> The Samba log shows the following:
>>
>> /SourceCache/samba/samba-92.9/samba/source/lib/util_sock.c:read_socket_data
>> (400)
>> read_socket_data: recv failure for 4. Error = Connection reset by peer
>> [2005/10/04 09:19:37, 0]
>> /SourceCache/samba/samba-92.9/samba/source/rpc_server/srv_samr.c:api_samr_se
>> t_userinfo(786)
>> api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
>> [2005/10/04 09:19:37, 0]
>> /SourceCache/samba/samba-92.9/samba/source/libsmb/smbencrypt.c:decode_pw_buf
>> fer(539)
>> decode_pw_buffer: incorrect password length (-511606943).
>> [2005/10/04 09:19:37, 0]
>> /SourceCache/samba/samba-92.9/samba/source/libsmb/smbencrypt.c:decode_pw_buf
>> fer(540)
>> decode_pw_buffer: check that 'encrypt passwords = yes'
>>
>>
>> We're using the Directory Admin password which worked just fine when we
>> switched over to Tiger. I've googled the Samba log entries with no success
>> at all.
>>
> The fact that you've got any messages means that the client found the PDC.
>
> This looks like a pretty straightforward password mismatch due to:
>> decode_pw_buffer: incorrect password length (-511606943).
> You might have to delete the machine manually as Apple doesn't do that.
> Try manually deleting the machine to clear out the old entry.
>
> OTOH, you could set the logging level to HIGH to see just what user
> they're complaining about. A machine has a userid of its name suffixed
> by a $, e.g. machine FRED has userid FRED$
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
