I would create a new domain admin account that will allow you to add machines to the domain. Experience tells me this is a privilege issue with the admin account.
On Tuesday, August 22, 2006, at 06:07AM, Lars-Gunnar Persson <email@hidden> wrote:
>I'm not able to add Win clients to my domain anymore. I receive an
>error on the PC (2000 or XP):
>
>"The following error occurred attempting to join the domain "[DOMAIN]":
>Logon failure: unknown user name or password."
>
>But I am able to log on to the server when accessing shares and
>printers. This error message only appears when joining the domain.
>
>And on the Mac OS X 10.4.7 server I get the following in my log.smbd:
>
>[2006/08/22 11:32:03, 2] /SourceCache/samba/samba-92.20/samba/source/
>auth/auth.c:check_ntlm_password(360)
> check_ntlm_password: authentication for user [tmpadmin] ->
>[tmpadmin] -> [tmpadmin] succeeded
>[2006/08/22 11:32:03, 2] /SourceCache/samba/samba-92.20/samba/source/
>lib/module.c:do_smb_load_module(63)
> Module '/usr/lib/samba/vfs/darwin_acls.so' loaded
>[2006/08/22 11:32:04, 2] /SourceCache/samba/samba-92.20/samba/source/
>rpc_server/srv_samr_nt.c:_samr_lookup_domain(2531)
> Returning domain sid for domain [DOMAIN] ->
>S-1-5-21-457614760-3765950544-3595693477
>[2006/08/22 11:32:04, 2] /SourceCache/samba/samba-92.20/samba/source/
>rpc_server/srv_samr_nt.c:access_check_samr_object(93)
> _samr_open_domain: ACCESS DENIED (requested: 0x00000211)
>[2006/08/22 11:32:04, 2] /SourceCache/samba/samba-92.20/samba/source/
>rpc_server/srv_samr_nt.c:_samr_lookup_domain(2531)
> Returning domain sid for domain [DOMAIN] ->
>S-1-5-21-457614760-3765950544-3595693477
>[2006/08/22 11:32:04, 2] /SourceCache/samba/samba-92.20/samba/source/
>rpc_server/srv_samr_nt.c:access_check_samr_object(93)
> _samr_open_user: ACCESS DENIED (requested: 0x000000b0)
>[2006/08/22 11:32:04, 2] /SourceCache/samba/samba-92.20/samba/source/
>rpc_server/srv_samr_nt.c:access_check_samr_object(93)
> _samr_open_user: ACCESS DENIED (requested: 0x00000090)
>[2006/08/22 11:32:04, 2] /SourceCache/samba/samba-92.20/samba/source/
>smbd/server.c:exit_server(595)
> Closing connections
>
>where DOMAIN is my domain name and tmpadmin is a user account with
>all privileges.
>
>I've been googling (oops, I'm not sure I can say that :-)) and
>reading all the documentation I could find, but without any luck.
>
>What's strange is that when the server was installed I was able to
>add a lot of clients. Then I've probably done something wrong and now
>I'm getting into trouble. So, what have I been doing?
>
>Editing /etc/smb.conf
> * Adding the line: logon home = \\[FILESERVER]\%U
> * Removing the line: #logon path = \\%N\profiles\%u
>
>Adding a group mapping with the command net
> net groupmap add ntgroup="Domain Admins" unixgroup="admin"
>type=domain
> net groupmap cleanup
>but also reverted back to default group mappings.
>
>Reconfigured the Windows service by removing /var/samba and /etc/
>smb.conf. Didn't help.
>
>Editing /etc/openldap/slapd.conf:
> * Adding a schema from ldapuserdata ( a Squirrelmail plug-in) but
>has removed this schema now.
>
>Are there other services/configuration files I have to look at?
>
>Do you have ANY tips? This is starting to get urgent for me now!
>
>Regards,
>
>Lars-Gunnar Persson
>
>
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Macos-x-server mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>http://lists.apple.com/mailman/options/macos-x-server/email@hidden
>
>This email sent to email@hidden
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
