Adding Domain User Accounts to Windows 7 Clients (Samba3.4.8 PDC)
in [Samba]
|
Prev: Adding Domain User Accounts to Windows 7 Clients (Samba 3.4.8 PDC)
Next: Adding Domain User Accounts to Windows 7 Clients (Samba 3.4.8 PDC)
From: tms3 on 17 Jun 2010 13:10 SNIP > > > Does anybody have any ideas? I've run into this. It's a real bear. I've found that a proper WINS setup is very useful, but more important is to find out what is going on during the wire transactions. Google the appropriate one of these tools for your platform: NM33_x64.exe NM33_x86.exe install it and see what's occuring during the transactions. Post THE RELEVANT stuff and I might be able to parse it (post 100's of lines of stuff and I probably won't bother looking at it). Cheers, > > > > Thanks, > Bryan Walton > > On Tue, Jun 15, 2010 at 12:22:25PM -0500, Walton, Bryan K wrote: >> >> Hi, >> >> I've searched the logs and google trying to find a fix for my problem >> and have so far not succeeded. >> >> I've got a Samba PDC (Debian Lenny), running Samba 3.4.8 from Debian >> Backports. It is using an OpenLdap backend. We have encountered >> little >> to no problems over the last several years. And of course, we have to >> upgrade to Windows 7 (64-bit), from XP-64. So, here we are. >> >> Following the wiki here: http://wiki.samba.org/index.php/Windows7 I >> have >> made the registry changes mentioned on this page. >> >> I can successfully join the Windows 7 client to our Samba PDC. >> Furthermore, domain users are able to login, by using the following >> syntax: domain\username and password. Finally, users are able to >> access >> domain shares without difficulty. >> >> However, I am unable to successfully add domain user accounts to the >> client. When I attempt this, I receive the following error: >> >> "The user could not be added because the following error has occurred: >> >> The trust relationship between the workstation and the primary domain >> failed." >> >> Can anybody help pinpoint my error? >> >> My samba PDC logs show the following: >> >> Jun 15 12:11:31 nishnabotna smbd[2746]: [2010/06/15 12:11:31, 0] >> auth/auth_sam.c:355(check_sam_security) >> Jun 15 12:11:31 nishnabotna smbd[2746]: check_sam_security: >> make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' >> Jun 15 12:11:32 nishnabotna smbd[2746]: [2010/06/15 12:11:32, 0] >> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) >> Jun 15 12:11:32 nishnabotna smbd[2746]: _netr_ServerAuthenticate3: >> netlogon_creds_server_check failed. Rejecting auth request from client >> CALLENDER machine account CALLENDER$ >> >> And perhaps to state the obvious, the user I'm attempting to add does >> exist on the network. By the way, I'm getting this error when trying >> to >> add ANY domain user account to Windows 7 clients. >> >> I would appreciate any input you might offer. >> >> Thanks, >> Bryan Walton >> >> -- >> Bryan K. Walton Division of Physiologic Imaging >> Systems Administrator University of Iowa Hospitals and Clinics >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: tms3 on 17 Jun 2010 18:40
> > --- Original message --- > Subject: Re: [Samba] Adding Domain User Accounts to Windows 7 > Clients (Samba3.4.8 PDC) > From: "Walton, Bryan K" <bryan-walton(a)uiowa.edu> > To: <samba(a)lists.samba.org> > Date: Thursday, 17/06/2010 2:53 PM > > On Tue, Jun 15, 2010 at 12:22:25PM -0500, Walton, Bryan K wrote: >> >> >> However, I am unable to successfully add domain user accounts to the >> client. When I attempt this, I receive the following error: >> >> "The user could not be added because the following error has occurred: >> >> The trust relationship between the workstation and the primary domain >> failed." > > Hi everybody, thanks for your replies. I've found the problem, I > believe, and have a work around. About 15 minutes ago, I stumbled > across > this web page: > > http://social.technet.microsoft.com/Forums/en/w7itpronetworking/thread/7d0bb953-3514-4475-8f00-5f624f5f6b00 > > As it turns out, a "new feature" of Windows 7 is that you cannot > directly add domain users as local users. Instead, you must add > desired > domain users to local groups, achieving the desired result. I have > verfied that this works without difficulty. > > In the past, I was able to add domain user acocunts as local accounts, > but it appears that Microsoft no longer allows this with Windows 7. Ummm, no that is incorrect. If you would like I will send you a screen shot. This method you describe is what I've used to admin W2K3 member servers to a Samba3-LDAP domain. As long as it works... > > > > Thanks again, > Bryan > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |