Solved

could not fetch trust account password for domain

Posted on 2004-03-22
9
11,410 Views
Last Modified: 2013-12-05
I am running slackware 9.1, Samba version 2.28
I joined my windows 2000 domain just fine.
However I setup a user to access a share I created in samba and I still get the could not fetch trust account password for domain error showing up in the log.
Now since I used the administrator account to join the domain do I need to have the administrato account setup on the Slackware machine?
0
Comment
Question by:kkiedrowski
  • 5
  • 4
9 Comments
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 10654263
did you added the machine account?

here is a mini how to for PDC

http://daniel.fiser.cz/?go=samba
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10657548
I do not want to setup the Linux machine as a PDC. I have it setup to just be a member server in a windows 2000 domain.
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 10660087
then maybe the error shown
"However I setup a user to access a share I created in samba and I still get the could not fetch trust account password for domain error showing up in the log."

it's because your winbindd is not configured yet ?
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 2

Author Comment

by:kkiedrowski
ID: 10660654
I would think that that was it except I can write fine to the home direcotry just not any new share I create. No once again I seem to have lost myself
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10660799
here is my samba config incase i did it wrong

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/03/23 14:29:55

# Global parameters
[global]
      coding system =
      client code page = 850
      code page directory = /etc/codepages
      workgroup = DMG2K
      netbios name = SLACK91
      netbios aliases =
      netbios scope =
      server string = Slackware 9.1
      interfaces =
      bind interfaces only = No
      security = DOMAIN
      encrypt passwords = Yes
      update encrypted = No
      allow trusted domains = Yes
      hosts equiv =
      min passwd length = 5
      map to guest = Never
      null passwords = No
      obey pam restrictions = No
      password server = 192.168.100.4
      smb passwd file = /etc/samba/private/smbpasswd
      root directory =
      pam password change = No
      passwd program = /usr/bin/passwd
      passwd chat = *new*password* %n\n *new*password* %n\n *changed*
      passwd chat debug = No
      username map =
      password level = 0
      username level = 0
      unix password sync = No
      restrict anonymous = No
      lanman auth = Yes
      use rhosts = No
      ssl = No
      ssl hosts =
      ssl hosts resign =
      ssl CA certDir = /etc/ssl/certs
      ssl CA certFile =
      ssl server cert =
      ssl server key =
      ssl client cert =
      ssl client key =
      ssl egd socket =
      ssl entropy file =
      ssl entropy bytes = 256
      ssl require clientcert = No
      ssl require servercert = No
      ssl ciphers =
      ssl version = ssl2or3
      ssl compatibility = No
      admin log = No
      log level = 0
      syslog = 1
      syslog only = No
      log file = /var/log/samba.%m
      max log size = 50
      timestamp logs = Yes
      debug hires timestamp = No
      debug pid = No
      debug uid = No
      protocol = NT1
      large readwrite = Yes
      max protocol = NT1
      min protocol = CORE
      read bmpx = No
      read raw = Yes
      write raw = Yes
      acl compatibility =
      nt smb support = Yes
      nt pipe support = Yes
      nt status support = Yes
      announce version = 4.9
      announce as = NT
      max mux = 50
      max xmit = 16644
      name resolve order = lmhosts host wins bcast
      max ttl = 259200
      max wins ttl = 518400
      min wins ttl = 21600
      time server = No
      unix extensions = No
      change notify timeout = 60
      deadtime = 0
      getwd cache = Yes
      keepalive = 300
      lpq cache time = 10
      max smbd processes = 0
      max disk size = 0
      max open files = 10000
      name cache timeout = 660
      read size = 16384
      socket options = TCP_NODELAY
      stat cache size = 50
      use mmap = Yes
      total print jobs = 0
      load printers = Yes
      printcap name = /etc/printcap
      disable spoolss = No
      enumports command =
      addprinter command =
      deleteprinter command =
      show add printer wizard = Yes
      os2 driver map =
      strip dot = No
      mangling method = hash
      character set =
      mangled stack = 50
      stat cache = Yes
      domain admin group =
      domain guest group =
      machine password timeout = 604800
      add user script =
      delete user script =
      logon script =
      logon path = \\%N\%U\profile
      logon drive =
      logon home = \\%N\%U
      domain logons = No
      os level = 20
      lm announce = Auto
      lm interval = 60
      preferred master = Auto
      local master = Yes
      domain master = No
      browse list = Yes
      enhanced browsing = Yes
      dns proxy = No
      wins proxy = No
      wins server = 192.168.100.4
      wins support = No
      wins hook =
      kernel oplocks = Yes
      lock spin count = 3
      lock spin time = 10
      oplock break wait time = 0
      add share command =
      change share command =
      delete share command =
      config file =
      preload =
      lock dir = /var/cache/samba
      pid directory = /var/run/samba
      utmp directory =
      wtmp directory =
      utmp = No
      default service =
      message command =
      dfree command =
      valid chars =
      remote announce =
      remote browse sync =
      socket address = 0.0.0.0
      homedir map =
      time offset = 0
      NIS homedir = No
      source environment =
      panic action =
      hide local users = No
      host msdfs = No
      winbind uid =
      winbind gid =
      template homedir = /home/%D/%U
      template shell = /bin/false
      winbind separator = \
      winbind cache time = 15
      winbind enum users = Yes
      winbind enum groups = Yes
      winbind use default domain = No
      comment =
      path =
      alternate permissions = No
      username =
      guest account = nobody
      invalid users =
      valid users =
      admin users =
      read list =
      write list =
      printer admin =
      force user =
      force group =
      read only = Yes
      create mask = 0744
      force create mode = 00
      security mask = 0777
      force security mode = 00
      directory mask = 0755
      force directory mode = 00
      directory security mask = 0777
      force directory security mode = 00
      force unknown acl user = 00
      inherit permissions = No
      inherit acls = No
      guest only = No
      guest ok = No
      only user = No
      hosts allow =
      hosts deny =
      status = Yes
      nt acl support = Yes
      profile acls = No
      block size = 1024
      max connections = 0
      min print space = 0
      strict allocate = No
      strict sync = No
      sync always = No
      write cache size = 0
      max print jobs = 1000
      printable = No
      postscript = No
      printing = bsd
      print command = lpr -r -P%p %s
      lpq command = lpq -P%p
      lprm command = lprm -P%p %j
      lppause command =
      lpresume command =
      queuepause command =
      queueresume command =
      printer name =
      use client driver = No
      default devmode = No
      printer driver =
      printer driver file = /etc/samba/printers.def
      printer driver location =
      default case = lower
      case sensitive = No
      preserve case = Yes
      short preserve case = Yes
      mangle case = No
      mangling char = ~
      hide dot files = Yes
      hide unreadable = No
      delete veto files = No
      veto files =
      hide files =
      veto oplock files =
      map system = No
      map hidden = No
      map archive = Yes
      mangled names = Yes
      mangled map =
      browseable = Yes
      blocking locks = Yes
      csc policy = manual
      fake oplocks = No
      locking = Yes
      oplocks = Yes
      level2 oplocks = Yes
      oplock contention limit = 2
      posix locking = Yes
      strict locking = No
      share modes = Yes
      copy =
      include =
      exec =
      preexec close = No
      postexec =
      root preexec =
      root preexec close = No
      root postexec =
      available = Yes
      volume =
      fstype = NTFS
      set directory = No
      wide links = Yes
      follow symlinks = Yes
      dont descend =
      magic script =
      magic output =
      delete readonly = No
      dos filemode = No
      dos filetimes = No
      dos filetime resolution = No
      fake directory create times = No
      vfs object =
      vfs options =
      msdfs root = No

[homes]
      comment = Home Directories
      read only = No
      browseable = No

[printers]
      comment = All Printers
      path = /var/spool/samba
      printable = Yes
      browseable = No

[htdocs]
      path = /var/www/htdocs
      read only = No

[man]
      comment = Man
      path = /usr/man
      read only = No
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 10662127
it remembers me the VASC (Very Advance Samba Configuration)

which is very old =)

try with a different smb.conf, but with only the minimum. for all the other, the defaults are okay.
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10662200
this smaller one does not work either
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/03/22 16:15:55

# Global parameters
[global]
    log file = /var/log/samba.%m
    dns proxy = No
    netbios name = SLACK91
    server string = Slackware 9.1
    wins server = 192.168.100.4
    workgroup = dmg2k
    os level = 20
    domain master = yes
    encrypt passwords = yes
    security = domain
    ssl ca certdir = /etc/ssl/certs
    max log size = 50

[homes]
    comment = Home Directories
    read only = No
    browseable = No

[printers]
    comment = All Printers
    path = /var/spool/samba
    printable = Yes
    browseable = No

[htdocs]
    writeable = yes
    path = /var/www/htdocs


[man]
    comment = Man
    writeable = yes
    path = /usr/man
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10667485
oh I figured it out. I never double checked the folder permissions. I was focusing on the share permissions.
I used KDE to giv ethe group write access to the folder but I was wondering if chmod would be a better way and does that allow me to specify a specific user or jsut the owner of the file/folder?
thanks
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 250 total points
ID: 10707150
use chown

and chmod 4xxx (to make suid in the folders)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Creating a Samba server for a small office. Ubuntu Linux and Samba can breathe new life into a retired PC and save an office money on new hardware/software. Our example server will have two hard disks, one exclusively for storing shared data. …
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question