Solved

could not fetch trust account password for domain

Posted on 2004-03-22
9
11,456 Views
Last Modified: 2013-12-05
I am running slackware 9.1, Samba version 2.28
I joined my windows 2000 domain just fine.
However I setup a user to access a share I created in samba and I still get the could not fetch trust account password for domain error showing up in the log.
Now since I used the administrator account to join the domain do I need to have the administrato account setup on the Slackware machine?
0
Comment
Question by:kkiedrowski
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 10654263
did you added the machine account?

here is a mini how to for PDC

http://daniel.fiser.cz/?go=samba
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10657548
I do not want to setup the Linux machine as a PDC. I have it setup to just be a member server in a windows 2000 domain.
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 10660087
then maybe the error shown
"However I setup a user to access a share I created in samba and I still get the could not fetch trust account password for domain error showing up in the log."

it's because your winbindd is not configured yet ?
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 2

Author Comment

by:kkiedrowski
ID: 10660654
I would think that that was it except I can write fine to the home direcotry just not any new share I create. No once again I seem to have lost myself
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10660799
here is my samba config incase i did it wrong

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/03/23 14:29:55

# Global parameters
[global]
      coding system =
      client code page = 850
      code page directory = /etc/codepages
      workgroup = DMG2K
      netbios name = SLACK91
      netbios aliases =
      netbios scope =
      server string = Slackware 9.1
      interfaces =
      bind interfaces only = No
      security = DOMAIN
      encrypt passwords = Yes
      update encrypted = No
      allow trusted domains = Yes
      hosts equiv =
      min passwd length = 5
      map to guest = Never
      null passwords = No
      obey pam restrictions = No
      password server = 192.168.100.4
      smb passwd file = /etc/samba/private/smbpasswd
      root directory =
      pam password change = No
      passwd program = /usr/bin/passwd
      passwd chat = *new*password* %n\n *new*password* %n\n *changed*
      passwd chat debug = No
      username map =
      password level = 0
      username level = 0
      unix password sync = No
      restrict anonymous = No
      lanman auth = Yes
      use rhosts = No
      ssl = No
      ssl hosts =
      ssl hosts resign =
      ssl CA certDir = /etc/ssl/certs
      ssl CA certFile =
      ssl server cert =
      ssl server key =
      ssl client cert =
      ssl client key =
      ssl egd socket =
      ssl entropy file =
      ssl entropy bytes = 256
      ssl require clientcert = No
      ssl require servercert = No
      ssl ciphers =
      ssl version = ssl2or3
      ssl compatibility = No
      admin log = No
      log level = 0
      syslog = 1
      syslog only = No
      log file = /var/log/samba.%m
      max log size = 50
      timestamp logs = Yes
      debug hires timestamp = No
      debug pid = No
      debug uid = No
      protocol = NT1
      large readwrite = Yes
      max protocol = NT1
      min protocol = CORE
      read bmpx = No
      read raw = Yes
      write raw = Yes
      acl compatibility =
      nt smb support = Yes
      nt pipe support = Yes
      nt status support = Yes
      announce version = 4.9
      announce as = NT
      max mux = 50
      max xmit = 16644
      name resolve order = lmhosts host wins bcast
      max ttl = 259200
      max wins ttl = 518400
      min wins ttl = 21600
      time server = No
      unix extensions = No
      change notify timeout = 60
      deadtime = 0
      getwd cache = Yes
      keepalive = 300
      lpq cache time = 10
      max smbd processes = 0
      max disk size = 0
      max open files = 10000
      name cache timeout = 660
      read size = 16384
      socket options = TCP_NODELAY
      stat cache size = 50
      use mmap = Yes
      total print jobs = 0
      load printers = Yes
      printcap name = /etc/printcap
      disable spoolss = No
      enumports command =
      addprinter command =
      deleteprinter command =
      show add printer wizard = Yes
      os2 driver map =
      strip dot = No
      mangling method = hash
      character set =
      mangled stack = 50
      stat cache = Yes
      domain admin group =
      domain guest group =
      machine password timeout = 604800
      add user script =
      delete user script =
      logon script =
      logon path = \\%N\%U\profile
      logon drive =
      logon home = \\%N\%U
      domain logons = No
      os level = 20
      lm announce = Auto
      lm interval = 60
      preferred master = Auto
      local master = Yes
      domain master = No
      browse list = Yes
      enhanced browsing = Yes
      dns proxy = No
      wins proxy = No
      wins server = 192.168.100.4
      wins support = No
      wins hook =
      kernel oplocks = Yes
      lock spin count = 3
      lock spin time = 10
      oplock break wait time = 0
      add share command =
      change share command =
      delete share command =
      config file =
      preload =
      lock dir = /var/cache/samba
      pid directory = /var/run/samba
      utmp directory =
      wtmp directory =
      utmp = No
      default service =
      message command =
      dfree command =
      valid chars =
      remote announce =
      remote browse sync =
      socket address = 0.0.0.0
      homedir map =
      time offset = 0
      NIS homedir = No
      source environment =
      panic action =
      hide local users = No
      host msdfs = No
      winbind uid =
      winbind gid =
      template homedir = /home/%D/%U
      template shell = /bin/false
      winbind separator = \
      winbind cache time = 15
      winbind enum users = Yes
      winbind enum groups = Yes
      winbind use default domain = No
      comment =
      path =
      alternate permissions = No
      username =
      guest account = nobody
      invalid users =
      valid users =
      admin users =
      read list =
      write list =
      printer admin =
      force user =
      force group =
      read only = Yes
      create mask = 0744
      force create mode = 00
      security mask = 0777
      force security mode = 00
      directory mask = 0755
      force directory mode = 00
      directory security mask = 0777
      force directory security mode = 00
      force unknown acl user = 00
      inherit permissions = No
      inherit acls = No
      guest only = No
      guest ok = No
      only user = No
      hosts allow =
      hosts deny =
      status = Yes
      nt acl support = Yes
      profile acls = No
      block size = 1024
      max connections = 0
      min print space = 0
      strict allocate = No
      strict sync = No
      sync always = No
      write cache size = 0
      max print jobs = 1000
      printable = No
      postscript = No
      printing = bsd
      print command = lpr -r -P%p %s
      lpq command = lpq -P%p
      lprm command = lprm -P%p %j
      lppause command =
      lpresume command =
      queuepause command =
      queueresume command =
      printer name =
      use client driver = No
      default devmode = No
      printer driver =
      printer driver file = /etc/samba/printers.def
      printer driver location =
      default case = lower
      case sensitive = No
      preserve case = Yes
      short preserve case = Yes
      mangle case = No
      mangling char = ~
      hide dot files = Yes
      hide unreadable = No
      delete veto files = No
      veto files =
      hide files =
      veto oplock files =
      map system = No
      map hidden = No
      map archive = Yes
      mangled names = Yes
      mangled map =
      browseable = Yes
      blocking locks = Yes
      csc policy = manual
      fake oplocks = No
      locking = Yes
      oplocks = Yes
      level2 oplocks = Yes
      oplock contention limit = 2
      posix locking = Yes
      strict locking = No
      share modes = Yes
      copy =
      include =
      exec =
      preexec close = No
      postexec =
      root preexec =
      root preexec close = No
      root postexec =
      available = Yes
      volume =
      fstype = NTFS
      set directory = No
      wide links = Yes
      follow symlinks = Yes
      dont descend =
      magic script =
      magic output =
      delete readonly = No
      dos filemode = No
      dos filetimes = No
      dos filetime resolution = No
      fake directory create times = No
      vfs object =
      vfs options =
      msdfs root = No

[homes]
      comment = Home Directories
      read only = No
      browseable = No

[printers]
      comment = All Printers
      path = /var/spool/samba
      printable = Yes
      browseable = No

[htdocs]
      path = /var/www/htdocs
      read only = No

[man]
      comment = Man
      path = /usr/man
      read only = No
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 10662127
it remembers me the VASC (Very Advance Samba Configuration)

which is very old =)

try with a different smb.conf, but with only the minimum. for all the other, the defaults are okay.
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10662200
this smaller one does not work either
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/03/22 16:15:55

# Global parameters
[global]
    log file = /var/log/samba.%m
    dns proxy = No
    netbios name = SLACK91
    server string = Slackware 9.1
    wins server = 192.168.100.4
    workgroup = dmg2k
    os level = 20
    domain master = yes
    encrypt passwords = yes
    security = domain
    ssl ca certdir = /etc/ssl/certs
    max log size = 50

[homes]
    comment = Home Directories
    read only = No
    browseable = No

[printers]
    comment = All Printers
    path = /var/spool/samba
    printable = Yes
    browseable = No

[htdocs]
    writeable = yes
    path = /var/www/htdocs


[man]
    comment = Man
    writeable = yes
    path = /usr/man
0
 
LVL 2

Author Comment

by:kkiedrowski
ID: 10667485
oh I figured it out. I never double checked the folder permissions. I was focusing on the share permissions.
I used KDE to giv ethe group write access to the folder but I was wondering if chmod would be a better way and does that allow me to specify a specific user or jsut the owner of the file/folder?
thanks
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 250 total points
ID: 10707150
use chown

and chmod 4xxx (to make suid in the folders)
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In order for businesses to be compliant with certain information security laws in some countries, you need to be able to prove that a user (which user it was becomes important to the business to take action against the user after an event has occurr…
You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question