…you spend half an hour banging your head against the virtual wall.
Many months ago on my blog I suggested that I would do “Tuesday technical tips” – quick little bits of advice. It’s been ages since I’ve done so, then today – being a Tuesday I came across the problem as described in the title and first line of this post. If they mean nothing to you then stop reading (there will be something less geeky coming along soon.)
Here’s the senerio:
Linux server running Samba 3 as Windows Domain Controller
“New” windows xp pro workstation I want to add to the domain
All very simple – go into ‘network identification’ on the windows box, type in the relevant computer name and domain, click okay, get prompted for user name/password of an account with permissions to add workstation to the domain, type in ‘root’ as username and my carefully crafted password and rather then getting the ‘Welcome to the<NAME OF DOMAIN> domain’ message I’m expecting, I get an ‘Access Denied’ error message.
So I though, as I’m adding a ‘new’ machine, but reusing an old computer name, perhaps I need to delete the ‘old’ machine’s ‘workstation trust account’, so off I go and delete the <MACHINENAME>$ account in both the linux users and samba users list and so that the system would recreate them automatically. Still no joy.
Many tweaks later I suddenly twigged. As a good system administrator I recently changed all the passwords on our systems. This included the root password on the server. What I’d done is changed the linux ‘root’ user password, but not the password of the user ‘root’ in the samba password file. On entering my old root password into the windows ‘join domain’ window it all worked as expected.
Lesson learnt – if you change your linux passwords you need to change your samba passwords as well (or take measures to sync the two if needed or one of many other permutations of actions you might like which I’ll leave as an exercise for the reader.).