cant authenticate to pdc - lost trust relationship
got a server that has suddenly lost its trust relationship with pdc.
The smb.conf file on the rogue machine looks like:
passdb backend = ldapsam:ldap://pdc
ldap user suffix = ou=Users,dc=network,dc=och
ldap suffix = dc=medphy,dc=och
ldap admin dn = "cn=Manager,dc=network,dc=och"
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap suffix = dc=network,dc=och
tailing the logs on the rogue machine gives:
Mar 23 09:55:51 rogue smbd[18717]: [2005/03/23 09:55:51, 0] auth/auth_domain.c:domain_client_validate(170)
Mar 23 09:55:51 rogue smbd[18717]: domain_client_validate: Domain password server not available.
Mar 23 09:55:58 rogue smbd[18717]: [2005/03/23 09:55:58, 0] auth/auth_domain.c:connect_to_domain_password_server(118)
Mar 23 09:55:58 rogue smbd[18717]: connect_to_domain_password_server: unable to setup the NETLOGON credentials to machine PDC. Error was : NT_STATUS_ACCESS_DENIED.
I have checked to ensure that there is only one entry in the passwd file with the id that the rogue machine has, and that the name doesn't appear twice either.
my smb.conf file also says that "If the "ldap admin dn" values
change, this password will need to be reset." - but this doesn't look to be the case.
Anybody got any ideas on how to sort this? I dont know much about LDAP - my boss set it up and he is on holiday! Any help or suggestions would be ever so greatly appreciated!
|