Update:
Apple Enterprise tech support suggested stopping the Windows service, deleting the secrets.tdb file, and restarting the service, which creates a new secrets.tdb.
From previous experience, I know that this creates a new Windows domain SID, which causes the bound clients to think it’s a new domain. But just for the heck of it, I backed up secrets.tdb and tried this. Same thing with the new secrets.tdb; Win clients failed to join the domain with the “access denied” error.
So then I stopped the Win service again, deleted everything in var/samba and var/db/samba EXCEPT secrets.tdb, and restarted.
Now, I’m getting a different error when I try and bind to the domain. Not sure if this is progress or not:
“The following error occurred attempting to join the domain UAB-CELLBIO:
No mapping between account names and security IDs was done.”
Anyone seen this before? I found some Samba docs suggesting that the workstation name should be all lower case as a fix for this. However, it already is lower case, and this makes no difference.
Eric
Recent Comments