Unable to join Win2k Pro SP2 to Samba 2.2.2 PDC

security at zule.ne.mediaone.net security at zule.ne.mediaone.net
Wed Jan 9 06:05:12 GMT 2002 

Thanks,
	As far as the add user script is concerned, I had not gotten
the point of impelementing that yet. In the mean time I just manually add
users using the "useradd" command and then execute the command:
smbpasswd -a "username"
smbpasswd -e "username"

	Here is the root entry in the smbpasswd file, I just did not send
it with the original post:

root:0:AAD3B435B51404EEAAD3B435B51404EE:31D6CFE0D16AE931B73C59D7E0C089C0:[U
]:LCT-3C3A1FE6:root,,,

Thanks again,
-Mark
On 9 Jan 2002, Kohei Yoshida wrote:

> On Wed, 2002-01-09 at 08:31, security at zule.ne.mediaone.net wrote:
> > Hello,
> > 	I have Samba 2.2.2 running on RedHat 7.1 acting as a PDC. I have
> > successfully joined Win98 as well as NT4.0 stations into this domain but
> > have been unable join any w2k devices. I have attempted both Pro and
> > Server, with and without service packs. A sniffer trace shows that
> > everytime the w2k machine tries to join the domain the PDC responds with
> > NetLogon command 15 "Station not in Domain's Computer List". The win2k
> > device just responds with a generic message along the lines of
> > incorrect password or the domain cannot be contacted. Now I have been
> > actively following
> > the mailing lists and have attempted just about every suggestion that
> > anyone has made in the past, but to no avail. If anyone has any
> > suggestions I would greatly appreciate it. 
> > 
> > Best Regards,
> > -Mark Persons
> 
> I found at least two things that are lacking here.  One is "add user
> script" parameter in your global section, and a password entry for root
> in your smbpasswd file (the password doesn't have to match the one in
> /etc/passwd).  IIRC these two things are not necessary to have Win9x/ME
> or WinNt clients, but you need them for win2k clients.  In other words,
> you can't manually create machine accounts for win2k.
> 
> For details go to
> 
> http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.html#SAMBA-PDC
> 
> and look under section 8.4.2.
> 
> Kohei
> 
> > # Global parameters
> > [global]
> >         workgroup = XX
> >         netbios name = kane
> >         wins server = 172.16.200.203
> > #       wins server = 172.16.200.208
> >         interfaces = 172.16.200.203 127.0.0.1
> >         bind interfaces only = yes
> >         preferred master = yes
> >         domain master = yes
> >         local master = yes
> > #       OS Level = 34
> >         OS Level = 64
> >        # remote announce = zeus
> >         server string = Unix SMB Server on %h v%v
> >         security = USER
> >        # password server = apollo
> >         encrypt passwords = yes
> >         password level = 2
> >         max log size = 100
> >         dns proxy = No
> >         restrict anonymous = no
> >         name resolve order = lmhosts wins host bcast
> >         create mask = 0777
> >         force directory mode = 0777
> >         locking = yes
> >         log level = 2
> >         log file = /var/log/samba/samba.log.%m
> >         domain admin group = @wheel
> >         domain logons = yes
> > # These are the things I added from Dejanews
> > #       max xmit = 65535
> > #       strict sync = no
> > #       strict locking = no
> > #       hide files = no
> > #       read raw = yes
> > #       write raw = yes
> > #       oplocks = yes
> > #       dead time = 15
> >         status = yes
> > 
> > 
> >         socket options = TCP_NODELAY IPTOS_LOWDELAY
> >         ; Security and file integrity related options
> >         ;       Strict locking is available for paranoid locking
> > situations only
> >         ;        enabling this severely degrades read / write performance.
> >         ;       strict locking = yes
> >         ;       fake oplocks = yes
> >         #share modes = yes
> >         #veto files = /lost*/
> >         #local master = no
> > 
> > [netlogon]
> >         path=/usr/local/samba/lib/netlogon
> >         writeable = no
> >         write list = ntadmin
> > 
> > #
> > # This is for automounted home dir's to appear in explorer windows
> > #        homedir map = auto.home
> > #        NIS homedir = yes
> > [homes]
> > comment = Home Directories
> > read only = No
> > browseable = No
> > 
> > #########################################################################################
> > smbpasswd file:
> > 
> > 
> > PC16$:602:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
> > ]:LCT-00000000:PC16 PDCacct.
> > NT1$:606:5AA6327063FA3C030040A3697CF771AB:5AA6327063FA3C030040A3697CF771AB:[W
> > ]:LCT-3C027E47:
> > PEPSI$:608:6FD92534BFEC8274AAD3B435B51404EE:6FC5929356B92633861B4610B93BDF61:[W
> > ]:LCT-3C02A4A7:
> > WPI1$:611:1AA2440BF558D6DB6B04BED96CEF7A9A:1AA2440BF558D6DB6B04BED96CEF7A9A:[W
> > ]:LCT-3C0C030F:
> > mark123456789123456789:613:36F821466A974D4DAAD3B435B51404EE:E95F5EE42AB18DC4D888C0E01185EDDF:[UX
> > ]:LCT-3C1693D2:
> > NT8$:615:AD8B1B2EBCC270E14BBF4C76B543B521:AD8B1B2EBCC270E14BBF4C76B543B521:[W
> > ]:LCT-3C17B697:
> > NT4$:616:E756DE8A52AB0E43A2C5E4312B855720:E756DE8A52AB0E43A2C5E4312B855720:[W
> > ]:LCT-3C17B682:
> > test1:617:E88D94D6EBD10FC7AAD3B435B51404EE:AACD12D27C87CAC8FC0B8538AED6F058:[UX
> > ]:LCT-3C18CE62:
> > NAS1$:621:CDB971CFC905E273B8AE461DCB9ABAB3:CDB971CFC905E273B8AE461DCB9ABAB3:[W
> > ]:LCT-3C3A2631:
> > NAS3$:622:78F0B678048D3E85945A9FB83D0882C9:78F0B678048D3E85945A9FB83D0882C9:[W
> > ]:LCT-3C3A2B6B:
> > NAS2$:623:4A6C776B39FDD6B42B5C67ABC85AAE9C:4A6C776B39FDD6B42B5C67ABC85AAE9C:[W
> > ]:LCT-3C3A1E4C:
> > test2:624:E3FDADCB358C2967AAD3B435B51404EE:0E8231621F574D3636255FF36DD86C9C:[UX
> > ]:LCT-3C3A1FFB:
> > test3:625:3DB7B914FAE75EC0AAD3B435B51404EE:ED78E4BEE2001D143286284067C3BE3F:[UX
> > ]:LCT-3C3A299D:
> > ACTON$:626:83E65F76765BC107AAD3B435B51404EE:5C0598D154404189430AECE40C351C50:[W
> > ]:LCT-00000000:
> > 
> > 
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > 
> 
>

More information about the samba mailing list