[Samba] Samba 2.2.5 PDC doesn't trust Win2K Pro (really!)
The Cisco Kid
cisco at furniture-pro.com
Mon Jul 29 14:37:02 GMT 2002
Hello all,
I have compiled samba 2.2.5 on SCO openserver 5.0.5 as a PDC. My Win9X
clients have no problem accessing the shares and all is happy. However,
Win2K clients can join the domain, I see the computer/machine account that
automatically gets created in the smbpasswd file a-ok.
After the win2k client joins the domain, and the client reboots, the client
can't log in. I get this error message from the w2k client:
The system can not log you on to this domain because the system's computer
account in its primary domain is missing or the password on that account is
incorrect.
Well I can see the account in both smbpasswd and /etc/passwd file so we know
the account isn't missing. I suspect there is no trust relationship being
established. Can anyone point me in the right direction on this one. I
need to be able log into the domain on a w2kpro client after it has joined
the domain. Please help!!
--mike
Here's what my smb.conf looks like:
[global]
netbios name = TESTBED
workgroup = FP
server string = Samba Server
; hosts allow = 192.168.1. 192.168.2.0./24 192.168.3.0/255.255.255.0
127
.0.0.1
# Uncomment this if you want a guest account, you must add this to
/etc/
passwd
# otherwise the user "nobody" is used
; guest account = pcguest
log file = /usr/adm/samba/log.%m
; log level = 1
max log size = 500
security = user
# SO_RCVBUF=8192 SO_SNDBUF=8192
# socket options = TCP_NODELAY
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Should smbd report that it has MS-DFS Capabilities? Only available
# if --with-msdfs was passed to ./configure
; host msdfs = yes
local master = yes
os level = 64
domain master = yes
preferred master = yes
wins support = yes
; wins server = w.x.y.z
wins proxy = yes
dns proxy = no
enhanced browsing=yes
password server = testbed
encrypt passwords = yes
; obey pam restrictions = yes
#unix passwword sync = yes
; passwd chat = <custom chat string>
; pam password change = yes
encrypt passwords = yes
; obey pam restrictions = yes
#unix passwword sync = yes
; passwd chat = <custom chat string>
; pam password change = yes
domain admin group = root @root
domain logons = yes
; logon script = %m.bat
logon script = %U.bat
logon path = \\%L\Profiles\%U
logon home = \\%L\%U
logon drive = H:
load printers = yes
; printcap name = /etc/printcap
; printcap name = lpstat
; printing = bsd
; disable spoolss = yes
; printer admin = root, +ntadmin
; winbind uid = 10000-65000
; winbind gid = 10000-65000
; winbind template homedir = /home/%D/%U
; winbind template shell = /bin/sh
# What character should be used to separate the DOMAIN and Username
# for a Windows user. The default is DOMAIN\user, but many people
# prefer DOMAIN+user
; winbind separator = \
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
[netlogon]
comment = Network Logon Service
path = /usr/gnu/samba/lib/netlogon
guest ok = yes
writable = no
share modes = no
write list = root
[Profiles]
path = /usr/gnu/samba/profiles
browseable = no
guest ok = yes
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = yes
writable = no
printable = yes
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
;[dfsroot]
; dfs root = yes
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @staff
~
~
More information about the samba
mailing list