[Samba] Probs joining Samba PDC with WinXP
Patrick Flohr
Flohr.P at t-online.de
Wed Jul 23 11:43:48 GMT 2003
some little success :-),
using the administrator accout generates a machine accout in smbpasswd
(without a password)
and xp returned access denied (i think because of the missing pw).
I won't bother you, but maybe you got one more hint?
thx
Marian Mlcoch, Ing wrote:
>Try last create another admin user for samba no root.
>useradd administrator (this create user and group administrator i mean)
>smbpasswd -a administrator
>
>in conf change
>domain admin group = administrator @administrator
>
>This try first:
>remove admin users = root from global section this is service parameter!
>
>Go...
>
>----- Original Message -----
>From: "Patrick Flohr" <Flohr.P at t-online.de>
>To: <samba at lists.samba.org>
>Sent: Wednesday, July 23, 2003 12:22 PM
>Subject: Re: [Samba] Probs joining Samba PDC with WinXP
>
>
>
>
>>Hi,
>>i added the line to my conf, but still unable to login as root (except
>>swat).
>>Had a look at the docs but found nothing new.
>>i also tried the following add user script:
>>/usr/sbin/useradd -d /dev/null -g workstations -s /bin/false -M %u
>>
>>cu
>>Patrick
>>
>>
>>Marian Mlcoch, Ing wrote:
>>
>>
>>
>>>Add to your conf
>>>domain admin group = root
>>>
>>>if u use swat try read this and check add user script:
>>>http://ipofsamba:901/swat/help/Samba-PDC-HOWTO.html
>>>
>>>Bye.
>>>
>>>----- Original Message -----
>>>From: "Patrick Flohr" <Flohr.P at t-online.de>
>>>To: <samba at lists.samba.org>
>>>Sent: Wednesday, July 23, 2003 11:21 AM
>>>Subject: Re: [Samba] Probs joining Samba PDC with WinXP
>>>
>>>
>>>
>>>
>>>
>>>
>>>>Marian Mlcoch, Ing wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>Try add user root to smbpasswd and remove manual created machine
>>>>>
>>>>>
>acounts.
>
>
>>>>>When join to domain dialog XP apear you use root and root smbpass to
>>>>>
>>>>>
>join
>
>
>>>>>machine or any admin user listed in admin user smb.conf.
>>>>>Machine acc will be createxd automatic.Bye.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>I tried and faild, XP give me the error "unknown user or invalid
>>>>password" (as before, try to join the domain);
>>>>logs on the samba box ==> no workstation account in the domain.
>>>>It seems like a problem with the root accout because i can login to the
>>>>shares with every normal user account.
>>>>Since updating the smb.conf it takes a few minutes to log out from xp.
>>>>
>>>>bye
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>----- Original Message -----
>>>>>From: "Patrick Flohr" <Flohr.P at t-online.de>
>>>>>To: <samba at lists.samba.org>
>>>>>Sent: Wednesday, July 23, 2003 10:12 AM
>>>>>Subject: Re: [Samba] Probs joining Samba PDC with WinXP
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>Thx for checking the conf, i made the following changes:
>>>>>>update encrypted = no
>>>>>>security = user
>>>>>>
>>>>>>after restarting samba i tried again to join the domain with the same
>>>>>>result as describben below.
>>>>>>Browsing the domain and accessing the shares is and was allwasy
>>>>>>
>>>>>>
>possible
>
>
>>>>>>by giving user/pw except root.
>>>>>>any clues?
>>>>>>
>>>>>>Marian Mlcoch, Ing wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>In your conf is error by doc is writed update encrypted (G)
>>>>>>>This boolean parameter allows a user logging on with a plaintext
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>password
>>>
>>>
>>>
>>>
>>>>>>>
>>>>>>>
>>>>>to
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>have their encrypted (hashed) password in the smbpasswd file to be
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>updated
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>automatically as they log on. This option allows a site to migrate
>>>>>>>
>>>>>>>
>from
>
>
>>>>>>>plaintext password authentication (users authenticate with plaintext
>>>>>>>password over the wire, and are checked against a UNIX account
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>database)
>>>
>>>
>>>
>>>
>>>>>>>
>>>>>>>
>>>>>to
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>encrypted password authentication (the SMB challenge/response
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>authentication
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>mechanism) without forcing all users to re-enter their passwords via
>>>>>>>smbpasswd at the time the change is made. This is a convenience
>>>>>>>
>>>>>>>
>option
>
>
>>>>>>>
>>>>>>>
>>>to
>>>
>>>
>>>
>>>
>>>>>>>allow the change over to encrypted passwords to be made over a longer
>>>>>>>period. Once all users have encrypted representations of their
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>passwords
>>>
>>>
>>>
>>>
>>>>>>>
>>>>>>>
>>>>>in
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>the smbpasswd file this parameter should be set to no.
>>>>>>>
>>>>>>>!!!! In order for this parameter to work correctly the encrypt
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>passwords
>>>
>>>
>>>
>>>
>>>>>>>parameter must be set to no !!!! when this parameter is set to yes.
>>>>>>>
>>>>>>>Note that even when this parameter is set a user authenticating to
>>>>>>>
>>>>>>>
>smbd
>
>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>must
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>still enter a valid password in order to connect correctly, and to
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>update
>>>
>>>
>>>
>>>
>>>>>>>their hashed (smbpasswd) passwords.
>>>>>>>
>>>>>>>Default: update encrypted = no
>>>>>>>
>>>>>>>Second in your conf not explicit set security mode to user best is
>>>>>>>
>>>>>>>
>set
>
>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>it.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>Try on xp not join domain and only test as clasic client first. Login
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>as
>>>
>>>
>>>
>>>
>>>>>>>user exist on samba with identic pass and try view and use shares on
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>it.
>>>
>>>
>>>
>>>
>>>>>>>Bye.
>>>>>>>
>>>>>>>----- Original Message -----
>>>>>>>From: "Patrick Flohr" <Flohr.P at t-online.de>
>>>>>>>To: <samba at lists.samba.org>
>>>>>>>Sent: Wednesday, July 23, 2003 9:17 AM
>>>>>>>Subject: Re: [Samba] Probs joining Samba PDC with WinXP
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>Marian Mlcoch, Ing wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>>Have you normal user in smbpasswd file?
>>>>>>>>>
>>>>>>>>>This two commands must be executed for each user...
>>>>>>>>>useradd user
>>>>>>>>>smbpasswd -a user
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>I have normal users in smbpasswd, some with the same user/pw like on
>>>>>>>>
>>>>>>>>
>
>
>
>>>>>>>>
>>>>>>>>
>>>the
>>>
>>>
>>>
>>>
>>>>>>>>xp-client.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>>What is your smb.conf?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>snip
>>>>>>>>--------------------------------------
>>>>>>>># Global parameters
>>>>>>>>[global]
>>>>>>>> workgroup = MEINS
>>>>>>>> server string = %h server (Samba %v)
>>>>>>>> encrypt passwords = Yes
>>>>>>>> update encrypted = Yes
>>>>>>>> passwd program = /usr/bin/passwd %u
>>>>>>>> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
>>>>>>>>*Retype\snew\sUNIX\spassword:* %n\n .
>>>>>>>> syslog = 0
>>>>>>>> log file = /var/log/samba/log.%m
>>>>>>>> max log size = 1000
>>>>>>>> add user script = /usr/sbin/adduser --force-badname --firstuid
>>>>>>>>1005 --gid 900 --disabled-login --no-create-home --quie
>>>>>>>>t --gecos GECOS -M %u
>>>>>>>> logon path = \\%L\profiles\%U
>>>>>>>> logon drive = f:
>>>>>>>> logon home = \\%L\%U\.profile
>>>>>>>> domain logons = Yes
>>>>>>>> os level = 64
>>>>>>>> preferred master = True
>>>>>>>> domain master = True
>>>>>>>> dns proxy = No
>>>>>>>> wins support = Yes
>>>>>>>> admin users = root
>>>>>>>> hosts allow = 192.168.10., 127.0.0.1
>>>>>>>>----------------------------------------
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>>Bye.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>----- Original Message -----
>>>>>>>>>From: "Patrick Flohr" <Flohr.P at t-online.de>
>>>>>>>>>To: <samba at lists.samba.org>
>>>>>>>>>Sent: Wednesday, July 23, 2003 8:43 AM
>>>>>>>>>Subject: [Samba] Probs joining Samba PDC with WinXP
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>Hello,
>>>>>>>>>>
>>>>>>>>>>I'm using Debian 3.0 with Samba 2.2.8a-1.0 when i try to join my
>>>>>>>>>>xp-mashine (xp-pro with sighnorseal patch) to the domain using the
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>root
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>>>>accout
>>>>>>>>>>i get the error: "unknown user or invalid password", but when i
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>connect
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>>>>via swat everything works fine.
>>>>>>>>>>
>>>>>>>>>>i added a mashineaccount to passwd and smbpasswd, trying to join
>>>>>>>>>>
>>>>>>>>>>
>the
>
>
>>>>>>>>>>xp-mashine via a normal user accout fails with
>>>>>>>>>>"access denied", the following lines are taken from the log file:
>>>>>>>>>>
>>>>>>>>>>[2003/07/23 03:22:22, 0]
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>rpc_server/srv_samr.c:api_samr_set_userinfo(670)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>>>api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
>>>>>>>>>>[2003/07/23 03:22:22, 0]
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>passdb/pdb_smbpasswd.c:pdb_getsampwrid(1418)
>>>
>>>
>>>
>>>
>>>>>>>>>>unable to open passdb database.
>>>>>>>>>>
>>>>>>>>>>using the root accout, nothing is loged.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>I hope somebody can help, i try for days.
>>>>>>>>>>Thanks in advance
>>>>>>>>>>
>>>>>>>>>>Patrick Flohr
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>--
>>>>>>>>>>To unsubscribe from this list go to the following URL and read the
>>>>>>>>>>instructions: http://lists.samba.org/mailman/listinfo/samba
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>--
>>>>>>>>To unsubscribe from this list go to the following URL and read the
>>>>>>>>instructions: http://lists.samba.org/mailman/listinfo/samba
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>--
>>>>>>To unsubscribe from this list go to the following URL and read the
>>>>>>instructions: http://lists.samba.org/mailman/listinfo/samba
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>--
>>>>To unsubscribe from this list go to the following URL and read the
>>>>instructions: http://lists.samba.org/mailman/listinfo/samba
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>>--
>>To unsubscribe from this list go to the following URL and read the
>>instructions: http://lists.samba.org/mailman/listinfo/samba
>>
>>
>
>
>
More information about the samba
mailing list