[Samba] Samba as PDC with WinXP Clients -> headache!!
Alex King
alex at king.net.nz
Thu Jun 5 09:50:58 GMT 2003
I'm having the same problems as Daniel Zeiss, hence the message with the
same subject!
As is the case with Daniel, I'm having very unsatisfacory performance
with Samba as PDC and WinXP (Pro) clients.
Basically, XP machines seem to join the domain OK, but then fall off at
random, and tell me that no domain controler is available, without any
apparant network activity.
I'm using 2.2.8a, with "normal" encrypted passwords (no LDAP).
I have essentially the same setup at several sites. I'm not the first
point of contact at any of the sites, but unfortunately I'm responsible
for making samba work at all of them. Access to the sites (and direct
experience of the problems as opposed to user reports) is relatively
difficult. Also the different sites have different first-port-of-call
administrators, and probably very different usage patterns....
At one site ("the good site") there are around 13 XP workstations no
other windows machines. I seldom hear of any problems at this site.
However I know the administrator here is routinely reinstalls XP (and
re-joins the domain) whenever there is a problem.
I've also heard that they sometimes have the "can't log in" problem, and
have solved it by re-joining the domain. I'm not sure exactly how
frequent this is because I'm not always told.
Historically most of the sites have been on 95/98, and most probably
still have a majority of 98 machines, but lately most of them also have
a few XP machines as well.
Again I am hamstrung by limited direct experience at these sites, but it
appears that the "no domain controler" error happens at these sites too.
Usually re-joining the domain solves this issue, but some clients seem
not to be able to join the domain at all, or only after repeated
attempts.
My setup runs a logon script, which syncs the workstation time and maps
certain shares ("NET USE... etc.") according to the user logged in.
The scripts are different according to the windows client architecture.
Win 95 script looks like:
NET TIME \\SERVER /YES /SET
NET USE H: /home
NET USE S: \\SERVER\STORAGE
NET USE W: \\SERVER\WEBSITE
...
(maps 11 drives)
WinNT and Win2K scripts are the same:
NET TIME \\SERVER /YES /SET
NET USE H: \\SERVER\alex
NET USE S: \\SERVER\STORAGE
NET USE W: \\SERVER\WEBSITE
...
(I assume XP appears as the 2K archetecture in the %a samba config
variable substitution)
We have a problem with some XP machines which seem to be partially
working... they log in but don't run the sripts. They map the home
drive as Z, but don't get any further....
I really need to get these problems sorted, if anyone can offer any
general debugging advice please feel free. I have tried a few
times to go onsite and "sort it once and for all", spending many hours
on it searching google etc. but always hitting a brick wall. I've tried
increasing the log level, packet dumps etc, but never get anything
useful.
Alex
smb.conf follows:
# Samba configuration file
[global]
workgroup = WORKGROUP
debug level = 1
# interfaces = eth* ppp* _SAMBATUNLIF_
hosts allow = 127.0.0.1 : 192.168.2.0/255.255.255.0
hosts deny = 0.0.0.0/0.0.0.0
printing = bsd
printcap name = /etc/printcap
hide files = AppleVolumes
load printers = yes
guest account = nobody
# invalid users = root
security = user
server string = %h server (Samba %v)
# socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
encrypt passwords = yes
smbpasswd file = /etc/smbpasswd
wins support = yes
os level = 65
domain master = yes
local master = yes
preferred master = yes
logon script = %a\%U.bat
logon drive = Z:
logon home = "\\%N\%U\profile"
logon path = "\\%N\NTPROFILE\%U"
dns proxy = no
preserve case = yes
short preserve case = yes
domain logons = yes
unix password sync = false
add user script = /usr/sbin/useradd -d /dev/null -g users -s
/bin/false %u
domain admin group = alex, blair, root
[homes]
comment = Home
browseable = no
read only = no
create mask = 0600
directory mask = 0700
[netlogon]
path = /var/shares/netlogon
writeable = no
guest ok = no
[ntprofile]
comment = NT Profiles
writable = yes
path = /var/shares/ntprofile
create mask = 600
directory mask = 700
[website]
comment = Web site
writeable = yes
valid users = @website
force group = website
path = /var/shares/website
create mask = 664
directory mask = 775
[intranet]
comment = Intranet
writeable = yes
valid users = @intranet
force group = intranet
path = /var/www
create mask = 664
directory mask = 775
[storage]
comment = Storage
writable = no
write list = @storage
force group = storage
path = /extra/storage
create mask = 664
directory mask = 775
....
(more shares)
More information about the samba
mailing list