[Samba] Samba 2.2.7 as PDC causing BSOD on 2K domain logon
Tom McKellips
tom at cpty.net
Tue Jun 10 15:01:11 GMT 2003
On Tue, 10 Jun 2003 16:30:11 +0200 (CEST), Anders wrote
> Hello,
>
> Have wrestled this one for about a week, now, getting frustrated ;-)
>
> Running samba as PDC for my domain (cf. smb.conf further down)
> When logging in on my 2K Pro machine, I first get a "can't find
> roaming profile, attempting local profile"-error, but logon using my
> user's smb account accepts only the correct password and so the
> identification part works well.
>
> Next, the screen on my 2K plays the chimes, displays the background
> for a little while, and then the Blue Screen Of Death with the brief
> text "... the windows logon process terminated unexpectedly ..." and
> subsequent automatic reboot.
>
> I'd appreciate any help.
>
> I have some thoughts of what could be wrong, but I'm at road's end
> trying to do something about it, not even knowing if it's the true problem.
>
> Oh, and btw, I've tried two different 2K machines, same result.
>
> Possible errors:
>
> * the user anders-l exists only on the PDC and not locally on the 2K
> machine, hence it could die trying to find a local profile.
>
> * the owner structure on the PDC /home/%U stuff could be messed up
> (see below) (not sure how this would cause the BSOD though)
>
> * the //dl280/profile share doesn't show when listing the shares
> (see below), should it? (also unsure how this would cause the BSOD)
>
> * I've made a darn stupid hum-dinger of a rookie error (and really,
> what better way to expose your ignorance than to post to a list -
> right?)
>
> Follows some helpful(?) stats:
>
> *********************
>
> $ smbclient -L //dl380 -U anders-l
> added interface ip=192.168.0.191 bcast=192.168.0.255 nmask=255.255.255.0
> Password:
> Domain=[PN-TRADING] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]
>
> Sharename Type Comment
> --------- ---- -------
> netlogon Disk Network Logon Service (Samba)
> IPC$ IPC IPC Service (PDC on dl380 (Linux
> with samba version: -hidden-) ADMIN$ Disk IPC
> Service (PDC on dl380 (Linux with samba version: -hidden-)
> anders-l Disk Home Directories
>
> Server Comment
> --------- -------
> DL380 PDC on dl380 (Linux with samba version:
> -hidden-
>
> Workgroup Master
> --------- -------
> PN-TRADING DL380
>
> ************************
>
> <a trimmed smb.conf, for brevity. The complete one posted on
> http://www.dsv.su.se/~anders-l/samba/smb.conf> (full of crap
> comments, work notes etc, just in case you'll need to see it.) This
> one is the same, just with all comments grep -v:ed
>
> [global]
> workgroup = pn-trading
> server string = PDC on %L (Linux with samba version: -hidden-)
> hosts allow = 192.168.0. 127.
> printing = cups
> log file = /var/log/samba/%m.log
> max log size = 1024
> security = user
> encrypt passwords = yes
> smb passwd file = /etc/samba/smbpasswd
> pam password change = yes
> username map = /etc/samba/smbusers
> obey pam restrictions = yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = yes
> os level = 65
> domain master = yes
> preferred master = yes
> domain logons = yes
> logon home = \\%L\%U
> logon path = \\%L\profiles\%U
> dns proxy = no
> status = yes
> domain admin group = @ntadmin
> add user script = /usr/sbin/adduser -n -g machines -c Machine -d
> /dev/null -s /sbin/nologin %m\$
> share modes=yes
>
> [homes]
> comment = Home Directories
> path = /home/%U
> browseable = no
> writable = yes
> valid users = %S
> create mode = 0664
> directory mode = 0775
> guest ok = no
> read only = no
> create mask = 0700
> directory mask = 0700
> oplocks = false
> locking = yes
>
> [netlogon]
> comment = Network Logon Service (Samba)
> path = /home/samba/netlogon
> read only = yes
> share modes = no
> write list = ntadmin
>
> [profiles]
> comment = The roaming profile share.
> path = //home/nt-profiles/%U
> read only = no
> create mask = 0600
> directory mask = 0700
> browseable = no
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = no
> guest ok = no
> writable = no
> printable = yes
>
> ****************
>
> the log file /var/log/samba/ibm.log (the 2K's netbios name)
> contains these very cryptic messages, that aren'r generated from a
> pattern I can discern (i.e. not every time I get the BSOD, for
> instance, but could nonetheless be a result thereof. I include them
> for reference.
>
> [2003/06/10 10:09:30, 0] lib/util_sock.c:read_data(436)
> read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:10:57, 0] lib/util_sock.c:read_data(436)
> read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:27:28, 0] lib/util_sock.c:read_data(436)
> read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:47:37, 0] smbd/service.c:make_connection(252)
> ibm (192.168.0.190) couldn't find service
> ::{2227a280-3aea-1069-a2de-08002b30309d}
> [2003/06/10 11:18:45, 0] lib/util_sock.c:read_data(436)
> read_data: read failure for 4. Error = Connection reset by peer
>
> ****************
> the dir tree for /home/ with the permissions I mentioned looks like this
>
> I know it's messy, I know anders-l:ntusers shouldn't own /home, I've
> just been messing with it to see if I could get a different result -
> not so however.
>
> anders-l is in group ntusers and root is in ntadmins.
>
> ./anders-l:
> total 24
> drwx------ 2 anders-l ntusers 4096 Jun 10 15:33 .
> drwxr-xr-x 6 anders-l ntusers 4096 Jun 10 15:33 ..
> -rw-r--r-- 1 anders-l ntusers 24 Jun 6 12:53 .bash_logout
> -rw-r--r-- 1 anders-l ntusers 191 Jun 6 12:53 .bash_profile
> -rw-r--r-- 1 anders-l ntusers 259 Jun 6 12:53 .bashrc
> -rw-r--r-- 1 anders-l ntusers 120 Jun 6 12:53 .gtkrc
> ./nt-admin:
> total 24
> drwx------ 2 nt-admin root 4096 Jun 6 17:05 .
> drwxr-xr-x 6 anders-l ntusers 4096 Jun 10 15:33 ..
> -rw-r--r-- 1 nt-admin root 24 Jun 6 17:05 .bash_logout
> -rw-r--r-- 1 nt-admin root 191 Jun 6 17:05 .bash_profile
> -rw-r--r-- 1 nt-admin root 259 Jun 6 17:05 .bashrc
> -rw-r--r-- 1 nt-admin root 120 Jun 6 17:05 .gtkrc
> ./samba:
> total 12
> drwxr-xr-x 3 root ntadmins 4096 Jun 10 11:23 .
> drwxr-xr-x 6 anders-l ntusers 4096 Jun 10 15:33 ..
> drwxrwxr-x 2 root ntadmins 4096 Jun 10 09:32 netlogon
> ./samba/netlogon:
> total 8
> drwxrwxr-x 2 root ntadmins 4096 Jun 10 09:32 .
> drwxr-xr-x 3 root ntadmins 4096 Jun 10 11:23 ..
>
> ******************
>
> Well, that should do it.
> Appreciate yall's input.
>
> Sincerely,
>
> Anders
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
I would think it is a problem on the Winblows machine. I run 2k XP and 98 on
my samba domains. My 2k machine right after login started rebooting itself.
Come to find out it was the tape driver that caused this. So what I am saying
is look at the rest of the software that loads on this machine. It may not be
the network stuff at all. BTW (sound files have caused this too.)
Tom
--
Internet Service Provided By Abyss Communications
Internet Service only $10 a month
1-866-842-2977
More information about the samba
mailing list