[Samba] Samba 2.2.7 as PDC causing BSOD on 2K domain logon

Tom McKellips tom at cpty.net
Tue Jun 10 15:01:11 GMT 2003 

On Tue, 10 Jun 2003 16:30:11 +0200 (CEST), Anders wrote
> Hello,
> 
> Have wrestled this one for about a week, now, getting frustrated ;-)
> 
> Running samba as PDC for my domain (cf. smb.conf further down)
> When logging in on my 2K Pro machine, I first get a "can't find 
> roaming profile, attempting local profile"-error, but logon using my 
> user's smb account accepts only the correct password and so the 
> identification part works well.
> 
> Next, the screen on my 2K plays the chimes, displays the background 
> for a little while, and then the Blue Screen Of Death with the brief 
> text "... the windows logon process terminated unexpectedly ..." and 
> subsequent automatic reboot.
> 
> I'd appreciate any help.
> 
> I have some thoughts of what could be wrong, but I'm at road's end 
> trying to do something about it, not even knowing if it's the true problem.
> 
> Oh, and btw, I've tried two different 2K machines, same result.
> 
> Possible errors:
> 
> * the user anders-l exists only on the PDC and not locally on the 2K 
> machine, hence it could die trying to find a local profile.
> 
> * the owner structure on the PDC /home/%U stuff could be messed up 
> (see below) (not sure how this would cause the BSOD though)
> 
> * the //dl280/profile share doesn't show when listing the shares 
> (see below), should it? (also unsure how this would cause the BSOD)
> 
> * I've made a darn stupid hum-dinger of a rookie error (and really,
>  what better way to expose your ignorance than to post to a list - 
> right?)
> 
> Follows some helpful(?) stats:
> 
> *********************
> 
> $ smbclient -L //dl380 -U anders-l
> added interface ip=192.168.0.191 bcast=192.168.0.255 nmask=255.255.255.0
> Password:
> Domain=[PN-TRADING] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]
> 
>         Sharename      Type      Comment
>         ---------      ----      -------
>         netlogon       Disk      Network Logon Service (Samba)
>         IPC$           IPC       IPC Service (PDC on dl380 (Linux 
> with samba version: -hidden-)        ADMIN$         Disk      IPC 
> Service (PDC on dl380 (Linux with samba version: -hidden-)       
>  anders-l       Disk      Home Directories
> 
>         Server               Comment
>         ---------            -------
>         DL380                PDC on dl380 (Linux with samba version: 
> -hidden-
> 
>         Workgroup            Master
>         ---------            -------
>         PN-TRADING           DL380
> 
> ************************
> 
> <a trimmed smb.conf, for brevity. The complete one posted on 
> http://www.dsv.su.se/~anders-l/samba/smb.conf> (full of crap 
> comments, work notes etc, just in case you'll need to see it.) This 
> one is the same, just with all comments grep -v:ed
> 
> [global]
>    workgroup = pn-trading
>    server string = PDC on %L (Linux with samba version: -hidden-)
>    hosts allow = 192.168.0. 127.
>    printing = cups
>    log file = /var/log/samba/%m.log
>    max log size = 1024
>    security = user
>    encrypt passwords = yes
>    smb passwd file = /etc/samba/smbpasswd
>    pam password change = yes
>    username map = /etc/samba/smbusers
>    obey pam restrictions = yes
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>    local master = yes
>    os level = 65
>    domain master = yes
>    preferred master = yes
>    domain logons = yes
>    logon home = \\%L\%U
>    logon path = \\%L\profiles\%U
>    dns proxy = no
>    status = yes
>    domain admin group = @ntadmin
>    add user script = /usr/sbin/adduser -n -g machines -c Machine -d 
> /dev/null -s /sbin/nologin %m\$
>    share modes=yes
> 
> [homes]
>    comment = Home Directories
>    path = /home/%U
>    browseable = no
>    writable = yes
>    valid users = %S
>    create mode = 0664
>    directory mode = 0775
>    guest ok = no
>    read only = no
>    create mask = 0700
>    directory mask = 0700
>    oplocks = false
>    locking = yes
> 
> [netlogon]
>     comment = Network Logon Service (Samba)
>     path = /home/samba/netlogon
>     read only = yes
>     share modes = no
>     write list = ntadmin
> 
> [profiles]
>     comment = The roaming profile share.
>     path = //home/nt-profiles/%U
>     read only = no
>     create mask = 0600
>     directory mask = 0700
>     browseable = no
> 
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    browseable = no
>    guest ok = no
>    writable = no
>    printable = yes
> 
> ****************
> 
> the log file /var/log/samba/ibm.log (the 2K's netbios name)
> contains these very cryptic messages, that aren'r generated from a 
> pattern I can discern (i.e. not every time I get the BSOD, for 
> instance, but could nonetheless be a result thereof. I include them 
> for reference.
> 
> [2003/06/10 10:09:30, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:10:57, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:27:28, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:47:37, 0] smbd/service.c:make_connection(252)
>   ibm (192.168.0.190) couldn't find service 
> ::{2227a280-3aea-1069-a2de-08002b30309d}
> [2003/06/10 11:18:45, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> 
> ****************
> the dir tree for /home/ with the permissions I mentioned looks like this
> 
> I know it's messy, I know anders-l:ntusers shouldn't own /home, I've 
> just been messing with it to see if I could get a different result - 
> not so however.
> 
> anders-l is in group ntusers and root is in ntadmins.
> 
> ./anders-l:
> total 24
> drwx------    2 anders-l ntusers      4096 Jun 10 15:33 .
> drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
> -rw-r--r--    1 anders-l ntusers        24 Jun  6 12:53 .bash_logout
> -rw-r--r--    1 anders-l ntusers       191 Jun  6 12:53 .bash_profile
> -rw-r--r--    1 anders-l ntusers       259 Jun  6 12:53 .bashrc
> -rw-r--r--    1 anders-l ntusers       120 Jun  6 12:53 .gtkrc
> ./nt-admin:
> total 24
> drwx------    2 nt-admin root         4096 Jun  6 17:05 .
> drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
> -rw-r--r--    1 nt-admin root           24 Jun  6 17:05 .bash_logout
> -rw-r--r--    1 nt-admin root          191 Jun  6 17:05 .bash_profile
> -rw-r--r--    1 nt-admin root          259 Jun  6 17:05 .bashrc
> -rw-r--r--    1 nt-admin root          120 Jun  6 17:05 .gtkrc
> ./samba:
> total 12
> drwxr-xr-x    3 root     ntadmins     4096 Jun 10 11:23 .
> drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
> drwxrwxr-x    2 root     ntadmins     4096 Jun 10 09:32 netlogon
> ./samba/netlogon:
> total 8
> drwxrwxr-x    2 root     ntadmins     4096 Jun 10 09:32 .
> drwxr-xr-x    3 root     ntadmins     4096 Jun 10 11:23 ..
> 
> ******************
> 
> Well, that should do it.
> Appreciate yall's input.
> 
> Sincerely,
> 
> Anders
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

I would think it is a problem on the Winblows machine. I run 2k XP and 98 on 
my samba domains. My 2k machine right after login started rebooting itself. 
Come to find out it was the tape driver that caused this. So what I am saying 
is look at the rest of the software that loads on this machine. It may not be 
the network stuff at all. BTW (sound files have caused this too.)

Tom
--
Internet Service Provided By Abyss Communications
Internet Service only $10 a month
1-866-842-2977

More information about the samba mailing list