[Samba] Win2k Client <-> Samba Server
John H Terpstra
jht at samba.org
Sat May 31 13:35:42 GMT 2003
On Fri, 30 May 2003, Scott Drumm wrote:
> I'm having some difficulties joining a Win2k workstation to a Samba domain.
>
> This particular workstation is my work laptop (DRUMMSW01) which normally
> operates as a member of a standard Win2k domain called BIZ. At windows
> startup/logon, BIZ is specified as the domain.
>
> At home, my Samba PDC's workgroup/domain is HOME.LAN
>
> When I try to browse shares on HOME.LAN with the Win2k laptop, I get the
> following error message: "There are currently no logon servers available
> to service the logon request." However, if I logon to the laptop
> locally as opposed to w/ BIZ specified (i.e. I have a local machine
> account) I can use all of HOME.LAN's resources w/o a problem.
>
> I've traced the problem in the /var/log/samba/nmbd.log file as shown
> below - it would appear that the client is still trying to authenticate
> against the BIZ domain (in particular, notice the WINS registration
> requests for BIZ, which the Samba server choses to ignore).
>
> I've followed the standard procedures per
> http://www.sugoi.org/bits/index.php?bit_id=33 - i.e. a machine group
> exists, a user account for the machine exists, and the machine has been
> added to the smbpasswd file, but to no avail.
The link is incorrect. To add a machine account to /etc/passwd you need to
escape the '$' as follows:
useradd -g machines -c "windows 2000 workstation" -d /dev/null -s
/bin/false -n doraemon\$
Note the '\' before the '$'
To add a machine account to /etc/samba/smbpasswd you DO NOT add the '$' so
in place of the command shown at this link use:
smbpasswd -a -m doraemon
You should also note that migration of domain members between domains will
work only so long as BOTH domains are available on the network at the same
time. Even then it can be problematic. The workaround method is:
1. Migrate from old domain to a workgroup
2. Then join new domain
- John T.
> Any help on solving this puzzle would be GREATLY appreciated. Thanks!
>
> P.S. I've also included a dump from testparm following the log file.
>
> # nmbd.log:
> [2003/05/28 22:41:41, 2] nmbd/nmbd_browsesync.c:sync_with_dmb(157)
> sync_with_dmb:
> Initiating sync with domain master browser FIDELITY<20> at IP
> 192.168.0.1 for workgroup HOME.LAN
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_refresh_request(430)
> wins_process_name_refresh_request: Name refresh for name
> DRUMMSW01<03> IP 192.168.0.96
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_refresh_request(430)
> wins_process_name_refresh_request: Name refresh for name
> DRUMMSW01<00> IP 192.168.0.96
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_refresh_request(430)
> wins_process_name_refresh_request: Name refresh for name BIZ<1d> IP
> 192.168.0.96
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_refresh_request(447)
> wins_process_name_refresh_request: Name refresh for name BIZ<1d> and
> the name does not exist. Treating as registration.
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_registration_request(679)
> wins_process_name_registration_request: Unique name registration for
> name BIZ<1d> IP 192.168.0.96
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_registration_request(739)
> wins_process_name_registration_request: Ignoring request to register
> name BIZ<1d> from IP 192.168.0.96.
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_refresh_request(430)
> wins_process_name_refresh_request: Name refresh for name BIZ<1e> IP
> 192.168.0.96
> [2003/05/28 22:41:41, 3]
> nmbd/nmbd_winsserver.c:wins_process_name_refresh_request(430)
> wins_process_name_refresh_request: Name refresh for name BIZ<00> IP
> 192.168.0.96
>
> # Output from testparm:
> # Global parameters
> [global]
> coding system =
> client code page = 850
> code page directory = /usr/share/samba/codepages
> workgroup = HOME.LAN
> netbios name = FIDELITY
> netbios aliases =
> netbios scope =
> server string = Samba Server (Fidelity)
> interfaces = 192.168.0.1/24
> bind interfaces only = Yes
> security = USER
> encrypt passwords = No
> update encrypted = No
> allow trusted domains = Yes
> hosts equiv =
> min passwd length = 5
> map to guest = Never
> null passwords = No
> obey pam restrictions = No
> password server =
> smb passwd file = /etc/samba/smbpasswd
> root directory =
> pam password change = No
> passwd program = /usr/bin/passwd
> passwd chat = *new*password* %n\n *new*password* %n\n *changed*
> passwd chat debug = No
> username map =
> password level = 0
> username level = 0
> unix password sync = No
> restrict anonymous = No
> lanman auth = Yes
> use rhosts = No
> admin log = No
> log level = 3
> syslog = 1
> syslog only = No
> log file = /var/log/samba/%m.log
> max log size = 0
> timestamp logs = Yes
> debug hires timestamp = No
> debug pid = No
> debug uid = No
> protocol = NT1
> large readwrite = Yes
> max protocol = NT1
> min protocol = CORE
> read bmpx = No
> read raw = Yes
> write raw = Yes
> nt smb support = Yes
> nt pipe support = Yes
> nt status support = Yes
> announce version = 4.9
> announce as = NT
> max mux = 50
> max xmit = 16644
> name resolve order = lmhosts host wins bcast
> max ttl = 259200
> max wins ttl = 518400
> min wins ttl = 21600
> time server = No
> unix extensions = No
> change notify timeout = 60
> deadtime = 0
> getwd cache = Yes
> keepalive = 300
> lpq cache time = 10
> max smbd processes = 0
> max disk size = 0
> max open files = 10000
> name cache timeout = 660
> read size = 16384
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> stat cache size = 50
> use mmap = Yes
> total print jobs = 0
> load printers = Yes
> printcap name = /etc/printcap
> disable spoolss = No
> enumports command =
> addprinter command =
> deleteprinter command =
> show add printer wizard = Yes
> os2 driver map =
> strip dot = No
> mangling method = hash
> character set =
> mangled stack = 50
> stat cache = Yes
> domain admin group =
> domain guest group =
> machine password timeout = 604800
> add user script =
> delete user script =
> logon script =
> logon path = \\%N\%U\profile
> logon drive =
> logon home = \\%N\%U
> domain logons = Yes
> os level = 64
> lm announce = Auto
> lm interval = 60
> preferred master = Yes
> local master = Yes
> domain master = Yes
> browse list = Yes
> enhanced browsing = Yes
> dns proxy = No
> wins proxy = No
> wins server =
> wins support = Yes
> wins hook =
> kernel oplocks = Yes
> lock spin count = 3
> lock spin time = 10
> oplock break wait time = 0
> add share command =
> change share command =
> delete share command =
> config file =
> preload =
> lock dir = /var/cache/samba
> pid directory = /var/run/samba
> utmp directory =
> wtmp directory =
> utmp = No
> default service =
> message command = /usr/bin/linpopup "%f" "%m" %s; rm %s
> dfree command =
> valid chars =
> remote announce = 192.168.0.255
> remote browse sync =
> socket address = 192.168.0.1
> homedir map = auto.home
> time offset = 0
> NIS homedir = No
> source environment =
> panic action =
> hide local users = No
> winbind uid =
> winbind gid =
> template homedir = /home/%D/%U
> template shell = /bin/false
> winbind separator = \
> winbind cache time = 15
> winbind enum users = Yes
> winbind enum groups = Yes
> winbind use default domain = No
> comment =
> path =
> alternate permissions = No
> username =
> guest account = nobody
> invalid users =
> valid users =
> admin users =
> read list =
> write list =
> printer admin =
> force user =
> force group =
> read only = Yes
> create mask = 0744
> force create mode = 00
> security mask = 0777
> force security mode = 00
> directory mask = 0755
> force directory mode = 00
> directory security mask = 0777
> force directory security mode = 00
> force unknown acl user = 00
> inherit permissions = No
> inherit acls = No
> guest only = No
> guest ok = No
> only user = No
> hosts allow = 192.168.0. 127.
> hosts deny =
> status = Yes
> nt acl support = Yes
> profile acls = No
> block size = 1024
> max connections = 0
> min print space = 0
> strict allocate = No
> strict sync = No
> sync always = No
> write cache size = 0
> max print jobs = 1000
> printable = No
> postscript = No
> printing = bsd
> print command = lpr -r -P%p %s
> lpq command = lpq -P%p
> lprm command = lprm -P%p %j
> lppause command =
> lpresume command =
> queuepause command =
> queueresume command =
> printer name =
> use client driver = No
> default devmode = No
> printer driver =
> printer driver file = /etc/samba/printers.def
> printer driver location =
> default case = lower
> case sensitive = No
> preserve case = Yes
> short preserve case = Yes
> mangle case = No
> mangling char = ~
> hide dot files = Yes
> hide unreadable = No
> delete veto files = No
> veto files =
> hide files =
> veto oplock files =
> map system = No
> map hidden = No
> map archive = Yes
> mangled names = Yes
> mangled map =
> browseable = Yes
> blocking locks = Yes
> csc policy = manual
> fake oplocks = No
> locking = Yes
> oplocks = Yes
> level2 oplocks = Yes
> oplock contention limit = 2
> posix locking = Yes
> strict locking = No
> share modes = Yes
> copy =
> include =
> exec =
> preexec close = No
> postexec =
> root preexec =
> root preexec close = No
> root postexec =
> available = Yes
> volume =
> fstype = NTFS
> set directory = No
> wide links = Yes
> follow symlinks = Yes
> dont descend =
> magic script =
> magic output =
> delete readonly = No
> dos filemode = No
> dos filetimes = No
> dos filetime resolution = No
> fake directory create times = No
> vfs object =
> vfs options =
>
> ---
> sdrumm at midsouth.rr.com
>
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list