[Samba] Samba PDC and Win2k Client

John H Terpstra jht at samba.org
Sat Feb 14 23:41:25 GMT 2004 

Rod,

It sounds to me as if the machine that can not logon has
DigitalSign'n'Seal enabled. You must turn this off with Samba-2.x.

- John T.


On Sat, 14 Feb 2004, L.R.Rodriguez wrote:

> Quick Summary:
> I am trying to join some Win2k (Service Pack 4) machines to a NT4 style
> domain with a Samba PDC. One machine successfully joins the Samba
> domain. One fails.
>
> Current configuration:
>   SambaPDC:
>     - FreeBSD 4.9-RELEASE
>     - Samba 2.2.8a (from binary package)
>   Host1 (Silv):
>     - Windows 2000 SP4 (5.00.2195)
>   Host2 (Plaid):
>     - Windows 2000 SP4 (5.00.2195)
>   All machines are on the same network switch.
>   There are no other machines on the switch.
>   All connections are 100/Full Duplex..
>   All machines are in the 192.168.x.y subnet
>   SambaPDC is is running bind9 with a fake zone (.error) for all
> machines and forwards all other DNS queries.
>   All machines use SambaPDC for DNS resolution.
>
>   smb.conf:
>     [global]
>        workgroup = SAMBAPDC
>        hosts allow = 192.168.
>        log file = /var/log/log.%m
>        log level = 2
>        max log size = 50000
>        security = user
>        encrypt passwords = yes
>        smb passwd file = /usr/local/private/smbpasswd
>        domain master = yes
>        preferred master = yes
>        domain logons = yes
>
> Each machine has a user account (silv$, plaid$) in the
> passwd/master.passwd files. Each machine has an account in the smbpasswd
> file, created with 'smbpasswd -a -m [machine name]'. When I add 'silv'
> to the domain and reboot, I can log in to the domain. When I add 'plaid'
> to the domain and reboot, I cannot log in to the domain. I get the
> following error: "The system cannot log you on to the domain because the
> system's computer accout in the domain is missing or the password is
> incorrect." I should stress that at no point during the process of
> adding 'plaid' to the domain did the I get an error on 'plaid'. On
> SambaPDC, in the logfile for plaid, 'log.plaid', I see these two errors:
>
>  >[2004/02/14 17:39:11, 2] rpc_parse/parse_samr.c:samr_io_userinfo_ctr(6285)
>  >  samr_io_userinfo_ctr: unknown switch level 0x1a
>  >[2004/02/14 17:39:11, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(670)
>  >  api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
>
> I am at a loss. 'Silv' and 'plaid' should not be acting differently
> here. Can anyone suggest any courses of further investigation?
>
>
>
> Thanks,
>
> L.R.Rodriguez
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list