[Samba] Cached credentials issues and domain and server name being interchanged
Mat Enders
mat.enders at gmail.com
Sun Jan 22 08:05:53 MST 2012
Hello all,
I am having some difficulties after migrating the PDC from one
server to another cached credentials no longer work. Users used to be
able to take their laptops home and then logon using their cached
domain credentials. Now when this is attempted now they get the error
that the GAUACA domain is not available. All of the group policy
settings are set to allow cached logons and this used to work with the
exact same machines with the exact same GP settings.
Also the domain name and the servers netbios names are becoming
confused. We use RDP fairly extensively and to use RDP you have to be
added to the machine as a remote user. When I add the staff member to
the machine they show up as GAUACA\[username] and then after the first
time they logon to that machine their name changes to
ARDVARC\[username]. GAUACA is the domain name and ARDVARC is the
netbios name of the server. All works correctly on site users can
login to the domain from any machine that has been joined and works as
expected except for cached credentials.
See smb.conf below
[global]
smb passwd file = /etc/samba/passdb.tdb
enable privileges = yes
logon drive = H:
domain master = yes
encrypt passwords = true
logon home = \\%L\%U
netbios name = ARDVARC
server string = Gaudior's PDC
logon script = logon.bat
local master = yes
workgroup = GAUACA
logon path = \\%L\%U\profile
os level = 99
security = user
add machine script = /usr/sbin/useradd -s /bin/false \-d /dev/null %u
preferred master = yes
domain logons = yes
hide files = /desktop.ini/$RECYCLE.BIN/profile/profile.V2/profile.old/profile.V2.old/
guest account = nobody
map to guest = bad user
wins support = yes
[staff]
comment = staff share drive
path = /home/staff/share
read only = no
[student]
comment = student share by level
path = /home/student/share
read only = no
[netlogon]
comment = Net Logon Service
path = /home/netlogon
read only = yes
write list = root
public = yes
guest ok = yes
browsable = no
[homes]
comment = Home
valid users = %S
read only = no
browsable = no
--
Mathew E. Enders
"Where once Samba and Apache sold Linux to the world they are now just
part of the plumbing. But that's OK, plumbers make good money."
--Jeremy Allison
More information about the samba
mailing list