[Samba] Can't add PC to Samba domain in different subnet
Blade Sun/ICILSZX
bladesun at icil.net
Wed Mar 15 03:04:03 GMT 2006
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE></TITLE>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2800.1528" name=GENERATOR></HEAD>
<BODY><!-- Converted from text/plain format -->
<P><FONT face=Arial size=2>Hi:<BR><BR>I can't add PC to domain when the DC in
the different subnet.<BR><BR>I follow the introduction in section 5 of
<samba 3 by example>, and created the samba domain and LDAP server, it
runs well when the PC is in the same subnet, the smbldap-tool could add the PC
account to LDAP server automatically.<BR><BR>But when I want to add the PC in
another subnet to this domain, a strange problem occurred, I did as
follow:<BR><STRONG>1</STRONG>. Modify the lmhosts in the client PC, restart it.
The nbtstat -c command could get the domain and DC
information.<BR><STRONG>2</STRONG>. Add the PC to the domain, it asks the root
password, which seems could find the DC, but then a error msg jump out saying
"The Specified domain either does<BR>not exist or could not be contacted". There
is no limit in the router between the 2 subnets.<BR><STRONG>3</STRONG>. Then I
checked the log of the samba, the log level=4, and the log
shows:<BR> <FONT
face="Courier New">send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from
ICILSZXLX01<00> IP 192.168.18.225 to ICILSZX<1d> IP
192.168.1.199<BR> Sending a packet of len
215 to (192.168.1.199) on port 138<BR>
announce_remote: Doing remote announce for server ICILSZXLX01 to IP
192.168.1.199.<BR> send_mailslot: Sending
to mailslot \MAILSLOT\BROWSE from ICILSZXLX01<00> IP 192.168.18.225
to ICILSZX<1d> IP 192.168.1.199<BR>
Sending a packet of len 215 to (192.168.1.199) on port 138<BR>
announce_remote: Doing remote announce for server
ICILSZXLX01 to IP 192.168.1.199.<BR>
send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from ICILSZXLX01<00>
IP 192.168.18.225 to ICILSZX<1d> IP 192.168.1.199<BR>
Sending a packet of len 215 to (192.168.1.199) on
port 138<BR> Received a packet of len 243
from (192.168.1.199) port 138<BR>
process_dgram: datagram from ICILSZXPC24<00> to ICILSZX<1c> IP
192.168.1.199 for \MAILSLOT\NET\NETLOGON of type 18 len=69<BR>
process_logon_packet: Logon from 192.168.1.199:
code = 0x12<BR> process_logon_packet:
SAMLOGON request from ICILSZXPC24(192.168.1.199) for , returning logon svr
\\ICILSZXLX01 domain ICILSZX code 13 token=ffff<BR>
send_mailslot: Sending to mailslot
\MAILSLOT\NET\GETDC042 from ICILSZXLX01<00> IP 192.168.18.225 to
ICILSZXPC24<00> IP 192.168.1.199<BR>
Sending a packet of len 230 to (192.168.1.199) on port
138<BR></FONT><STRONG>4</STRONG>. And I checked the ldap log, there is nothing
related to the PC.<BR><STRONG>5</STRONG>. I capture all packages, and get the
related detail here:<BR> <FONT
face="Courier New">7.536756 192.168.1.199 -> 192.168.18.225 SMB_NETLOGON SAM
LOGON request from client</FONT></FONT></P>
<P><FONT face="Courier New" size=2>
0000 00 11 25 8f 5a 28 00 00 c5 8d 57 56 08 00 45 00
..%.Z(....WV..E.<BR> 0010 01 0f
77 23 00 00 7f 11 2d c2 c0 a8 01 c7 c0 a8
..w#....-.......<BR> 0020 12 e1
00 8a 00 8a 00 fb ca 25 11 0e 84 4a c0 a8
.........%...J..<BR> 0030 01 c7
00 8a 00 e5 00 00 20 45 4a 45 44 45 4a 45 ........
EJEDEJE<BR> 0040 4d 46 44 46 4b
46 49 46 41 45 44 44 43 44 45 43
MFDFKFIFAEDDCDEC<BR> 0050 41 43
41 43 41 43 41 41 41 00 20 45 4a 45 44 45 ACACACAAA.
EJEDE<BR> 0060 4a 45 4d 46 44 46
4b 46 49 43 41 43 41 43 41 43
JEMFDFKFICACACAC<BR> 0070 41 43
41 43 41 43 41 43 41 42 4d 00 ff 53 4d 42
ACACACACABM..SMB<BR> 0080 25 00
00 00 00 18 04 00 00 00 00 00 00 00 00 00
%...............<BR> 0090 00 00
00 00 00 00 ff fe 00 00 00 00 11 00 00 45
...............E<BR> 00a0 00 02
00 00 00 00 00 02 00 00 00 00 00 00 00 00
................<BR> 00b0 00 5c
00 45 00 5c 00 03 00 01 00 00 00 02 00 5c
.\.E.\.........\<BR> 00c0 00 5c
4d 41 49 4c 53 4c 4f 54 5c 4e 45 54 5c 4e
.\MAILSLOT\NET\N<BR> 00d0 45 54
4c 4f 47 4f 4e 00 12 00 00 00 49 00 43 00
ETLOGON.....I.C.<BR> 00e0 49 00
4c 00 53 00 5a 00 58 00 50 00 43 00 32 00
I.L.S.Z.X.P.C.2.<BR> 00f0 34 00
00 00 00 00 5c 4d 41 49 4c 53 4c 4f 54 5c
4.....\MAILSLOT\<BR> 0100 4e 45
54 5c 47 45 54 44 43 39 36 33 00 00 00 00
NET\GETDC963....<BR> 0110 00 00
00 00 00 0b 00 00 00 ff ff ff
ff
.............</FONT></P>
<P><FONT face="Courier New"
size=2> 7.537347
192.168.18.225 -> 192.168.1.199 SMB_NETLOGON SAM Response - user
unknown</FONT></P>
<P><FONT size=2><FONT
face="Courier New"> 0000 00 00
c5 8d 57 56 00 11 25 8f 5a 28 08 00 45 00
....WV..%.Z(..E.<BR> 0010 01 02
04 aa 40 00 40 11 9f 48 c0 a8 12 e1 c0 a8 </FONT><A
href="mailto:.... at .@..H"><FONT face="Courier New">.... at .@..H</FONT></A><FONT
face="Courier New">......<BR>
0020 01 c7 00 8a 00 8a 00 ee a5 a2 10 0a 19 d7 c0 a8
................<BR> 0030 12 e1
00 8a 00 d8 00 00 20 45 4a 45 44 45 4a 45 ........
EJEDEJE<BR> 0040 4d 46 44 46 4b
46 49 45 4d 46 49 44 41 44 42 43
MFDFKFIEMFIDADBC<BR> 0050 41 43
41 43 41 43 41 41 41 00 20 45 4a 45 44 45 ACACACAAA.
EJEDE<BR> 0060 4a 45 4d 46 44 46
4b 46 49 46 41 45 44 44 43 44
JEMFDFKFIFAEDDCD<BR> 0070 45 43
41 43 41 43 41 43 41 41 41 00 ff 53 4d 42
ECACACACAAA..SMB<BR> 0080 25 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
%...............<BR> 0090 00 00
00 00 00 00 00 00 00 00 00 00 11 00 00 38
...............8<BR> 00a0 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
................<BR> 00b0 00 00
00 38 00 5c 00 03 00 01 00 01 00 02 00 4f
...8.\.........O<BR> 00c0 00 5c
4d 41 49 4c 53 4c 4f 54 5c 4e 45 54 5c 47
.\MAILSLOT\NET\G<BR> 00d0 45 54
44 43 39 36 33 00 15 00 5c 00 5c 00 49 00
ETDC963...\.\.I.<BR> 00e0 43 00
49 00 4c 00 53 00 5a 00 58 00 4c 00 58 00
C.I.L.S.Z.X.L.X.<BR> 00f0 30 00
31 00 00 00 00 00 49 00 43 00 49 00 4c 00
0.1.....I.C.I.L.<BR> 0100 53 00
5a 00 58 00 00 00 01 00 00 00 ff ff ff ff
S.Z.X...........</FONT></FONT></P>
<P><FONT face="Courier New"
size=2> 7.639556
192.168.1.199 -> 192.168.18.225 SMB_NETLOGON SAM LOGON request from
client</FONT></P>
<P><FONT face="Courier New" size=2>
0000 00 11 25 8f 5a 28 00 00 c5 8d 57 56 08 00 45 00
..%.Z(....WV..E.<BR> 0010 01 27
77 24 00 00 7f 11 2d a9 c0 a8 01 c7 c0 a8
.'w$....-.......<BR> 0020 12 e1
00 8a 00 8a 01 13 85 14 11 0e 84 4b c0 a8
.............K..<BR> 0030 01 c7
00 8a 00 fd 00 00 20 45 4a 45 44 45 4a 45 ........
EJEDEJE<BR> 0040 4d 46 44 46 4b
46 49 46 41 45 44 44 43 44 45 43
MFDFKFIFAEDDCDEC<BR> 0050 41 43
41 43 41 43 41 41 41 00 20 45 4a 45 44 45 ACACACAAA.
EJEDE<BR> 0060 4a 45 4d 46 44 46
4b 46 49 43 41 43 41 43 41 43
JEMFDFKFICACACAC<BR> 0070 41 43
41 43 41 43 41 43 41 42 4d 00 ff 53 4d 42
ACACACACABM..SMB<BR> 0080 25 00
00 00 00 18 04 00 00 00 00 00 00 00 00 00
%...............<BR> 0090 00 00
00 00 00 00 ff fe 00 00 00 00 11 00 00 5d
...............]<BR> 00a0 00 02
00 00 00 00 00 02 00 00 00 00 00 00 00 00
................<BR> 00b0 00 5c
00 5d 00 5c 00 03 00 01 00 00 00 02 00 74
.\.].\.........t<BR> 00c0 00 5c
4d 41 49 4c 53 4c 4f 54 5c 4e 45 54 5c 4e
.\MAILSLOT\NET\N<BR> 00d0 45 54
4c 4f 47 4f 4e 00 12 00 00 00 49 00 43 00
ETLOGON.....I.C.<BR> 00e0 49 00
4c 00 53 00 5a 00 58 00 50 00 43 00 32 00
I.L.S.Z.X.P.C.2.<BR> 00f0 34 00
00 00 49 00 43 00 49 00 4c 00 53 00 5a 00
4...I.C.I.L.S.Z.<BR> 0100 58 00
50 00 43 00 32 00 34 00 24 00 00 00 5c 4d
X.P.C.2.4.$...\M<BR> 0110 41 49
4c 53 4c 4f 54 5c 4e 45 54 5c 47 45 54 44
AILSLOT\NET\GETD<BR> 0120 43 34
36 35 00 80 01 00 00 00 00 00 00 0b 00 00
C465............<BR> 0130 00 ff
ff ff
ff
.....</FONT></P>
<P><FONT face="Courier New"
size=2> 7.640142
192.168.18.225 -> 192.168.1.199 SMB_NETLOGON Response to SAM LOGON
request</FONT></P>
<P><FONT face=Arial size=2><FONT
face="Courier New"> 0000 00 00
c5 8d 57 56 00 11 25 8f 5a 28 08 00 45 00
....WV..%.Z(..E.<BR> 0010 01 1a
04 ab 40 00 40 11 9f 2f c0 a8 12 e1 c0 a8 </FONT><A
href="mailto:.... at .@../"><FONT face="Courier New">.... at .@../</FONT></A><FONT
face="Courier New">......<BR>
0020 01 c7 00 8a 00 8a 01 06 67 0e 10 0a 19 d8 c0 a8
........g.......<BR> 0030 12 e1
00 8a 00 f0 00 00 20 45 4a 45 44 45 4a 45 ........
EJEDEJE<BR> 0040 4d 46 44 46 4b
46 49 45 4d 46 49 44 41 44 42 43
MFDFKFIEMFIDADBC<BR> 0050 41 43
41 43 41 43 41 41 41 00 20 45 4a 45 44 45 ACACACAAA.
EJEDE<BR> 0060 4a 45 4d 46 44 46
4b 46 49 46 41 45 44 44 43 44
JEMFDFKFIFAEDDCD<BR> 0070 45 43
41 43 41 43 41 43 41 41 41 00 ff 53 4d 42
ECACACACAAA..SMB<BR> 0080 25 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
%...............<BR> 0090 00 00
00 00 00 00 00 00 00 00 00 00 11 00 00 50
...............P<BR> 00a0 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
................<BR> 00b0 00 00
00 50 00 5c 00 03 00 01 00 01 00 02 00 67
...P.\.........g<BR> 00c0 00 5c
4d 41 49 4c 53 4c 4f 54 5c 4e 45 54 5c 47
.\MAILSLOT\NET\G<BR> 00d0 45 54
44 43 34 36 35 00 13 00 5c 00 5c 00 49 00
ETDC465...\.\.I.<BR> 00e0 43 00
49 00 4c 00 53 00 5a 00 58 00 4c 00 58 00
C.I.L.S.Z.X.L.X.<BR> 00f0 30 00
31 00 00 00 49 00 43 00 49 00 4c 00 53 00
0.1...I.C.I.L.S.<BR> 0100 5a 00
58 00 50 00 43 00 32 00 34 00 24 00 00 00
Z.X.P.C.2.4.$...<BR> 0110 49 00
43 00 49 00 4c 00 53 00 5a 00 58 00 00 00
I.C.I.L.S.Z.X...</FONT></FONT></P>
<DIV><FONT size=2><FONT face=Arial><STRONG>6</STRONG>. For the disunderstand of
the error "user Unknow", I first add the PC to domain in the same
subnet, then quit, the PC account is in the LDAP server. Then connect the
PC to different subnet, the error is the same.</FONT></FONT></DIV>
<DIV><FONT size=2><FONT face=Arial><STRONG>7</STRONG>. I even add the "remote
anouce" option in smb.conf.</FONT></FONT></DIV>
<DIV><FONT size=2><FONT face=Arial></FONT></FONT> </DIV>
<DIV><FONT size=2><FONT face=Arial>How can I solve the problem? please advise,
thanks.</FONT></DIV>
<P><BR><BR><BR><FONT face=Arial>Thanks&Regards<BR>Blade
Sun/ICILSZX<BR></FONT></P></FONT></BODY></HTML>
More information about the samba
mailing list