[Samba-it] windows 7 e join al dominio
Mario Vittorio Guenzi
jclark at tiscali.it
Wed Mar 16 04:09:27 MDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Buongiorno a tutti,
sto ormai da piu' di 15 giorni tentando di risolvere la questione ma
proprio non ne vengo fuori.
in buona sostanza devo joinare al dominio dlel macchine windows 7 e pur
sembrando che ci entrino poi in realta' la musica e' differente.
Faccio l'esempio di PC44 che e' quello che mi sta facendo diventare
matto adesso.
L'utente pc44$ esiste in passwd e in shadow sul server e' stato aggiunto
al samba con smbpasswd -a -m pc44
sulla macchina windows ho modificato le chiavi di registro e applicato
la patch di Microsoft per il DNS.
Quando io su pc44 joino al dominio mi trovo in var/log/samba/log.pc44
delle cose di questo tipo:
[2011/03/16 10:48:58, 5] auth/auth_util.c:208(make_user_info_map)
Mapping user [OCEANO]\[PC44] from workstation [PC44]
[2011/03/16 10:48:58, 5] auth/auth_util.c:120(make_user_info)
attempting to make a user_info for PC44 (PC44)
[2011/03/16 10:48:58, 5] auth/auth_util.c:130(make_user_info)
making strings for PC44's user_info struct
[2011/03/16 10:48:58, 5] auth/auth_util.c:162(make_user_info)
making blobs for PC44's user_info struct
[2011/03/16 10:48:58, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user
[OCEANO]\[PC44]@[PC44] with the new password interface
[2011/03/16 10:48:58, 3] auth/auth.c:225(check_ntlm_password)
check_ntlm_password: mapped user is: [OCEANO]\[PC44]@[PC44]
[2011/03/16 10:48:58, 5] ../lib/util/util.c:304(_dump_data)
[0000] 11 49 14 81 62 86 FD 5B .I..b..[
[2011/03/16 10:48:58, 8] lib/util.c:1879(is_myname)
is_myname("OCEANO") returns 0
[2011/03/16 10:48:58, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2011/03/16 10:48:58, 3] smbd/uid.c:428(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2011/03/16 10:48:58, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/03/16 10:48:58, 5] auth/token_util.c:522(debug_nt_user_token)
NT user token: (NULL)
[2011/03/16 10:48:58, 5] auth/token_util.c:548(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/16 10:48:58, 5] passdb/pdb_tdb.c:557(tdbsam_getsampwnam)
pdb_getsampwnam (TDB): error fetching database.
Key: USER_pc44
[2011/03/16 10:48:58, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/03/16 10:48:58, 3] auth/auth_sam.c:282(check_sam_security)
check_sam_security: Couldn't find user 'PC44' in passdb.
[2011/03/16 10:48:58, 5] auth/auth.c:274(check_ntlm_password)
check_ntlm_password: sam authentication for user [PC44] FAILED with
error NT_STATUS_NO_SUCH_USER
[2011/03/16 10:48:58, 3] auth/auth_winbind.c:54(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [OCEANO]
was for this SAM.
[2011/03/16 10:48:58, 2] auth/auth.c:320(check_ntlm_password)
check_ntlm_password: Authentication for user [PC44] -> [PC44] FAILED
with error NT_STATUS_NO_SUCH_USER
[2011/03/16 10:48:58, 5] auth/auth_util.c:2114(free_user_info)
attempting to free (and zero) a user_info structure
[2011/03/16 10:48:58, 3] smbd/error.c:60(error_packet_set)
error packet at smbd/sesssetup.c(122) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
pero' almeno apparentemente sulla macchina windows 7 tutto pare andare a
buon fine e mi chiede il riavvio.
In realta' pero' dopo aver aggiunto un utente di dominio quando cerco di
fare la login con quell'utente non si prota dietro le impostazioni e
crea ogni volta un profilo temporaneo e questo mi crea non pochi
problemi perche' ovviamente gli utenti hanno le loro impostazioni che
devono essere disponibili.
il smb.conf e' questo:
[global]
workgroup = OCEANO
netbios name = CLUSTER
server string = %h (Sangiusto files and prints server %v)
interfaces = eth0, eth0:0, 172.19.170.0/24, lo
bind interfaces only = Yes
obey pam restrictions = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
unix password sync = Yes
log level = 9
syslog = 0
log file = /var/log/samba/log.%m
max log size = 10000
name resolve order = host wins bcast
time server = Yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192
SO_RCVBUF=8192
printcap name = cups
add machine script = /usr/sbin/adduser -n -g machines -c Machine
- -d /dev/null -s /bin/false %u
logon script = %U.bat
logon path = \\%L\profiles\%U
logon drive = H:
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
admin users = root
printer admin = @admin
hosts allow = 127., 192.168.2., 172.19.170.
browse list = yes
[netlogon]
comment = Servizio di logon di dominio
path = /etcvar/var/samba/logon
create mask = 0664
browseable = No
[profiles]
path = /etcvar/var/samba/ntprofiles
read only = No
create mask = 0600
directory mask = 0700
profile acls = Yes
writeable = Yes
browseable = Yes
guest ok = Yes
[homes]
comment = Cartella personale
read only = No
create mask = 0700
directory mask = 0700
browseable = No
bla bla bla le share con stampanti etc.
ho cercato sino a farmi venire il mal di testa su google ma non ho
trovato niente che mi potesse aiutare.
Qualsiasi spunto/idea/quello che volete possa aiutarmi a togliermi da
questa palude sara' graditissimo.
Cordialita'
- --
Mario Vittorio Guenzi
E-mail jclark at tiscali.it
Si vis pacem, para bellum
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk2AjFcACgkQm6qs1ZkNrIqK2wCeO9yoARfqWgd9rCKgHDereRKK
MTEAn3z0J/jwZ3jtI5Rz/Zo8X6V3aHBY
=IPgs
-----END PGP SIGNATURE-----
More information about the samba-it
mailing list