Odd behaviour with current CVS tree

Andrew S. Prior andrew at cs.toronto.edu
Sun Nov 8 18:15:10 GMT 1998 

 Hi,
  I'm new to this list, so please forgive me if I've not provided the
correct information.  I've been setting up a samba server for a local
college, and we've been running into some odd problems that I haven't
seen described elsewhere.

  A little description of our odd setup first.  We have a class C subnet
that we've re-subnetted into 4.  Let me clarify that, because it's odd.  The
campus router gives us a class C subnet, but we need to have four different
subnets for security/practicality reasons.  All of the machines on the
four subnets think they are on the same class C subnet (they need to to get
to the router with the single IP address) and they communicate with a linux
based router that does proxy arping.  I thought that odd subnetting was
the problem at first, but not so any more for reasons I'll go into.  Most of
the machines get their IP addresses via DHCP which lists the SAMBA box as
their wins server.

  The "lab" machines are NT4SP3 and diskless win95 (don't ask).  They are
on a different subnet than the SAMBA server.  We had no problems while
we just ran 95, but the addition of the NT machines forced us to move to
the NTDOM CVS source.  All of the machines are set up to authenticate off
of the SAMBA server.

  When we moved to the cvs source as of about July, we noticed a few things.
The NT machines worked fine most of the time, but occasionally said they
couldn't find the domain controller after a LONG (several minute) wait.
The '95 machines are a little quirky, often saying they can't authenticate
you the first time you try and log in.  If you try again immediately (even
with a different username) it normally lets you in.  It doesn't always work
on the second try, though, and I've seen it take up for 4-5.  The error message
is that a domain controller cannot be found.  If you wait for several (5-10)
minutes after the first failed attempt it will revert back to not letting you
in again.  That would imply to me that something is happening when you attempt
to log in the first time that lets you log in for a few minutes afterwards, 
but it's not obvious as to what.

  To try and solve this, we started trying newer CVS trees starting around
mid to late August.  This didn't change much on the '95 side, but now we
couldn't log into the NT machines, ever.  It gives an error code C000019B,
which I can't find any reference to on the net or through deja-news.
I meant to write down the (pretty uninfomative) text of the message but
forgot (sorry).  It basically says "couldn't log you in".  

  In none of these cases could I find anything that struck me as relevent in
the logs, except that there was always logs of packets going back and forth
so the two machines were always communicating, even when the clients were
saying that the domain controller can't be found, etc.  We've tried putting
the server on the local net, and that didn't help.  I'm not sure what to
try next or what to look for, so any help would be appreciated.  I can
provide any logs and config files you want, but I didn't give them here
becuase this message is already long enough. 

  Any suggestions would be appreciated.  Thanks!

							Andrew

More information about the samba-ntdom mailing list