TNG-2.4.1; 1st domain logon succeeds, none after that

Luke Kenneth Casson Leighton lkcl at samba.org
Tue Apr 18 01:43:59 GMT 2000


hm.

try this:

"client schannel = no"
"server schannel = no"

On Tue, 18 Apr 2000, Christopher W. Friday wrote:

> I noticed the same problem, but it started with 2.4.  I  had made some 
> other changes and ended up fighting with this problem most of the 
> afternoon today thinking it was something I did.  I ended up reseting 
> the workstation accounts and adding them to the domain again to get 
> things going again.  However, after experimenting some, I came to the 
> conclusion that the problem was somehow related to how quickly you 
> tried to log back in from a particular workstation.  If you did it too 
> quickly, it would result in the problems Paul describes, but if you 
> waited or moved to another machine, everything was fine.
> 
> After some more investigation, I noticed that, upon logging out, 
> smbstatus showed that the connection to the users home share was 
> closed, but the profile and netlogon shares were still in use and that 
> they showed the same PID.  However, if you then check the running 
> processes ('ps x'), that PID is not listed.  Then, I noticed that when 
> you log out, an extra netlogond process spawns, then after a minute or 
> so, that process disappears, and an instance of smbd (which bears the 
> PID the smbstatus returns) had appeared.  It seems that once this 
> process appears, you can login to the machine again without a problem.
> 
> I don't know if any of this is useful to anyone, but it should be taken 
> with a grain of salt (I was more concerned about getting the network 
> going than experimenting).
> 
> Chris
> 
> On Monday, April 17, 2000 6:51 PM, Paul J Collins 
> [SMTP:sneakums at eircom.net] wrote:
> >
> > Hello everyone.
> >
> > I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box.  I
> > have been able to add a workstation to the domain by creating the
> > machine account using samedit::createuser and then doing the usual
> > from Network properties on the NT box.  The NT machine is NT4 WS SP5
> > running in a VMWare session.
> >
> > Domain: ONDIOLINE
> > PDC: STO-KERRIG
> > Workstation: PSEUDOPOLIS
> >
> > Domain login succeeds the first time I try it after the NT box boots.
> > The profile is created on the server's profile share, and I have
> > access to the PDC's shares.  I can access other user's home shares by
> > providing the relevant username and password.  However, if I log out
> > and then try to log in again as the same or a different user, I get
> > message about the roaming profile not being available.  I OK this
> > message and then I get the "domain not available" error.  If my
> > cached
> > credentials were used, I can still access my own home share, but
> > trying to access another user's home share gives a "network name not
> > found" error.  When I look in the Event Log, there are four messages
> > from Rdr complaining about short SMBs and then a message from
> > NETLOGON
> > saying that the domain is not available.
> >
> > If I log out of the workstation and shut down and restart Samba, I
> > can
> > log in once again, but once only.  After that I get the same errors
> > about not being able to contact the domain.
> >
> > Below are my smb.conf and the relevant events saved from Event Viewer
> > as CSV.  I just realised that the data from the events was not saved
> > in the CSV.  Damn.  Also note that the NT box's time is about 5
> > minutes behind the Linux box's time.
> >
> > I deleted all my samba logs before I tried this fresh.  The logs
> > resulting from the actions detailed above have been uploaded to
> > http://homepage.eircom.net/~sneakums/tng.tar.gz  The file is about
> > 870KB; log level is 100.
> >
> > I am not on the list; I will try to keep up via the Web archive, but
> > if you need any further info, please feel free to mail me.
> >
> > Hope this is of use,
> >
> > Paul.
> >
> > ---BEGIN "smb.conf"---
> >
> > [global]
> > debug level = 100
> > guest account = ftp
> >
> > netbios name = STO-KERRIG
> > server string = Samba (Primary DC)
> > workgroup = ONDIOLINE
> > interfaces = 172.16.252.1/16 127.0.0.1/8
> >
> > domain group map = /usr/local/samba-TNG/private/domaingroup.map
> > domain alias map = /usr/local/samba-TNG/private/domainalias.map
> >
> > security = user
> > domain logons = yes
> > encrypt passwords = yes
> >
> > os level = 65
> > domain master = yes
> > preferred master = yes
> > local master = yes
> >
> > wins support = yes
> > time server = yes
> >
> > logon script = login.bat
> > logon drive = H:
> > logon home = \\STO-KERRIG\%U
> > logon path = \\STO-KERRIG\profile$\%U
> >
> > print command = /usr/bin/lpr -r -P%p %s
> > lpq command = /usr/bin/lpq -P%p
> > lprm command = /usr/bin/lprm -P%p %j
> > printcap name = /etc/printcap
> > load printers = yes
> >
> > [homes]
> > browseable = no
> > writable = yes
> > comment = Users' home directories
> >
> > [netlogon]
> > path = /usr/local/samba-TNG/netlogon
> > writable = no
> > guest ok = no
> > comment = PDC netlogon share
> >
> > [profile$]
> > path = /usr/local/samba-TNG/profile
> > writeable = yes
> >
> > [printers]
> > printing = bsd
> > comment = All Printers
> > path = /tmp
> > browseable = no
> > guest ok = yes
> > writable = no
> > printable = yes
> >
> > [print$]
> > path = /usr/local/samba-TNG/print
> > writable = yes
> > guest ok = yes
> >
> > ---END "smb.conf"---
> >
> > ---BEGIN "events"---
> >
> > 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No
> > Windows NT Domain Controller is available for domain ONDIOLINE. (This
> > event is expected and can be ignored when booting with the 'No Net'
> > Hardware Profile.)  The following error occurred:
> > The remote procedure call failed and did not execute.
> > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,10:48:07 
> PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The
> > Event log service was started.
> > 4/17/00,10:48:07
> > PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R)
> > Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free.
> >
> > ---END "events"---
> >
> >
> > --
> > Paul Collins <sneakums at eircom.net> - - - - - [ A&P,a&f ]
> >  GPG: 0A49 49A9 2932 0EE5 89B2  9EE0 3B65 7154 8131 1BCD
> >  PGP: 88BA 2393 8E3C CECF E43A  44B4 0766 DD71 04E5 962C
> > "Linux: it's just this operating system, you know?"
> 

<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton    </a>
<a href=" http://cb1.com/~lkcl"  > Samba and Network Development   </a>
<a href=" http://samba.org"      > Samba Web site                  </a>
<a href=" http://mcp.com"        > Macmillan Technical Publishing  </a>
 
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals



More information about the samba-ntdom mailing list