TNG-2.4.1; 1st domain logon succeeds, none after that
Luke Kenneth Casson Leighton
lkcl at samba.org
Tue Apr 18 01:43:59 GMT 2000
hm.
try this:
"client schannel = no"
"server schannel = no"
On Tue, 18 Apr 2000, Christopher W. Friday wrote:
> I noticed the same problem, but it started with 2.4. I had made some
> other changes and ended up fighting with this problem most of the
> afternoon today thinking it was something I did. I ended up reseting
> the workstation accounts and adding them to the domain again to get
> things going again. However, after experimenting some, I came to the
> conclusion that the problem was somehow related to how quickly you
> tried to log back in from a particular workstation. If you did it too
> quickly, it would result in the problems Paul describes, but if you
> waited or moved to another machine, everything was fine.
>
> After some more investigation, I noticed that, upon logging out,
> smbstatus showed that the connection to the users home share was
> closed, but the profile and netlogon shares were still in use and that
> they showed the same PID. However, if you then check the running
> processes ('ps x'), that PID is not listed. Then, I noticed that when
> you log out, an extra netlogond process spawns, then after a minute or
> so, that process disappears, and an instance of smbd (which bears the
> PID the smbstatus returns) had appeared. It seems that once this
> process appears, you can login to the machine again without a problem.
>
> I don't know if any of this is useful to anyone, but it should be taken
> with a grain of salt (I was more concerned about getting the network
> going than experimenting).
>
> Chris
>
> On Monday, April 17, 2000 6:51 PM, Paul J Collins
> [SMTP:sneakums at eircom.net] wrote:
> >
> > Hello everyone.
> >
> > I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box. I
> > have been able to add a workstation to the domain by creating the
> > machine account using samedit::createuser and then doing the usual
> > from Network properties on the NT box. The NT machine is NT4 WS SP5
> > running in a VMWare session.
> >
> > Domain: ONDIOLINE
> > PDC: STO-KERRIG
> > Workstation: PSEUDOPOLIS
> >
> > Domain login succeeds the first time I try it after the NT box boots.
> > The profile is created on the server's profile share, and I have
> > access to the PDC's shares. I can access other user's home shares by
> > providing the relevant username and password. However, if I log out
> > and then try to log in again as the same or a different user, I get
> > message about the roaming profile not being available. I OK this
> > message and then I get the "domain not available" error. If my
> > cached
> > credentials were used, I can still access my own home share, but
> > trying to access another user's home share gives a "network name not
> > found" error. When I look in the Event Log, there are four messages
> > from Rdr complaining about short SMBs and then a message from
> > NETLOGON
> > saying that the domain is not available.
> >
> > If I log out of the workstation and shut down and restart Samba, I
> > can
> > log in once again, but once only. After that I get the same errors
> > about not being able to contact the domain.
> >
> > Below are my smb.conf and the relevant events saved from Event Viewer
> > as CSV. I just realised that the data from the events was not saved
> > in the CSV. Damn. Also note that the NT box's time is about 5
> > minutes behind the Linux box's time.
> >
> > I deleted all my samba logs before I tried this fresh. The logs
> > resulting from the actions detailed above have been uploaded to
> > http://homepage.eircom.net/~sneakums/tng.tar.gz The file is about
> > 870KB; log level is 100.
> >
> > I am not on the list; I will try to keep up via the Web archive, but
> > if you need any further info, please feel free to mail me.
> >
> > Hope this is of use,
> >
> > Paul.
> >
> > ---BEGIN "smb.conf"---
> >
> > [global]
> > debug level = 100
> > guest account = ftp
> >
> > netbios name = STO-KERRIG
> > server string = Samba (Primary DC)
> > workgroup = ONDIOLINE
> > interfaces = 172.16.252.1/16 127.0.0.1/8
> >
> > domain group map = /usr/local/samba-TNG/private/domaingroup.map
> > domain alias map = /usr/local/samba-TNG/private/domainalias.map
> >
> > security = user
> > domain logons = yes
> > encrypt passwords = yes
> >
> > os level = 65
> > domain master = yes
> > preferred master = yes
> > local master = yes
> >
> > wins support = yes
> > time server = yes
> >
> > logon script = login.bat
> > logon drive = H:
> > logon home = \\STO-KERRIG\%U
> > logon path = \\STO-KERRIG\profile$\%U
> >
> > print command = /usr/bin/lpr -r -P%p %s
> > lpq command = /usr/bin/lpq -P%p
> > lprm command = /usr/bin/lprm -P%p %j
> > printcap name = /etc/printcap
> > load printers = yes
> >
> > [homes]
> > browseable = no
> > writable = yes
> > comment = Users' home directories
> >
> > [netlogon]
> > path = /usr/local/samba-TNG/netlogon
> > writable = no
> > guest ok = no
> > comment = PDC netlogon share
> >
> > [profile$]
> > path = /usr/local/samba-TNG/profile
> > writeable = yes
> >
> > [printers]
> > printing = bsd
> > comment = All Printers
> > path = /tmp
> > browseable = no
> > guest ok = yes
> > writable = no
> > printable = yes
> >
> > [print$]
> > path = /usr/local/samba-TNG/print
> > writable = yes
> > guest ok = yes
> >
> > ---END "smb.conf"---
> >
> > ---BEGIN "events"---
> >
> > 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No
> > Windows NT Domain Controller is available for domain ONDIOLINE. (This
> > event is expected and can be ignored when booting with the 'No Net'
> > Hardware Profile.) The following error occurred:
> > The remote procedure call failed and did not execute.
> > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The
> > redirector received an SMB that was too short.
> > 4/17/00,10:48:07
> PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The
> > Event log service was started.
> > 4/17/00,10:48:07
> > PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R)
> > Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free.
> >
> > ---END "events"---
> >
> >
> > --
> > Paul Collins <sneakums at eircom.net> - - - - - [ A&P,a&f ]
> > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD
> > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C
> > "Linux: it's just this operating system, you know?"
>
<a href=" mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href=" http://cb1.com/~lkcl" > Samba and Network Development </a>
<a href=" http://samba.org" > Samba Web site </a>
<a href=" http://mcp.com" > Macmillan Technical Publishing </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-ntdom
mailing list