Still having problems with latest CVS and win2k joining a samba controlled domain

Anders C. Thorsen anders at aae.wisc.edu
Fri Dec 1 09:14:45 GMT 2000 

Chris,

please add your _complete_ [global] section and the important ones
([netlogon], [homes], [print$] if you have one, etc.) as your
problem indicates the following to me:

	1. You have map to guest enabled
	2. The guest has a funky UID [such as too large or negative..
					in case of too large it will
					become negative]
	3. When logging on as root, it's not fully recognised as such,
	   mapped to guest, and the behaviour you describe will occur.

Ofcourse, this might be wrong, but you did not give the full smb.config,
so I can't tell..

BTW: You might want to check on the FAQs/HOWTOs on how to add a 
win2k machine to the DOMAIN.


--Anders

On Fri, Dec 01, 2000 at 01:57:57PM -0500, Chris Leavoy wrote:
> As shown in the subject, I'm still having problems with the latest CVS of
> samba 2.2.  When joining the win2k clients to the domain, I logon using root
> (which is also in smbpasswd) and after about 30 or a minute it comes up with
> the message welcome to the domain "workgroup".  In those 30-60 seconds,
> there is around 50 pages of messages in the log.smd with a log level of 3.
> And at the end of it all, there is some garbage about invalid uid, unable to
> set uid blah blah, where uid is some weird NEGATIVE number... so it defaults
> to 0:0 and then "panics" and blurts stuff about an internal error occured.
> About 10 seconds after the panic message, win2k pops up welcome to the
> domain.  I reboot the win2k machine, and when I try to login to the domain,
> I get the follow error:
> 
> The system cannot log you on to this domain because the system's computer
> account in its primary domain is missing or the password on that account is
> incorrect.
> 
> Has anyone else experienced this situation, or know what on earth is wrong?
> Any suggestions or comments on how to resolve this issue is greatly
> appreciated.  If there is any information that I left out that could help
> isolate the problem, feel free to ask.
> 
> I tried this whole thing with a different win2k box, which btw has sp1, and
> this time I got the error message "unable to log in to the domain because
> the netlogon services is not started."  Well, that's bullshit, because I
> used the other win2k machine to remote admin, and saw that the netlogon
> service was indeed started and running.  I suspect not, but could this be a
> samba related problem?
> 
> Here are some cut-outs of my config.
> 
> [global]
> encrypt passwords = Yes
> domain logons = Yes
> update encrypted = Yes
> 
> [netlogon]
> 	comment = The domain logon service
> 	path = /usr/local/samba/netlogon
> 	read only = yes
> browseable = yes
> 
> [homes]
> 	comment = Home Directory
>  locking = No
> 
> /etc/passwd:
> laptop$:*:2002:103:laptop::
> 
> smbpasswd:
> laptop$:2002:6A949FC0CA0B8F656110CFF0D031479B:9B9BABBC39B986FEBEAA77BDBFE696
> BA:[W          ]:LCT-3A27EC49:
> 
> NOTE: the above was added automagically to smbpasswd.
> 
> 
> 
> Thanks for your help,
> Chris Leavoy
> 

-- 

--Anders

Anders C. Thorsen
PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc

----------------------------------------
Only two things are infinite.
The universe and human stupidity.
Although, I am unsure of the former.

Albert Einstein

More information about the samba-ntdom mailing list