Still having problems with latest CVS and win2k joining a samba controlled domain

Anders C. Thorsen anders at aae.wisc.edu
Fri Dec 1 18:22:34 GMT 2000


I have to say that I don't really see what's wrong..

Try updating the cvs ver. and try again (delete machine account first)

--Anders

On Fri, Dec 01, 2000 at 09:59:50PM -0500, Chris Leavoy wrote:
> > please add your _complete_ [global] section and the important ones
> > ([netlogon], [homes], [print$] if you have one, etc.) as your
> > problem indicates the following to me:
> 
> [global]
>         coding system = 
>         client code page = 850
>         code page directory = /usr/local/samba/lib/codepages
>         workgroup = WORKGROUP
>         netbios name = SAMBA
>         netbios aliases = 
>         netbios scope = 
>         server string = File server
>         interfaces = 192.168.1.3
>         bind interfaces only = Yes
>         security = USER
>         encrypt passwords = Yes
>         update encrypted = Yes
>         allow trusted domains = Yes
>         hosts equiv = /etc/hosts.equiv
>         min passwd length = 5
>         map to guest = Never
>         null passwords = Yes
>         password server = 
>         smb passwd file = /usr/local/samba/private/smbpasswd
>         root directory = 
>         passwd program = /usr/bin/passwd
>         passwd chat = *new*password* %n\n *new*password* %n\n *changed*
>         passwd chat debug = No
>         username map = 
>         password level = 0
>         username level = 0
>         unix password sync = No
>         restrict anonymous = No
>         use rhosts = No
>         log level = 3
>         syslog = 1
>         syslog only = No
>         log file = 
>         max log size = 5000
>         timestamp logs = Yes
>         debug hires timestamp = No
>         debug pid = No
>         debug uid = No
>         protocol = NT1
>         read bmpx = No
>         read raw = Yes
>         write raw = Yes
>         nt smb support = Yes
>         nt pipe support = Yes
>         nt acl support = Yes
>         announce version = 4.2
>         announce as = NT
>         max mux = 50
>         max xmit = 65535
>         name resolve order = lmhosts host wins bcast
>         max packet = 65535
>         max ttl = 259200
>         max wins ttl = 518400
>         min wins ttl = 21600
>         time server = Yes
>         change notify timeout = 60
>         deadtime = 0
>         getwd cache = Yes
>         keepalive = 300
>         lpq cache time = 10
>         max disk size = 0
>         max open files = 2000
>         read size = 16384
>         socket options = TCP_NODELAY
>         stat cache size = 50
>         load printers = No
>         printcap name = /etc/printcap
>         enumports command = 
>         addprinter command = 
>         deleteprinter command = 
>         show add printer wizard = No
>         strip dot = No
>         character set = 
>         mangled stack = 50
>         stat cache = Yes
>         domain groups = 
>         domain admin group = 
>         domain guest group = 
>         domain admin users = 
>         domain guest users = 
>         machine password timeout = 604800
>         add user script = 
>         delete user script = 
>         logon script = logon.bat
>         logon path = \\%N\profiles
>         logon drive = H:
>         logon home = \\%N\%U
>         domain logons = Yes
>         os level = 65
>         lm announce = Auto
>         lm interval = 60
>         preferred master = True
>         local master = Yes
>         domain master = True
>         browse list = Yes
>         dns proxy = Yes
>         wins proxy = Yes
>         wins server = 
>         wins support = Yes
>         wins hook = 
>         kernel oplocks = Yes
>         oplock break wait time = 10
>         smbrun = /usr/local/samba/bin/smbrun
>         config file = 
>         preload = 
>         lock dir = /usr/local/samba/var/locks
>         default service = 
>         message command = 
>         dfree command = 
>         valid chars = 
>         remote announce = 
>         remote browse sync = 
>         socket address = 0.0.0.0
>         homedir map = 
>         time offset = 0
>         unix realname = Yes
>         NIS homedir = No
>         source environment = 
>         panic action = 
>         hide local users = No
>         host msdfs = No
>         winbind uid = 
>         winbind gid = 
>         template homedir = /home/%D/%U
>         template shell = /bin/false
>         winbind separator = \
>         winbind cache time = 15
>         comment = file server
>         path = 
>         alternate permissions = No
>         username = 
>         guest account = nobody
>         invalid users = 
>         valid users = 
>         admin users = 
>         read list = 
>         write list = 
>         printer admin = 
>         force user = 
>         force group = 
>         read only = Yes
>         create mask = 0644
>         force create mode = 00
>         security mask = -1
>         force security mode = -1
>         directory mask = 0755
>         force directory mode = 00
>         directory security mask = -1
>         force directory security mode = -1
>         inherit permissions = No
>         guest only = No
>         guest ok = No
>         only user = No
>         hosts allow = 192.168.1. 127.0.0.1
>         hosts deny = ALL
>         status = Yes
>         max connections = 0
>         min print space = 0
>         strict sync = No
>         sync always = No
>         write cache size = 0
>         max print jobs = 1000
>         printable = No
>         postscript = No
>         printing = bsd
>         print command = lpr -r -P%p %s
>         lpq command = lpq -P%p
>         lprm command = lprm -P%p %j
>         lppause command = 
>         lpresume command = 
>         queuepause command = 
>         queueresume command = 
>         printer name = 
>         printer driver = 
>         printer driver file = /usr/local/samba/lib/printers.def
>         printer driver location = 
>         default case = lower
>         case sensitive = No
>         preserve case = Yes
>         short preserve case = Yes
>         mangle case = No
>         mangling char = ~
>         hide dot files = Yes
>         delete veto files = No
>         veto files = 
>         hide files = 
>         veto oplock files = 
>         map system = No
>         map hidden = No
>         map archive = Yes
>         mangled names = Yes
>         mangled map = 
>         browseable = Yes
>         blocking locks = Yes
>         fake oplocks = No
>         locking = Yes
>         oplocks = Yes
>         level2 oplocks = Yes
>         oplock contention limit = 2
>         posix locking = Yes
>         strict locking = No
>         share modes = Yes
>         copy = 
>         include = 
>         exec = 
>         preexec close = No
>         postexec = 
>         root preexec = 
>         root preexec close = No
>         root postexec = 
>         available = Yes
>         volume = 
>         fstype = NTFS
>         set directory = No
>         wide links = Yes
>         follow symlinks = Yes
>         dont descend = 
>         magic script = 
>         magic output = 
>         delete readonly = No
>         dos filetimes = No
>         dos filetime resolution = No
>         fake directory create times = No
>         vfs object = 
>         vfs options = 
>         msdfs root = No
> 
> [homes]
> 	comment = Home Directory
> read only = No
> 	locking = No
> 
> [netlogon]
> 	comment = The domain logon service
> 	path = /usr/local/samba/netlogon
> 
> [profiles]
> 	comment = User Profiles
> 	path = /home/family/%u/profile
> 	invalid users = all
> 	valid users = +family +users admin
> read only = No
> 	locking = No
> 
> > 1. You have map to guest enabled
> map to guest = Never
> 
> > 2. The guest has a funky UID [such as too large or negative..
> > in case of too large it will
> > become negative]
> guest account = nobody
> nobody:x:99:99:nobody:/:
> 
> > 3. When logging on as root, it's not fully recognised as such,
> >    mapped to guest, and the behaviour you describe will occur.
> Hmm?
> 
> > BTW: You might want to check on the FAQs/HOWTOs on how to add a 
> > win2k machine to the DOMAIN.
> I have read both of them, many of times ;)
> 
> 
> Thanks for your help,
> Chris Leavoy
> 
> 

-- 

--Anders

Anders C. Thorsen
PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc

----------------------------------------
Only two things are infinite.
The universe and human stupidity.
Although, I am unsure of the former.

Albert Einstein





More information about the samba-ntdom mailing list