W2K Joining SMB Server
Hazen Valliant-Saunders
hazen at potentia.ca
Fri Dec 15 14:50:40 GMT 2000
Mr: Bannon,
I am aware of the faq and PDC-How to examples, moreover when i say that the
TNG version does not have syntax examples anywhere, i have followed the
FAQ's and PDC-How to's to the T. The 2.2.0-prealpha CVS version won't work
in this setup currently. I have talked to everyone on this list including
four diffrent samba members, logging on as "root" on a W2K workstation is a
work-around for a typical RPC error that is inherent in the RPC code of CVS
5 (the version that is currently available) For some weird reason i cannot
log on as root (Yes i've created the root account!) and tested it with
smbclient and various other formats. The two versions of W2K professional
are 1. OEM versions form dell on laptops, and 2. Have SP1 installed. Now
weather or not this is a bug with W2k SP1 and Leagacy Domain Operation or
weather its a bug with 2.2.0 CVS 5 i cannot say. I have made approprate
patches and adhered to all FAQ's and How-To's the fact of the matter is it
does not work. I am not the only one for whom this does not function. The
error i get on the client is either "An remote procedure failed" or "Number
is out of range" now either way I have followed all instruction everywhere
(to the point of noticeing various inconsistencies across the same faq when
mirrored) I have set up and tested 2.0.7, 2.2.0, 3.0 test, and TNG. I have
been following these mailing lists for well over a month and the W2k Domain
Logon is incredably inconsistent, I works for you and a few others that's
it. FYI I am using a Red Hat 6.2 stock setup, with SAMBA 2.2.0-prealpha CVS
5 . Below is my smb.conf and output from testparm
----------------------------------------------------------------------------
-------------------------------------------------
[global]
security = user
status = Yes
workgroup = POTENTIA1
server string = SAMBA PDC
interfaces = eth0
encrypt passwords = Yes
passwd chat debug = Yes
debug level = 3
log file = /usr/local/samba/var/log.%m
max log size = 1000
debug hires timestamp = Yes
debug pid = Yes
debug uid = Yes
prefered master = Yes
domain master = Yes
load printers = No
logon home = \\%N\%U
logon path = \\%N\%U\profiles
domain logons = Yes
add user script = /usr/sbin/adduser -n -g users -c Machine -d
/dev/null -s /bin/false %m$
delete user script = deluser -r %m
os level = 65
domain admin users = root
domain admin group = @users
wins proxy = Yes
wins support = Yes
admin users = root
[homes]
comment = Home Directories
writeable = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /usr/local/samba/lib/netlogon
guest ok = Yes
share modes = No
[profiles]
path = /usr/local/samba/profiles
comment = Network Profiles
guest ok = Yes
browseable = Yes
[public]
path = /public
comment = Public Share
guest ok = Yes
browsable = Yes
----------------------------------------------------------------------------
-------------------------------------------------
Heres the output of testparm
----------------------------------------------------------------------------
-------------------------------------------------
Load smb config files from /etc/smb.conf
doing parameter log file = /usr/local/samba/var/log.%m
doing parameter max log size = 1000
doing parameter debug hires timestamp = Yes
doing parameter debug pid = Yes
doing parameter debug uid = Yes
doing parameter prefered master = Yes
doing parameter domain master = Yes
doing parameter load printers = No
doing parameter logon home = \\%N\%U
doing parameter logon path = \\%N\%U\profiles
doing parameter domain logons = Yes
doing parameter add user script = /usr/sbin/adduser -n -g users -c
Machine -d /dev/null -s /bin/false %m$
doing parameter os level = 65
doing parameter domain admin users = root
doing parameter domain admin group = @users
doing parameter wins proxy = Yes
doing parameter wins support = Yes
doing parameter admin users = root
Processing section "[homes]"
doing parameter comment = Home Directories
doing parameter writeable = Yes
doing parameter browseable = No
Processing section "[netlogon]"
doing parameter comment = Network Logon Service
doing parameter path = /usr/local/samba/lib/netlogon
doing parameter guest ok = Yes
doing parameter share modes = No
Processing section "[profiles]"
doing parameter path = /usr/local/samba/profiles
doing parameter comment = Network Profiles
doing parameter guest ok = Yes
doing parameter browseable = Yes
Processing section "[public]"
doing parameter path = /public
doing parameter comment = Public Share
doing parameter guest ok = Yes
doing parameter browsable = Yes
pm_process() returned Yes
Loaded services file OK.
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = POTENTIA1
netbios name =
netbios aliases =
server string = SAMBA PDC
interfaces = eth0
bind interfaces only = No
security = USER
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
password server =
smb passwd file = /etc/smbpasswd
root directory = /
passwd program = /bin/passwd
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = Yes
username map =
password level = 0
username level = 0
unix password sync = No
restrict anonymous = No
use rhosts = No
log level = 3
syslog = 1
syslog only = No
log file = /usr/local/samba/var/log.%m
max log size = 1000
timestamp logs = Yes
debug hires timestamp = Yes
debug pid = Yes
debug uid = Yes
protocol = NT1
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
nt acl support = Yes
announce version = 4.2
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = lmhosts host wins bcast
max packet = 65535
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max disk size = 0
max open files = 10000
read prediction = No
read size = 16384
shared mem size = 1048576
socket options = TCP_NODELAY
stat cache size = 50
load printers = No
printcap name = /etc/printcap
printer driver file = /etc/printers.def
strip dot = No
character set =
mangled stack = 50
coding system =
client code page = 850
stat cache = Yes
domain groups =
domain admin group = @users
domain guest group =
domain admin users = root
domain guest users =
machine password timeout = 604800
add user script = /usr/sbin/adduser -n -g users -c Machine -d
/dev/null -s /bin/false %m$
delete user script = userdel -r %m
logon script =
logon path = \\%N\%U\profiles
logon drive =
logon home = \\%N\%U
domain logons = Yes
os level = 65
lm announce = Auto
lm interval = 60
preferred master = Yes
local master = Yes
domain master = Yes
browse list = Yes
dns proxy = Yes
wins proxy = Yes
wins server =
wins support = Yes
wins hook =
kernel oplocks = Yes
ole locking compatibility = Yes
oplock break wait time = 10
smbrun = /usr/bin/smbrun
config file =
preload =
lock dir = /var/lock/samba
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map =
time offset = 0
unix realname = No
NIS homedir = No
panic action =
comment =
path =
alternate permissions = No
revalidate = No
username =
guest account = nobody
invalid users =
valid users =
admin users = root
read list =
write list =
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = -1
force security mode = -1
directory mask = 0755 guest only = No
guest ok = No
only user = No
hosts allow =
hosts deny =
status = Yes
max connections = 0
min print space = 0
strict sync = No
sync always = No
print ok = No
postscript = No
printing = bsd
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer name =
printer driver = NULL
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = No
oplock contention limit = 2
strict locking = No
share modes = Yes
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /usr/local/samba/lib/netlogon
guest ok = Yes
share modes = No
[profiles]
comment = Network Profiles
path = /usr/local/samba/profiles
guest ok = Yes
[public]
comment = Public Share
path = /public
guest ok = Yes
force directory mode = 00
----------------------------------------------------------------------------
------------------------------------------------
So if anyone has any bright ideas as to why this config does not function at
all for w2k (works beautifully for w98 and NT4SP5) Could you send me a reply
(with any changes to the files that need to be made and your "working
setup??"
Thank you all for your time and effort.
Hazen Valliant Saunders
-----Original Message-----
From: David Bannon [mailto:D.Bannon at latrobe.edu.au]
Sent: Thursday, December 14, 2000 5:37 PM
To: Hazen Valliant-Saunders; samba-ntdom at samba.org; tng-user at tng.org
Subject: Re: W2K Joining SMB Server
At 10:24 AM 14/12/2000 -0500, Hazen Valliant-Saunders wrote:
>..... Now a lot of
>people say that they have thier samba working with domain logons from W2K ,
>if they could mail me ther smb.conf files (and domaingroup.map,
>domainuser.map and and localuser.map files for those TNG-ers) because there
>are no syntax examples anywhere!!!!!
Pretty clear examples in the domain controller HowTo and FAQ !
They are (almost) an exact copy of my test and now one production system. I
say almost because I just noticed that my test machine lists both 'domain
admin group' and 'domain admin user' and on the production system that
seems to makes a difference !! I'll do some testing before I'm sure so
watch this space...
------------------------------------------------------------
David Bannon D.Bannon at latrobe.edu.au
School of Biochemistry Phone 61 03 9479 2197
La Trobe University, Plenty Rd, Fax 61 03 9479 2467
Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au
------------------------------------------------------------
..... Humpty Dumpty was pushed !
More information about the samba-ntdom
mailing list