Simple logon server for WinNT machines
David W Dougall
davidd at ee.byu.edu
Tue Feb 1 15:23:56 GMT 2000
I am having great difficulties with samba acting as logon server for my
WinNT machines. The NT machines are all either SP4 or SP5. The only
functionality that I am looking for is a login server. I just want a
central location to store passwords and I am trying to avoid an NT server
for several different reasons.
Anyway, I set up 2.0.5a and 2.0.6 with the same result: I could join the
domain from the NT machine, but upon reboot and login attempt, B.S.O.D
I recently downloaded pre3.0. I waas not able to even join the domain
with this version. I Don't know if this version supports PDC/netlogon.
I went back to an older 2.1 version. This one allows me to join the
domain(with some difficulty), but upon reboot, it tells me that my
password is incorrect no matter what I enter. The only way to get in is
to bypass the domain and enter the local administrator password.
Now I have samba-tng and I am trying to set it up. First of all, I have
very scanty documentation. I am not even sure if I am setting it up
correctly. The only web page I could find was:
http://www.kneschke.de/projekte/samba_tng/index.php3
Anyway, I am confused about what all of the daemons do. I added all of
the accounts in /etc/passwd and /etc/smbpasswd for the users and
workstations and server with appropriate passwords. My first confusion
came when trying to run smbpasswd -j ECENSYS I get the following
error.
Joining Domain as PDC
socket connect to /tmp/.smb.0/agent failed: Connection refused
error connecting to 128.x.x.x:445 (Connection refused)
failed session setup
cli_net_use_add: connection failed
cli_nt_setup_creds: request challenge failed
2000/02/01 08:08:27 : change_trust_account_password: Failed to change
password for domain ECENSYS.
Unable to join domain ECENSYS.
Well, I attempt to join the domain from the NT workstation anyway. The
first time, it says it cannot contact the domain controller. Then I
restart the daemons with higher log level and attempt it again at which
time the NT machine says: You already have a connection with the domain...
None of the log files do anything except the log.nmb which says it
received a login request GETDC and then sent out a packet to
\MAILSLOT\NET\GETDC468.
I am stumped. I need help. If I can get simple logins working on version
2.0.6, that would be the best. If the error number from the NT machine
from the B.S.O.D would help, I can get that. If I must use samba-tng, I
need more documentation. Please point me to a web page or something.
--David
I have included the smb.conf file below.
[global]
log file = /var/adm/samba/log.%m
security = user
server string = ECEn Dept Sysop Server
workgroup = ecensys
encrypt passwords = yes
mangled names = yes
smb passwd file = /etc/smbpasswd
client code page = 437
lock directory = /opt/samba/var/locks
share modes = yes
hosts allow = [my subnet]
os level = 0
wins support = yes
status = yes
domain master = yes
local master = yes
preferred master = yes
domain logons = yes
time server = yes
[homes]
comment = Home Directories
browseable = no
read only = no
create mode = 0750
[netlogon]
path = /opt/netlogon
writeable = no
guest ok = no
More information about the samba-ntdom
mailing list