Still have logon problems

John Weber jweber at math.cudenver.edu
Tue Mar 14 17:40:12 GMT 2000 

I'm new to TNG, I'm also having this same problem. I've not used earlier
versions, but with 0.15 I can get NT boxes (of SP3,4,5,6) to join the
domain, but domain logons don't work. I followed the instructions (several
times on several machines, all linux RH6.1) given in
http://www.kneschke.de/projekte/samba_tng/faq with the same results every
time.

I set up domaingroup.map as
http://www.kneschke.de/projekte/samba_tng/faq/administrator.php3
and added jweber and root to the group "domainadmin" in /etc/group.
but it still won't work.

I've also tried giving jweber a password with smbpasswd, but that doesn't
help either.


my smbpasswd...
---------------------------------------------------------------
[root at sleepy private]# cat smbpasswd
root:0:36E269DC8A08A48DAAD3B435B51404EE:F61E0C8C67879BC505633E1CB5A77D27:[
]:LCT-38CE6512:
jweber:500:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO
PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDU        ]:LCT-38CE6546:
vicant$:501:CA074A664592D373B56F4D2C40C47721:9D2496531BA7EC6D7F11A3134AC22B96:[W
]:LCT-38CE6558:
---------------------------------------------------------------------

my smb.conf
------------------------------------------------------------------
[global]

#NetBIOS name isn't needed if it's the same as the hostname
#netbios name = MYSAMBAPDC
workgroup = MATHDOM

#flat files that map Unix groups to NT type groups.
#these files take the form unix_group = `Windows NT group''
domain group map = /opt/samba-tng/private/domaingroup.map
domain alias map = /opt/samba-tng/private/domainalias.map

#Domain controllers use user security and we need encrypted
#passwords (see ENCRYPTION.txt)
security = user
domain logons = yes
encrypt passwords = yes

#And in order for us to be *sure* to win browser elections
os level = 65
domain master = yes
preferred master = yes
local master = yes

#WINS is the equivalent of DNS for NetBIOS.
wins support = yes
time server = yes

#the next lines are equivalent to the various profile details
#found in NT's User Manager
logon script = login.bat
logon drive = U:
logon home = \\sleepy\%U
logon path = \\sleepy\profile\%U

#share all home directories
[homes]
browseable = no
writable = yes
comment = Users' home directories

#set up netlogon share for system policies and login scripts
[netlogon]
path = /opt/samba-tng/netlogon
writable = no
guest ok = no
comment = PDC netlogon share

#the profiles share
#to create automatic subdirs for the different users
#chmod 1777 /opt/samba-tng/profile
[profile]
path = /opt/samba-tng/profile
writeable = yes

#a public share
[public]
path = /opt/samba-tng/public
browseable = yes
public = yes
comment = Public share
--------------------------------------------------------------------------

John S. Weber

System Administrator
Center for Computational Mathematics
University of Colorado at Denver
Phone: (303)556-5394 Fax: (303)556-8550
jweber at math.cudenver.edu
http://www-math.cudenver.edu/~jweber

On Wed, 15 Mar 2000, Tom Crummey wrote:

> Hello Jamie,
> 
> I do have a domain group map which maps our support group onto 
> domain admins:
> 
> support="EE\Domain Admins"
> staff="EE\Domain Users"
> 
> We found we needed the EE\ to make it work before.
> I am in the support group and we had all of this working 1 week ago.
> 
> I don't have a domain users map, but I didn't need that last week...
> 
> In any case, if I add the workstation using rpcclient, I shouldn't have
> to worry about creating the workstation account from the client workstation.
> 
> The real problem is that on workstations added to the domain since last
> Tuesday 7th March, I cannot log in to domain accounts. The Win 2000 box
> I had joined to the domain last Monday still allows domain log ins. I
> cannot understand why workstations that appear to join the domain
> successfully (no matter which method is used) won't allow log ins.
> 
> Tom.
> 
> ----------------------------------------------------------------------------
>  Tom Crummey, Systems and Network Manager,      EMAIL: tom at ee.ucl.ac.uk
>  Department of Electronic and Electrical Engineering,                  
>  University College London,                       TEL: +44 (0)20 7679 3898    
>  Torrington Place,                                FAX: +44 (0)20 7388 9307
>  London, UK, WC1E 7JE.                         
> ----------------------------------------------------------------------------
>

More information about the samba-ntdom mailing list