Inability to have W2K recognize domain

Fri Mar 24 01:43:40 GMT 2000

I have so far had no success in getting Windows 2000 installation to join a
Samba domain.  I am using Samba-TNG 1.2 with the sample scripts only slightly
modified (attached).

I simply want to get roaming profiles working.  I need no other functionality
except that.  Is there an easier way to accomplish this?

In any case, here is a list of the symptoms I've noticed so far:

 - Won't work at all on a linux-libc5 system.  The createuser command through
   rpcclient causes the program to exit with the error "Broken pipe" returned.

The following are all on a nice moderm Linux glibc2.1 installation:

 - After following the step by step instructions in the FAQ, I found the
   rpcclient did not need a valid password to log into a user.  I typed:
   'rpcclient -S . -U root -l log' and when it asks for the password, I can
   type anything (or nothing) and get into the '[root at .]$' prompt and
   successfully create users.

 - Commands in rpcclient are constantly giving errors similar to (but which
   don't seem to affect operation otherwise):
   "socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused"
   This seems to be independant of whether I supply a correct password to
   rpcclient.

 - The 'ntpass' command in rpcclient doesn't work to change passwords.  At
   least, I can't get it to work.  It always returns: 

 - The 'ntlogin' command in rpcclient doesn't work on any accounts created
   inside rpcclient.  It will work with accounds created with 'smbpasswd -a
   <name>'.

 - When I try and join a domain in W2K (Control Panel->System->Network
   Identification), after setting the domain name, it asks me for a username
   and password.  After selecting those, and clicking ok, it pauses for about
   15 seconds and then pops up a dialog informing me the domain doesn't exist.

Any help getting this to actually work would be immensely appreciated.
If anyone has working, and would be willing to offer a working set oc
configuration files that I can plagiarize, I would be even more grateful.

        Kurt Fitzner

-------------- next part --------------
[global]

interfaces = 192.168.1.2/24

#NetBIOS name isn't needed if it's the same as the hostname 
netbios name = HACK
workgroup = MAINFRAME

#flat files that map Unix groups to NT type groups. 
#these files take the form unix_group = `Windows NT group'' 
domain group map = /opt/samba-tng/private/domaingroup.map 
domain alias map = /opt/samba-tng/private/domainalias.map 

#Domain controllers use user security and we need encrypted 
#passwords (see ENCRYPTION.txt) 
security = user 
domain logons = yes 
encrypt passwords = yes 

#And in order for us to be *sure* to win browser elections 
os level = 65 
domain master = yes 
preferred master = yes 
local master = yes 

#WINS is the equivalent of DNS for NetBIOS. 
wins support = yes 
time server = yes 

#the next lines are equivalent to the various profile details 
#found in NT's User Manager 
logon script = login.bat 
logon drive = U: 
logon home = \\MYSAMBAPDC\%U
logon path = \\MYSAMBAPDC\profile\%U

#share all home directories 
[homes] 
browseable = no 
writable = yes 
comment = Users' home directories 

#set up netlogon share for system policies and login scripts 
[netlogon] 
path = /opt/samba-tng/netlogon 
writable = no 
guest ok = no 
comment = PDC netlogon share 

#the profiles share
#to create automatic subdirs for the different users
#chmod 1777 /opt/samba-tng/profile
[profile]
path = /opt/samba-tng/profile
writeable = yes

#a public share 
[public] 
path = /opt/samba-tng/public 
browseable = yes 
public = yes 
comment = Public share 