(Was Caution Stoopid Newbie) - A better (Longer) explanation

Mark Haney mhaney at info4cars.com
Mon Apr 9 12:47:43 GMT 2001

Hold up a second.  Don't reinstall NT unless you can figure out what the
deal is with Samba.  I mean, if you can't login with the NT box running,
blowing that box away isn't going to fix the problem.  The problem is with
one of the other 2 boxes.

There are 2 things I don't see in here.  Is the logon.bat file in the
\netlogon share of the _samba_ box now?  Or is it still on the NT box?  This
_is_ rather important. :)
Second, do you have the 98 box setup to login to the new Samba based domain?
I know that's a rather silly one at this stage, but I don't recal that ever
being explicitly said so I needed to ask to make sure.

I have 2 possible explanations for this, which I have, as yet, been unable
to test.  One is the possibility that the Samba box _still_ thinks it's part
of the NT domain and redirects the credentials to the NT box.  Although, to
be honest, I have never seen this problem before as most of the time the
Samba server that replaces the NT server isn't a member of the domain first.
It's just installed on the network as the PDC. So, I don't know that that
has ever been tested.  (Surely someone has done that, but I haven't.) I do
not think this the likely issue here.

The Win98 box is almost certainly the problem.  Win9x barely logs in to an
NT domain, much less moving to a new domain from an old one.  Best way to
diagnose this one is with a packet sniffer and look at the SMB calls made by
the client.  I can't tell you how many times I have had to uninstall TCP/IP
(and in some cases the NIC driver as well) on a Win9x client in order to get
it moved, or added, to a domain. Because 9x is more or less a hamstrung
version of NT (in fact it was _never_ designed to be used in a business
environment where you would encounter NT domains), it caches and stores alot
of stuff.  In the case of NT workstation, if the PDC isn't available, it
will search for a BDC.  This is also true of 9x but isn't as reliable.
There may be a reg hack that will fix the caching problem by fluching all
that data out, but I haven't found it and pulling all the networking
components and re-installing them have _always_ worked.  I would try that in
stead of blowing away your NT box.

-----Original Message-----
From: samba-ntdom-admin at lists.samba.org
[mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of Jet Set Willy
Sent: Monday, April 09, 2001 5:18 AM
To: McEldowney, Michael; 'Mark Haney'; samba-ntdom at samba.org
Subject: Re: (Was Caution Stoopid Newbie) - A better (Longer)

Well this problem just gets stranger and stranger....
I hate to say it and I am very sorry about it but I strongly
suspect that it wasn't *quite* as broken as I thought.
However there is definitely something strange going
on and I reckon it is a combination of the messages
that have been kindly suggested by everyone.

The samba machine *is* "logging" me in. I have remembered
to bring along my smb.conf and from this you can see my
logon script is called logon.bat (showing my ms background)
all this does is echo a whole load of lines so I can check
if it is being run or not  - it is ! However this only works
if I have the original NT machine switched on (remember
the first thing I did was turn it off ?) if I have the NT machine
turned off it won't allow logins at all - comes up with the
can't find the domain server etc etc message. Boot up
the NT machine and the samba machine is immediatly
happy and allows logins. So it looks like the samba machine
is still somehow tied in with the original NT PDC.

Thus tonights bonus task will be : Formating and reinstalling
the NT machine as a standalone within the domain.

Unless anyone knows better ?

Just for information here is my smb.conf file - don't really know
which are the important bits so I'm afraid this is everything with
one note - I do have two nw cards and eth1 card is the one
on the network ( the other is in preparation for cable modem)

# Samba config file created using SWAT
# from UNKNOWN (
# Date: 2001/04/08 14:39:01

# Global parameters
 workgroup = MYDOMAIN
 netbios name = My Machine
 netbios aliases = first second
 server string = Its the linux box!
 interfaces = eth1
 bind interfaces only = No
 security = USER
 encrypt passwords = Yes
 update encrypted = No
 allow trusted domains = Yes
 hosts equiv =
 min passwd length = 5
 map to guest = Never
 null passwords = No
 password server =
 smb passwd file = /etc/smbpasswd
 root directory = /
 passwd program = /bin/passwd
 passwd chat = *new*password* %n\n *new*password* %n\n *changed*
 passwd chat debug = No
 username map = /etc/user.map
 password level = 0
 username level = 0
 unix password sync = No
 restrict anonymous = No
 use rhosts = No
 log level = 0
 syslog = 1
 syslog only = No
 log file = /var/log/samba/log.%m
 max log size = 50
 timestamp logs = Yes
 debug hires timestamp = No
 debug pid = No
 debug uid = No
 protocol = NT1
 read bmpx = No
 read raw = Yes
 write raw = Yes
 nt smb support = Yes
 nt pipe support = Yes
 nt acl support = Yes
 announce version = 4.2
 announce as = NT
 max mux = 50
 max xmit = 65535
 name resolve order = lmhosts host wins bcast
 max packet = 65535
 max ttl = 259200
 max wins ttl = 518400
 min wins ttl = 21600
 time server = No
 change notify timeout = 60
 deadtime = 0
 getwd cache = Yes
 keepalive = 300
 lpq cache time = 10
 max disk size = 0
 max open files = 10000
 read prediction = No
 read size = 16384
 shared mem size = 1048576
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 stat cache size = 50
 load printers = Yes
 printcap name = /etc/printcap
 printer driver file = /etc/printers.def
 strip dot = No
 character set =
 mangled stack = 50
 coding system =
 client code page = 850
 stat cache = Yes
 domain groups =
 domain admin group =
 domain guest group =
 domain admin users =
 domain guest users =
 machine password timeout = 604800
 add user script =
 delete user script =
 logon script = logon.bat
 logon path =
 logon drive =
 logon home =
 domain logons = Yes
 os level = 65
 lm announce = Auto
 lm interval = 60
 preferred master = Yes
 local master = Yes
 domain master = Yes
 browse list = Yes
 dns proxy = Yes
 wins proxy = No
 wins server =
 wins support = Yes
 wins hook =
 kernel oplocks = Yes
 ole locking compatibility = Yes
 oplock break wait time = 10
 smbrun = /usr/bin/smbrun
 config file =
 preload =
 lock dir = /var/lock/samba
 default service =
 message command =
 dfree command =
 valid chars =
 remote announce =
 remote browse sync =
 socket address =
 homedir map =
 time offset = 0
 unix realname = No
 NIS homedir = No
 panic action =
 comment =
 path =
 alternate permissions = No
 revalidate = No
 username =
 guest account = nobody
 invalid users =
 valid users =
 admin users =
 read list =
 write list =
 force user =
 force group =
 read only = Yes
 create mask = 0744
 force create mode = 00
 security mask = -1
 force security mode = -1
 directory mask = 0755
 force directory mode = 00
 directory security mask = -1
 force directory security mode = -1
 guest only = No
 guest ok = No
 only user = No
 hosts allow =
 hosts deny =
 status = Yes
 max connections = 0
 min print space = 0
 strict sync = No
 sync always = No
 print ok = No
 postscript = No
 printing = bsd
 print command = lpr -r -P%p %s
 lpq command = lpq -P%p
 lprm command = lprm -P%p %j
 lppause command =
 lpresume command =
 queuepause command =
 queueresume command =
 printer name =
 printer driver = NULL
 printer driver location =
 default case = lower
 case sensitive = No
 preserve case = Yes
 short preserve case = Yes
 mangle case = No
 mangling char = ~
 hide dot files = Yes
 delete veto files = No
 veto files =
 hide files =
 veto oplock files =
 map system = No
 map hidden = No
 map archive = Yes
 mangled names = Yes
 mangled map =
 browseable = Yes
 blocking locks = Yes
 fake oplocks = No
 locking = Yes
 oplocks = Yes
 level2 oplocks = No
 oplock contention limit = 2
 strict locking = No
 share modes = Yes
 copy =
 include =
 exec =
 preexec close = No
 postexec =
 root preexec =
 root preexec close = No
 root postexec =
 available = Yes
 volume =
 fstype = NTFS
 set directory = No
 wide links = Yes
 follow symlinks = Yes
 dont descend =
 magic script =
 magic output =
 delete readonly = No
 dos filetimes = No
 dos filetime resolution = No
 fake directory create times = No

 comment = Home Directories
 read only = No
 create mask = 0750

 comment = All Printers
 path = /var/spool/samba
 print ok = Yes
 browseable = No

 comment = Temporary File space
 path = /tmp
 read only = No
 guest ok = Yes

 comment = Development Projects
 path = /home/projects
 read only = No
 create mask = 0750

 path = /home/the_d_drive
 read only = No

 comment = Updates for RPM Packages
 path = /var/lib/rpm/updates
 write list = @development
 read only = No

 comment = logon share
 path = /netlogon

More information about the samba-ntdom mailing list