[Fwd: Member Samba server of Samba domain not working correctly.]

Theodore J. Soldatos theodore at eexi.gr
Thu Apr 19 12:59:09 GMT 2001


Hello,

The problem described in the following mail still exists in 2.2.0 
release, so i send it again as i got no responce the first time. Nothing 
has changed, except from the Samba version (2.2.0 instead of 2.2.0-alpha3).

Thanks again,

T.

-------- Original Message --------

Hello,

I'm using Samba 2.2.0alpha3, running on 2.2.18 kernel with Linux ACLs 
enabled. The problem appears in both WinNT 4.0 and Win2000 clients.

I have 2 servers: The first (Yeb, 10.0.170.7) is the PDC. Clients can 
login as expected, change file permissions etc. The second (Yog, 
10.0.170.8) is the file server. Home directories and profiles reside in 
this server. I have created the Yog machine account in Yeb and joined 
the domain (from Yog) using "smbpasswd -j TEST_DOMAIN". No errors, the 
record in smbpasswd of Yeb updated.

In the Samba 2.2 PDC FAQ there was a mention of a SID file which is 
created when a Samba server joins a Samba domain, which in my case it 
should be TEST_DOMAIN.YOG.SID. The FAQ is not very clear about that 
file. In the private directory of both servers i can find a MACHINE.SID 
file only, i am not sure if this is correct.

When i open the TEST_DOMAIN domain from a client (Network Neighborhood), 
both servers appear under TEST_DOMAIN. If i check the properties of the 
machines, the "Domain:" field of Yeb displays (correctly) "TEST_DOMAIN", 
but the same field on Yog displays "YOG". The result of all that is that 
when i try to change file permissions of files residing on the file 
server (Yog), the client looks for the domain controller of the YOG 
domain, which is wrong (and not found, of course), so the TEST_DOMAIN 
user list is not available.. If i try to do the same on files either on 
the PDC or on the local disk, i'm getting the correct user list from 
TEST_DOMAIN.

In short, the member server appears to be partially member of 
TEST_DOMAIN and partially (and mostly) member of a non-existent domain 
which has the same name with itself.

Here are some files:

The Yeb (PDC, 10.0.170.7) smb.conf:
--- Cut here --- 
   [global] 
   local master = yes
   preferred master = yes
   domain master = yes
       security = user
       status = yes
       workgroup = TEST_DOMAIN
       wins support = yes
       encrypt passwords = yes
       domain logons =yes
       logon script = scripts\%U.bat
       domain admin group = @adm
       add user script = /usr/sbin/useradd -g machines -c Machine -d 
/dev/null -s /bin/false %m$   
   delete user script = /usr/sbin/userdel %m$
       guest account = ftp
       share modes=no
       os level=65
   username map = /usr/local/samba/lib/users.map
   log file = /usr/local/samba/var/log.%m
   logon home = "\\YOG\%U"
   logon path = "\\YOG\%U\profile"
       [homes]
   writeable = yes
       guest ok = no
       read only = no
       create mask = 0744
       directory mask = 0744
       force create mode = 0744
       force directory mode = 0744
   inherit permissions = yes
       oplocks = false
       locking = no
       [netlogon]
       path = /usr/local/samba/netlogon
       writeable = no
       guest ok = no
--- cut here ---

The Yog (file server, 10.0.170.8) smb.conf:

--- Cut here ---   
   [global] 
   workgroup = TEST_DOMAIN
       security = DOMAIN
       status = yes
       wins support = no
   wins server = 10.0.170.7
       encrypt passwords = yes
       domain logons = no
   password server = 10.0.170.7
       logon script = scripts\%U.bat
       domain admin group = @adm
       add user script = /usr/sbin/useradd -g machines -c Machine -d 
/dev/null -s /bin/false %m$   
   delete user script = /usr/sbin/userdel %m$
       guest account = ftp
       share modes=no
       os level=65
   username map = /usr/local/samba/lib/users.map
   netbios name = YOG
   log file = /usr/local/samba/var/log.%m

       [homes]
   writeable = yes
       guest ok = no
       read only = no
       create mask = 0744
       directory mask = 0744
       force create mode = 0744
       force directory mode = 0744
   inherit permissions = yes
       oplocks = false
       locking = no

       [netlogon]
       path = /usr/local/samba/netlogon
       writeable = no
       guest ok = no
--- cut here ---

The PDC wins.dat file (TSOL is a user account, VM2000 is a Win2000 client):
--- Cut here ---
VERSION 1 226698
"TEST_DOMAIN#00" 986220484 255.255.255.255 c4R
"TEST_DOMAIN#1b" 986219928 10.0.170.7 44R
"TEST_DOMAIN#1c" 986219928 10.0.170.7 c4R
"TEST_DOMAIN#1e" 986220484 255.255.255.255 c4R
"TSOL#03" 986259094 10.0.161.227 64R
"VM2000#00" 986253433 10.0.161.227 64R
"VM2000#03" 986253437 10.0.161.227 64R
"VM2000#20" 986253438 10.0.161.227 64R
"YEB#00" 986219928 10.0.170.7 46R
"YEB#03" 986219928 10.0.170.7 46R
"YEB#20" 986219928 10.0.170.7 46R
"YOG#00" 986220484 10.0.170.8 44R
"YOG#03" 986220484 10.0.170.8 44R
"YOG#20" 986220484 10.0.170.8 44R
--- cut here ---

Thanks in advance,

T.

-- 
Theodore=J.=Soldatos=_\_="There=is=always=a=bug=somewhere",=said==HAL=to=the==
=  theodore at eexi.gr =_/_==Ultimate=Programmer,=and=turned=off=the=air=supply.=
=   bafh at hellug.gr  =_\_="Everybody=knows=the=war=is=over,====================
=   tsol at space.gr   =_/_==everybody=knows=the=good=guys=lost"===Leonard=Cohen=
=====================_\_============ http://w4u.eexi.gr/~theodore ============
=== Space Hellas ====_/_=========== Finger: theodore at aurora.eexi.gr ==========


-- 
Theodore=J.=Soldatos=_\_="There=is=always=a=bug=somewhere",=said==HAL=to=the==
=  theodore at eexi.gr =_/_==Ultimate=Programmer,=and=turned=off=the=air=supply.=
=   bafh at hellug.gr  =_\_="Everybody=knows=the=war=is=over,====================
=   tsol at space.gr   =_/_==everybody=knows=the=good=guys=lost"===Leonard=Cohen=
=====================_\_============ http://w4u.eexi.gr/~theodore ============
=== Space Hellas ====_/_=========== Finger: theodore at aurora.eexi.gr ==========





More information about the samba-ntdom mailing list