NT 4.0 TSE and Samba PDC

Tom Aeby tomae at sfi.ch
Fri Feb 2 14:34:32 GMT 2001 

As far as I can see in the mailing list archive a number of samba users
successfully use
Windows TSE with Samba PDC.  I am trying now for about half a year to
move one installation
from an NT PDC to a Samba PDC. More or less the same effect with Samba
2.0.6 and Samba
2.2.0 alpha2: Joining the domain is no problem, authentication basically
works (I can share a
resource on the TSE machine, then access this resource via a Samba user)
BUT interactive
logon persistently fails with the usual "... bad password ..." message.
Logon via an NT 4.0
Workstation part of the Samba domain works as expected.

The samba log / network traces show that when someone tries to log on
from the NT WS the PDC gets
a "SAM Logon" of type "Interactive" while the NT TSE requests one of
type "Network" followed
by a bunch of other pipe requests. The Samba PDC in the first case
answers with a data block
containing user information (such as profile/home paths ...) while in
the second case only a
very small answer is sent (normal?)

The NT TSE machine is running Metaframe+UIS (X11), Service Pack 6.

I've tried applying the "nttrans.c" patch from Andy with no effect. Are
there any other hints?
Any other known problems?

If someone is interested I can provide you with network traces of a TSE
logon trial and a successful
NT WS logon and the respective samba logs. The config file I'm using is
attached .

Any hint appreciated, thanks a lot in advance!

Kind regards,
Tom
-----------------snipp------------------------------------------------------

[global]
   workgroup = HEAVEN
;   keep alive = 30
   os level = 40
   security = user
   encrypt passwords = yes
   log file = /var/log/samba.log
   debug level = 400
;   preserve case = yes
   domain logons = yes
;   domain admin group = @root
;   logon script = logon.bat
guest ok = yes

  interfaces = 131.102.46.229/255.255.0.0


[netlogon]
   browseable = no
   read only = yes
   path = /tmp

[homes]
   oplocks = False
   comment = Heimatverzeichnis
   browseable = no
   read only = no
   create mode = 0750

More information about the samba-ntdom mailing list