problems with samba-tng 2.5.3 & win2k
Balogh Attila
bat at matav.net
Wed Mar 7 22:38:26 GMT 2001
hello all,
i'm trying to run samba-tng 2.5.3 on solaris 8 intel. i have 2 problems.
- first one: win2k ws domain joins:
i hacked around a day with no success - i also read a lots of emails
regarding this topic -
tell me if i'm wrong, but i don't have to add the win2k hosts by using
smbpasswd. it should be
made with samedit. but, i get a weird error message, which says that i
cannot create the named
domain user. let's say i want to add a host named 'ebcws01' so i create a
unix user for this
account 'ebcws01$' and after i do a createuser with samedit. i can create
simple user accounts
with samedit with no problem, but no computer accounts.
i try to log into the domain with a win2k with the 'root' account i
created on the samba box,
and i get an error: something like 'this is a computer account, and i
should use my local
or domain user account to join.'
after one day without any success i tried to use the good old smbpasswd
which came with 2.0.7
(and the -m swith works like it was meant to work) and created a computer
account into the
2.5.3-s smbpasswd file. and - whoops - magically the win2k joins the
domain w/o problems.
alltrough it works for me, i'm not quite sure, that it's really the right
way.
beacuse of the operator staff, i had to create a simple web interface -
which allows
creating users, and hosts - which can join the domain. it stores the
accounts in a mysql
database, and every 10 minutes generates the files (passwd/shadow, group)
and invokes
both smbpasswds. one for the updating the user passwords, the other one to
add host-accounts
to smbpasswd. the last one is only invoked if there's a new host to add to
the system.
i can port it to do this job via samedit, but - as shown above - the
host-account creation
does not work anyway.
- second one: domain logons
all the needed daemons are running, the [netlogon] and [profiles] share
has been created,
and sometimes the users can login. but - in the 75% of the cases - they
get an error message,
that windows can't find/don't has the right to create/modify the
profiles/username share,
and my per unix group login script also fail to start.
i checked out the log.netlogon and saw that the
var/locks/.(something)/netlogon socket cannot be
removed(?) and another funny lines about changing the file creation
permissions, and something
about "checking the RID(?)".
please, help. the first problem is only an interesting issue, but the
second one disables my
system's operation - it cannot serve any user requests, only the "guest"
accessible shares
can be used.
thanks,
bat
More information about the samba-ntdom
mailing list