problems with samba-tng 2.5.3 & win2k

[Balogh Attila]

hello all,

i'm trying to run samba-tng 2.5.3 on solaris 8 intel. i have 2 problems.

- first one: win2k ws domain joins:
  i hacked around a day with no success - i also read a lots of emails
regarding this topic -
  tell me if i'm wrong, but i don't have to add the win2k hosts by using
smbpasswd. it should be
  made with samedit. but, i get a weird error message, which says that i
cannot create the named
  domain user. let's say i want to add a host named 'ebcws01' so i create a
unix user for this
  account 'ebcws01$' and after i do a createuser with samedit. i can create
simple user accounts
  with samedit with no problem, but no computer accounts.
  i try to log into the domain with a win2k with the 'root' account i
created on the samba box,
  and i get an error: something like 'this is a computer account, and i
should use my local
  or domain user account to join.'

  after one day without any success i tried to use the good old smbpasswd
which came with 2.0.7
  (and the -m swith works like it was meant to work) and created a computer
account into the
  2.5.3-s smbpasswd file. and - whoops - magically the win2k joins the
domain w/o problems.

  alltrough it works for me, i'm not quite sure, that it's really the right
way.
  beacuse of the operator staff, i had to create a simple web interface -
which allows
  creating users, and hosts - which can join the domain. it stores the
accounts in a mysql
  database, and every 10 minutes generates the files (passwd/shadow, group)
and invokes
  both smbpasswds. one for the updating the user passwords, the other one to
add host-accounts
  to smbpasswd. the last one is only invoked if there's a new host to add to
the system.

  i can port it to do this job via samedit, but - as shown above - the
host-account creation
  does not work anyway.

- second one: domain logons
  all the needed daemons are running, the [netlogon] and [profiles] share
has been created,
  and sometimes the users can login. but - in the 75% of the cases - they
get an error message,
  that windows can't find/don't has the right to create/modify the
profiles/username share,
  and my per unix group login script also fail to start.

  i checked out the log.netlogon and saw that the
var/locks/.(something)/netlogon socket cannot be
  removed(?) and another funny lines about changing the file creation
permissions, and something
  about "checking the RID(?)".

  please, help. the first problem is only an interesting issue, but the
second one disables my
  system's operation - it cannot serve any user requests, only the "guest"
accessible shares
  can be used.

thanks,

bat