WIN2K/SAMBA PDC
Greg J. Zartman
greg at kwikfind.com
Mon Mar 12 16:32:44 GMT 2001
You are definitely in the correct newsgroup for Samba PDC questions.
Here are a couple things that stick out when I look at your email:
1. I'd thin down your smb.conf file the bare minimums until you get things
working. For example, pull out all of the security stuff. You don't need
this to test your system.
2. Your nmbd log doesn't seem to be reporting that the samba box is
declaring itself the master browser. If nmbd is in fact working as a
master domain browser, you should get the statement:
****
Samba server netbios name is now a domain master browser for workgroup
workgroup name on subnet UNICAST_SUBNET
****
What are you using to resolve netbios names (DNS, and a windows WINS server,
LMHOSTS???) I'm using Bind8 on my setup.
3. Use the smbstatus utility on the samba machine to make sure that samba
can "see itself."
4. Be careful when you edit the smbpasswd file by hand. If you are new to
Unix (as I am), you will be surprised to learn that many of the Unix editors
can mess files like smbpasswd. I was using kedit to look at and edit files.
As it turns out, it was line wrapping my files and saving them that way. I
pulled my hair out for several days before discovering the problem. I now
use JOE to perform edits.
I can't stress enough the need to thin down your smb.conf file. You have
alot of the "bells and whistles" type parameters specified in you
configuration file. Unless you are a samba guru, you are going to have a
very difficult time troubleshooting. Get things going with just the
essential items and then start adding the more complex parameters. When I
first started with Samba, I had about four lines in my smb.conf file and
only one share. I highly recommend the Using Samba book that comes with the
your Samba source tree. You can find it in the docs directory (I read the
entire thing). It does a very good job at walking you through a simple,
barebones, setup and then on to more complex configurations.
Good luck.
Greg J. Zartman.
----- Original Message -----
From: "Elliot Mackenzie" <s354199 at student.uq.edu.au>
To: "SAMBA - NTDOM" <samba-ntdom at us5.samba.org>
Sent: Monday, March 12, 2001 3:38 AM
Subject: WIN2K/SAMBA PDC
> At this point I pray I have landed the right newsgroup.
>
> I (ultimately) want to run Samba as the PDC for my domain ADIXEIN.
>
> Samba system:
> - PII-300
> - RedHat 7.0 (new version of gcc, kernel 2.4.2 freshly compiled)
> - Samba 2.2 (CVS version recent as at 8PM EST 12-Mar-2001).
>
> Connecting system:
> - PIII-1G
> - Windows 2000 Professional SP1
>
> Domain information:
> - Domain: ADIXEIN
> - Server name: SERVER
> - Machine name: MACKA
>
> smb.conf as follows (located in /usr/local/samba/lib/)
> [root at gw lib]# tail -n 100 smb.conf
> # Global parameters
> [global]
> workgroup = ADIXEIN
> netbios name = SERVER
> server string = File server
> interfaces = 192.168.1.1/255.255.255.0
> add user script = /usr/sbin/adduser -n -g machines -c Machine -d
> /dev/null -s /bin/false %m$
> security = User
> domain logons = Yes
> domain master = Yes
> domain admin group = @adm
> domain admin users = root
> preferred master = Yes
> local master = Yes
> os level = 65
> wins support = Yes
> encrypt passwords = Yes
> passwd program = /usr/bin/passwd
> passwd chat debug = Yes
> unix password sync = Yes
> restrict anonymous = Yes
> log file = /var/log/samba/log.%m
> max log size = 50
> time server = Yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> strip dot = Yes
> dns proxy = No
> hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1/255.255.255.0
> hosts deny = 0.0.0.0/0.0.0.0
>
> <insert file shares>
> ########################END SMB.CONF
>
> Plus all the file shares (no Windows profiles etc are listed/used).
> root is a member of @adm.
>
> I can connect to the domain when I change the settings on MACKA such that
it
> joins a domain. As per the FAQ I connect as root with the root passwd.
It
> says "Welcome to ADIXEIN domain." or something to that effect.
>
> I reboot the Win2k machine, and attempt a login on ADIXEIN. I try this as
> root, as administrator and as macka. All attempts fail with the same
error:
>
> "The system cannot log you on to this domain because the system's computer
> account in its primary domain is missing or the password on that account
is
> incorrect."
>
> The adduser appears to work, I have macka$ listed in my smbpasswd (root is
> also listed in smbpasswd). The following is an extract of the logs (log
> level 20).
> ============================= LOG.MACKA
> [2001/03/12 20:47:14, 3] smbd/service.c:close_cnum(655)
> macka (192.168.1.4) closed connection to service IPC$
> [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54)
> Yielding connection to IPC$
> [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210)
> unbecome_user now uid=(0,0) gid=(0,0)
> [2001/03/12 20:47:14, 5] lib/util.c:show_msg(292)
> size=35
> smb_com=0x71
> smb_rcls=0
> smb_reh=0
> smb_err=0
> smb_flg=136
> smb_flg2=1
> [2001/03/12 20:47:14, 5] lib/util.c:show_msg(298)
> smb_tid=1
> smb_pid=65279
> smb_uid=100
> smb_mid=832
> smt_wct=0
> [2001/03/12 20:47:14, 5] lib/util.c:show_msg(308)
> smb_bcc=0
> [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(560)
> write_socket(12,39)
> [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(563)
> write_socket(12,39) wrote 39
> [2001/03/12 20:47:14, 10] lib/util_sock.c:read_socket_data(473)
> read_socket_data: recv of 4 returned 0. Error = Success
> [2001/03/12 20:47:14, 10] lib/util_sock.c:receive_smb(654)
> receive_smb: length < 0!
> [2001/03/12 20:47:14, 3] smbd/process.c:timeout_processing(1055)
> end of file from client
> [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210)
> unbecome_user now uid=(0,0) gid=(0,0)
> [2001/03/12 20:47:14, 2] smbd/server.c:exit_server(440)
> Closing connections
> [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54)
> Yielding connection to
> [2001/03/12 20:47:14, 3] smbd/server.c:exit_server(473)
> Server exit (normal exit)
> ====================================================
> =====================================LOG.NMBD
> [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0:
> ADIXEIN(1) current master browser = SERVER
> SERVER 400c9b2b (File server)
> MACKA 40011003 ()
> [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1:
> ADIXEIN(1) current master browser = UNKNOWN
> SERVER 40099b2b (File server)
> [2001/03/12 21:30:13, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> [2001/03/12 21:30:13, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> [2001/03/12 21:30:23, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> 192.168.1.1:
> found.
> [2001/03/12 21:30:23, 10]
> nmbd/nmbd_sendannounce.c:announce_myself_to_domain_mas
> ter_browser(406)
> announce_myself_to_domain_master_browser: t (984396613) -
last(984396029)
> < 90
> 0
> [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0:
> ADIXEIN(1) current master browser = SERVER
> SERVER 400c9b2b (File server)
> MACKA 40011003 ()
> [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1:
> ADIXEIN(1) current master browser = UNKNOWN
> SERVER 40099b2b (File server)
> [2001/03/12 21:30:23, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> [2001/03/12 21:30:23, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> ===============================================LOG.SMBD
> file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf
last
> mod_
> time: Mon Mar 12 20:15:16 2001
>
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-32 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-32-546 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-1 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-1-0 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-3 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-3-0 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-0-0 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-11 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-2 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-7 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-21-4264856688-2005356754-492243628
> ok
> [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1198)
> open_oplock_ipc: opening loopback UDP socket.
> [2001/03/12 20:46:20, 3] lib/util_sock.c:open_socket_in(870)
> bind succeeded on port 0
> [2001/03/12 20:46:20, 3]
smbd/oplock_linux.c:linux_init_kernel_oplocks(293)
> Linux kernel oplocks enabled
> [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1229)
> open_oplock ipc: pid = 5042, global_oplock_port = 1614
> [2001/03/12 20:46:20, 4] lib/time.c:TimeInit(110)
> Serverzone is -36000
> [2001/03/12 20:46:20, 10]
> lib/util_sock.c:read_smb_length_return_keepalive(602)
> got smb length of 68
> [2001/03/12 20:46:20, 2] lib/access.c:check_access(258)
> Allowed connection from macka.adixein.lnet (192.168.1.4)
> [2001/03/12 20:46:20, 6] smbd/process.c:process_smb(830)
> got message type 0x81 of len 0x44
> [2001/03/12 20:46:20, 3] smbd/process.c:process_smb(831)
> Transaction 0 of length 72
> [2001/03/12 20:46:20, 2] smbd/reply.c:reply_special(94)
> netbios connect: name1=SERVER name2=MACKA
> =======================================================
> Apologies for the really huge email guys. I suppose it saves me sending
> another one as soon as someone asks for the logs :)
>
> Any assistance will be much appreciated.
>
> Elliot.
>
>
>
>
More information about the samba-ntdom
mailing list