WIN2K/SAMBA PDC
Elliot Mackenzie
s354199 at student.uq.edu.au
Sun Mar 25 22:53:58 GMT 2001
I finally identified the problem. I was keeping up to date with the CVS
distributions, but was consistently getting the same error. The error
seemed characteristic of the error that some users reported when using an
old CVS snapshot with Win2k service pack 1 machines - and indeed this was
the case. Somehow my CVS snapshot got corrupted and some files were not
being updated (I presume at least those related to Win2k logons). I got a
very new CVS snapshot (from scratch) and the problem disappeared - without
any changes to my smb.conf at all.
However as per the recommendation below I chucked half of my smb.conf out
anyway :)
Thanks Greg.
M.
======================END MSG
I can't stress enough the need to thin down your smb.conf file. You have
alot of the "bells and whistles" type parameters specified in you
configuration file. Unless you are a samba guru, you are going to have a
very difficult time troubleshooting. Get things going with just the
essential items and then start adding the more complex parameters. When I
first started with Samba, I had about four lines in my smb.conf file and
only one share. I highly recommend the Using Samba book that comes with the
your Samba source tree. You can find it in the docs directory (I read the
entire thing). It does a very good job at walking you through a simple,
barebones, setup and then on to more complex configurations.
Good luck.
Greg J. Zartman.
----- Original Message -----
From: "Elliot Mackenzie" <s354199 at student.uq.edu.au>
To: "SAMBA - NTDOM" <samba-ntdom at us5.samba.org>
Sent: Monday, March 12, 2001 3:38 AM
Subject: WIN2K/SAMBA PDC
> At this point I pray I have landed the right newsgroup.
>
> I (ultimately) want to run Samba as the PDC for my domain ADIXEIN.
>
> Samba system:
> - PII-300
> - RedHat 7.0 (new version of gcc, kernel 2.4.2 freshly compiled)
> - Samba 2.2 (CVS version recent as at 8PM EST 12-Mar-2001).
>
> Connecting system:
> - PIII-1G
> - Windows 2000 Professional SP1
>
> Domain information:
> - Domain: ADIXEIN
> - Server name: SERVER
> - Machine name: MACKA
>
> smb.conf as follows (located in /usr/local/samba/lib/)
> [root at gw lib]# tail -n 100 smb.conf
> # Global parameters
> [global]
> workgroup = ADIXEIN
> netbios name = SERVER
> server string = File server
> interfaces = 192.168.1.1/255.255.255.0
> add user script = /usr/sbin/adduser -n -g machines -c Machine -d
> /dev/null -s /bin/false %m$
> security = User
> domain logons = Yes
> domain master = Yes
> domain admin group = @adm
> domain admin users = root
> preferred master = Yes
> local master = Yes
> os level = 65
> wins support = Yes
> encrypt passwords = Yes
> passwd program = /usr/bin/passwd
> passwd chat debug = Yes
> unix password sync = Yes
> restrict anonymous = Yes
> log file = /var/log/samba/log.%m
> max log size = 50
> time server = Yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> strip dot = Yes
> dns proxy = No
> hosts allow = 192.168.1.0/255.255.255.0 127.0.0.1/255.255.255.0
> hosts deny = 0.0.0.0/0.0.0.0
>
> <insert file shares>
> ########################END SMB.CONF
>
> Plus all the file shares (no Windows profiles etc are listed/used).
> root is a member of @adm.
>
> I can connect to the domain when I change the settings on MACKA such that
it
> joins a domain. As per the FAQ I connect as root with the root passwd.
It
> says "Welcome to ADIXEIN domain." or something to that effect.
>
> I reboot the Win2k machine, and attempt a login on ADIXEIN. I try this as
> root, as administrator and as macka. All attempts fail with the same
error:
>
> "The system cannot log you on to this domain because the system's computer
> account in its primary domain is missing or the password on that account
is
> incorrect."
>
> The adduser appears to work, I have macka$ listed in my smbpasswd (root is
> also listed in smbpasswd). The following is an extract of the logs (log
> level 20).
> ============================= LOG.MACKA
> [2001/03/12 20:47:14, 3] smbd/service.c:close_cnum(655)
> macka (192.168.1.4) closed connection to service IPC$
> [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54)
> Yielding connection to IPC$
> [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210)
> unbecome_user now uid=(0,0) gid=(0,0)
> [2001/03/12 20:47:14, 5] lib/util.c:show_msg(292)
> size=35
> smb_com=0x71
> smb_rcls=0
> smb_reh=0
> smb_err=0
> smb_flg=136
> smb_flg2=1
> [2001/03/12 20:47:14, 5] lib/util.c:show_msg(298)
> smb_tid=1
> smb_pid=65279
> smb_uid=100
> smb_mid=832
> smt_wct=0
> [2001/03/12 20:47:14, 5] lib/util.c:show_msg(308)
> smb_bcc=0
> [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(560)
> write_socket(12,39)
> [2001/03/12 20:47:14, 6] lib/util_sock.c:write_socket(563)
> write_socket(12,39) wrote 39
> [2001/03/12 20:47:14, 10] lib/util_sock.c:read_socket_data(473)
> read_socket_data: recv of 4 returned 0. Error = Success
> [2001/03/12 20:47:14, 10] lib/util_sock.c:receive_smb(654)
> receive_smb: length < 0!
> [2001/03/12 20:47:14, 3] smbd/process.c:timeout_processing(1055)
> end of file from client
> [2001/03/12 20:47:14, 3] smbd/sec_ctx.c:set_sec_ctx(310)
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2001/03/12 20:47:14, 5] smbd/uid.c:unbecome_user(210)
> unbecome_user now uid=(0,0) gid=(0,0)
> [2001/03/12 20:47:14, 2] smbd/server.c:exit_server(440)
> Closing connections
> [2001/03/12 20:47:14, 3] smbd/connection.c:yield_connection(54)
> Yielding connection to
> [2001/03/12 20:47:14, 3] smbd/server.c:exit_server(473)
> Server exit (normal exit)
> ====================================================
> =====================================LOG.NMBD
> [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0:
> ADIXEIN(1) current master browser = SERVER
> SERVER 400c9b2b (File server)
> MACKA 40011003 ()
> [2001/03/12 21:30:13, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1:
> ADIXEIN(1) current master browser = UNKNOWN
> SERVER 40099b2b (File server)
> [2001/03/12 21:30:13, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> [2001/03/12 21:30:13, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> [2001/03/12 21:30:23, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> 192.168.1.1:
> found.
> [2001/03/12 21:30:23, 10]
> nmbd/nmbd_sendannounce.c:announce_myself_to_domain_mas
> ter_browser(406)
> announce_myself_to_domain_master_browser: t (984396613) -
last(984396029)
> < 90
> 0
> [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet 192.168.1.1: netmask= 255.255.255.0:
> ADIXEIN(1) current master browser = SERVER
> SERVER 400c9b2b (File server)
> MACKA 40011003 ()
> [2001/03/12 21:30:23, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(292)
> dump_workgroups()
> dump workgroup on subnet UNICAST_SUBNET: netmask= 192.168.1.1:
> ADIXEIN(1) current master browser = UNKNOWN
> SERVER 40099b2b (File server)
> [2001/03/12 21:30:23, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> [2001/03/12 21:30:23, 4]
> nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(164)
> find_workgroup_on_subnet: workgroup search for ADIXEIN on subnet
> UNICAST_SUBNE
> T: found.
> ===============================================LOG.SMBD
> file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf
last
> mod_
> time: Mon Mar 12 20:15:16 2001
>
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-32 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-32-546 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-1 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-1-0 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-3 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-3-0 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-0-0 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-11 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-2 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-7 ok
> [2001/03/12 20:46:20, 7] lib/util_sid.c:string_to_sid(352)
> string_to_sid: converted SID S-1-5-21-4264856688-2005356754-492243628
> ok
> [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1198)
> open_oplock_ipc: opening loopback UDP socket.
> [2001/03/12 20:46:20, 3] lib/util_sock.c:open_socket_in(870)
> bind succeeded on port 0
> [2001/03/12 20:46:20, 3]
smbd/oplock_linux.c:linux_init_kernel_oplocks(293)
> Linux kernel oplocks enabled
> [2001/03/12 20:46:20, 3] smbd/oplock.c:init_oplocks(1229)
> open_oplock ipc: pid = 5042, global_oplock_port = 1614
> [2001/03/12 20:46:20, 4] lib/time.c:TimeInit(110)
> Serverzone is -36000
> [2001/03/12 20:46:20, 10]
> lib/util_sock.c:read_smb_length_return_keepalive(602)
> got smb length of 68
> [2001/03/12 20:46:20, 2] lib/access.c:check_access(258)
> Allowed connection from macka.adixein.lnet (192.168.1.4)
> [2001/03/12 20:46:20, 6] smbd/process.c:process_smb(830)
> got message type 0x81 of len 0x44
> [2001/03/12 20:46:20, 3] smbd/process.c:process_smb(831)
> Transaction 0 of length 72
> [2001/03/12 20:46:20, 2] smbd/reply.c:reply_special(94)
> netbios connect: name1=SERVER name2=MACKA
> =======================================================
> Apologies for the really huge email guys. I suppose it saves me sending
> another one as soon as someone asks for the logs :)
>
> Any assistance will be much appreciated.
>
> Elliot.
>
>
>
>
More information about the samba-ntdom
mailing list