Samba PDC and Win2K client

Chad R. Larson chad at
Tue Jan 1 22:16:02 GMT 2002

Ok, I'm pretty much stumped.

I've got Samba 2.2.2 on a FreeBSD 2.2.8-STABLE system that's pretty
well behaving itself.  It prints, it serves up shares, etc.

It also thinks it is the PDC for a DCF domain here in my house, as
well as the Master Browser and a WINS server.  All of that works
ducky with Win9x systems.  But I cannot get my Win2K Pro notebook to
join the domain, no matter how much I try.

1)  The notebook says "Login failure: unknown user name or bad
2)  A tethereal trace shows the PDC saying "NETLOGON SAM Response -
    user unknown" in the midst of a bunch of SMB session setup
3)  The log file for the client shows:
| [2002/01/01 21:47:30, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(672)
|   api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.
| [2002/01/01 21:47:30, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(171)
|   startsmbfilepwent_internal: unable to open file /usr/local/private/smbpasswd
|   Error was Permission denied
| [2002/01/01 21:47:30, 0] passdb/pdb_smbpasswd.c:pdb_getsampwrid(1459)
|   unable to open passdb database.
4)  If I force the permissions on the smbpasswd file to be something
    other than 600, some process sets them back.

5)  The smb and nmb daemons are running as root, the files in
    /usr/local/private are readable by root.  Each time an attempt
    fails, the secrets.tdb file is altered.

6)  The smbpasswd command seems to work fine, adding and deleting
    users and all, so the smbd =can= get to and alter the file.  (BTW,
    what does an 'X' in the attributes field mean?)

So, it looks to me like some process running as not-root is trying
to read the password file and failing, and then passing the failure
back up the stream.

Attached is my smb.conf file.  Any help would be appreciated.

Chad R. Larson (CRL15)   602-953-1392   Brother, can you paradigm?
chad at         chad at          larson1 at
DCF, Inc. - 14623 North 49th Place, Scottsdale, Arizona 85254-2207
-------------- next part --------------
# Samba config file created using SWAT
# from (
# Date: 2002/01/01 21:26:36

# Global parameters
	workgroup = DCF
	netbios name = FREEWAY
	server string = DCF, Inc. Samba Server
	encrypt passwords = Yes
	min passwd length = 8
	username map = /usr/local/etc/
	log file = /var/log/SMB/log.%m
	max log size = 50
	name resolve order = wins bcast hosts
	time server = Yes
	max open files = 500
	domain logons = Yes
	os level = 64
	preferred master = True
	domain master = True
	wins support = Yes
	kernel oplocks = No
	remote announce =
	hosts allow = 192.168.1.

	comment = The domain login service
	path = /var/log/SMB/
	browseable = No

	comment = Home Directories
	read only = No
	browseable = No

	comment = Temporary file space
	path = /tmp
	read only = No
	guest ok = Yes

	comment = Deskjet 520 PCL
	path = /tmp
	printable = Yes

	comment = DeskJet 520 with Ghostscript
	path = /tmp
	printable = Yes
	postscript = Yes

More information about the samba-ntdom mailing list