Weird problem with Windows NT 4 Workstation & Samba PDC
Allan Jensen
alj at terma.dk
Wed Mar 18 14:51:52 GMT 1998
Hi there,
First, forgive me for writing immediately after joining a list, but I've
fought with Samba for 3 full days now, and people here have lost a bit of
their patience with Samba as a PDC.
The summary:
Server : Samba 1.9.18p3, under Solaris 2.5.1 on a Sparcstation IPX, no
patches, running NIS.
Clients : Windows 95 / NT4-SP3 Workstation, logging on to a NT 3.51 PDC
(for the time being) - accounts and passwords are manually synchronized
by each user between the NIS and the NT domain.
My problem is, that the PDC function doesn't seem to work. I (should) use
encrypted passwords, but I've added the NT4 registry entry for being able
to talk 'plain text' Samba<->NT4.
The problem is this :
I go to Start->Run on my NT4, type \\Sparc5 (the name of my server) - I
instantly get an Access Denied. I can type \\Sparc5\tmp and it tells me
that the network path doesn't exist. But if I do a smbstatus, I see this:
Samba version 1.9.18p3
Service uid gid pid machine
----------------------------------------------
tmp alj users 10489 ntp3 (172.22.32.105) Wed Mar 18 14:25:12 1998
So I should be logged in, right?
Even 'funnier' - I go to a command shell and type:
net use p: \\sparc5\tmp
And it maps the drive, regardless of that it just said that the network
path didn't exist!
I can do a 'dir \\sparc5\tmp' or 'dir p:\' without any problems. smbclient
works without any problems at all.
I can't join the domain from within NT4, nor can I use any of the NT4
tools to browse the domain. I can see it the domain in Network
Neighbourhood, and I can also _see_ Sparc5 within the domain, but I can't
open it. The only thing I can is to do a Properties on it - then it tells
me it's a Windows NT 5.4 Primary Domain Controller.
Can anyone tell me what is wrong here? I'm getting _real_ frustrated with
this, because it doesn't really make any sense that it allows me access in
one way, but not another!
All files are located within /users/alj/samba and downwards (just during
the testing phase - I'll recompile it later)
Flags used when compiling:
Using CFLAGS =
-O
-DNTDOMAIN
-DSYSLOG
-DSMBLOGFILE="/users/alj/samba/var/log.smb"
-DNMBLOGFILE="/users/alj/samba/var/log.nmb"
-DCONFIGFILE="/users/alj/samba/lib/smb.conf"
-DLMHOSTSFILE="/users/alj/samba/lib/lmhosts"
-DWEB_ROOT="/users/alj/samba"
-DLOCKDIR="/users/alj/samba/var/locks"
-DSMBRUN="/users/alj/samba/bin/smbrun"
-DCODEPAGEDIR="/users/alj/samba/lib/codepages"
-DWORKGROUP="WORKGROUP"
-DGUEST_ACCOUNT="nobody"
-DDRIVERFILE="/users/alj/samba/lib/printers.def"
-DSUNOS5
-DSHADOW_PWD
-DNETGROUP
-DFAST_SHARE_MODES
-DALLOW_CHANGE_PASSWORD
-DSMBGETPASS
-DSMB_PASSWD="/users/alj/samba/bin/smbpasswd"
-DSMB_PASSWD_FILE="/users/alj/samba/private/smbpasswd"
The smbpasswd file contains (amongst other things) this:
alj:234:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:Allan Jensen:/users/alj:/bin/bash
ntp3$:60001:NO PASSWORDXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:ntp3$:/:
(my NT4 client is called ntp3, by the way)
The output of testparm is:
Load smb config files from /users/alj/samba/lib/smb.conf
Processing section "[homes]"
Processing section "[printers]"
No path in service printers - using /tmp
Processing section "[tmp]"
Loaded services file OK.
Press enter to see a dump of your service definitions
# Global parameters
debuglevel = 2
syslog = 1
syslog only = No
protocol = NT1
security = USER
max disk size = 0
lpq cache time = 10
announce as = NT
encrypt passwords = Yes
getwd cache = Yes
read prediction = No
read bmpx = Yes
read raw = Yes
write raw = Yes
use rhosts = No
load printers = No
null passwords = Yes
strip dot = No
interfaces = 172.22.4.5/255.255.0.0
bind interfaces only = Yes
networkstation user login = Yes
password server =
socket options =
netbios name = SPARC5
netbios aliases =
smbrun = /users/alj/samba/bin/smbrun
log file = /users/alj/samba/log/log.%m
config file =
smb passwd file = /users/alj/samba/private/smbpasswd
hosts equiv =
preload =
server string = Samba Server
printcap name = /etc/printcap
lock dir = /users/alj/samba/var/%h/locks
root directory = /
default service =
message command =
dfree command =
passwd program = /users/alj/samba/bin/smbpasswd
passwd chat = *old*password* %o\n *new*password* %n\n *new*password* %n\n *changed*
valid chars =
workgroup = SIMBADOM
domain sid = S-1-5-21-666-666-666
domain other sids =
domain groups =
domain controller = Yes
domain admin users = alj
domain guest users = nobody
domain hosts allow =
domain hosts deny =
username map =
character set =
logon script =
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map =
announce version = 4.2
max log size = 50
mangled stack = 50
max mux = 50
max xmit = 65535
max packet = 65535
password level = 10
username level = 0
keepalive = 0
deadtime = 0
time offset = 0
read size = 16384
shared mem size = 102400
coding system =
client code page = 850
os level = 66
max ttl = 14400
max wins ttl = 259200
min wins ttl = 21600
lm announce = Auto
lm interval = 60
dns proxy = Yes
wins support = Yes
wins proxy = No
wins server =
preferred master = Yes
local master = Yes
domain master = Yes
domain logons = Yes
browse list = Yes
unix realname = No
NIS homedir = No
time server = No
printer driver file = /users/alj/samba/lib/printers.def
# Default service parameters
comment =
copy =
include =
exec =
postexec =
root preexec =
root postexec =
alternate permissions = No
revalidate = No
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = No
mangle case = No
mangling char = ~
browseable = Yes
available = Yes
path =
username =
guest account = nobody
invalid users =
valid users =
admin users =
read list =
write list =
volume =
force user =
force group =
read only = Yes
max connections = 0
min print space = 0
create mask = 0744
force create mode = 00
directory mask = 0755
force directory mode = 00
set directory = No
status = Yes
hide dot files = Yes
delete veto files = No
veto files =
hide files =
veto oplock files =
guest only = No
guest ok = No
print ok = No
postscript = No
map system = No
map hidden = No
map archive = Yes
locking = Yes
strict locking = No
share modes = Yes
oplocks = Yes
only user = No
wide links = Yes
follow symlinks = Yes
sync always = No
mangled names = Yes
fake oplocks = No
printing = bsd
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
lppause command =
lpresume command =
printer =
printer driver = NULL
printer driver location =
hosts allow = 172.22.
hosts deny =
dont descend =
magic script =
magic output =
mangled map =
delete readonly = No
dos filetimes = No
dos filetime resolution = No
[homes]
comment = Home Directories
browseable = No
read only = No
create mask = 0775
[printers]
comment = All Printers
browseable = No
path = /tmp
create mask = 0700
print ok = Yes
[tmp]
comment = Temporary file space
path = /tmp
read only = No
guest ok = Yes
[IPC$]
comment = IPC Service (Samba Server)
path = /tmp
status = No
guest ok = Yes
If you can figure out why this isn't working, I'll be _very_ happy indeed!
Thanks in advance.
Best regards,
---------------------------------------------------
Allan Jensen Email: alj at terma.dk
TERMA Elektronik AS Phone: +45 8622 2000
Hovmarken 4-6 Fax: +45 8622 2799
DK-8520 Lystrup, Denmark
---------------------------------------------------
More information about the samba
mailing list