let me say it really loud!!RE: can't login in mornings
chris at faredge.com.au
Tue Jan 23 23:57:52 GMT 2001
Chris Herrmann asks: and I replied:
> if you don't use server authentication, but try and log into a samba box
> it's own right how does it go?
**you mean not have it go thru the NT pDC? or what ? please
I mean, backup your smb.conf file, and then change password = server to
password = user.
Add a user:
smbpasswd -a someuser
where this user already exists in unix, and give them a password.
Try connecting to yourself from the samba server:
smbclient //sambaserver/share -U username
where the aforementioned user has permission to use the share. You'll need
to check this in two places - in the shares section of smb.conf, and on the
disk : ls -la will tell you who can do what.
If you can connect, then you've just done most of what isn't working for you
elsewhere, from the machine.
You should probably also try this before changing smb.conf to see what kind
of errors you get, but using a username from the domain.
> A couple of things that have made logins slow/problematic for us in the
**here I have answered these questions:
> - Novell / IPX
** we are using novell netware on the wire too...!!!
I know. That's why I mentioned it. Unfortunately my solution was to get rid
> - Default protocol order - you don't want a client to try and find the
> server first by ipx and then by ip, as it will time out before the server
** default protocol order, in what ? the samba server? or the win9x
boxes? we do not use NT workstation here at this company....
In Windows 9x/NT you can set a protocol to be the default protocol. Open up
TCP/IP and tell it to be the default protocol.
> - Does the samba server announce itself?
** remote announce? yes it does, in this way: remote announce =
what is discflo? I'm not sure if you can use an acl for this. The IP address
looks right though. We don't use it because it's the only smb server, but
our relevant section looks like:
; remote browse sync = 192.168.3.25 192.168.5.255
; remote announce = 192.168.1.255 192.168.2.44
local master = yes
os level = 33
domain master = yes
preferred master = yes
domain logons = yes
domain admin group = ntdomadm
logon script = login.bat
Note that we're a PDC here - you don't want to copy our PDC settings into
the smb.conf file that is trying to talk to the NT PDC - they'll have a
fight with each other.
A couple of other thoughts - Have you added the samba machine to the
domain - there's a process you have to go through to actually add the samba
server to the domain. Not sure where the doco is for it though...
> - Can you do a reverse lookup on clients - samba tries to do this, and if
> doesn't find the name fast enough the client will miss the response.
** I am a little insure what you mean by a reverse lookup, there are
something I am still learning the terms to... I can ping by netbios name
When you ping a netbios name, what returns? Ideally you should get either an
IP, or a fully qualified address. If not, samba may be telling workstations
to go away because it can't verify who they are. There have been several
posts earlier today on ways to get around this - browse through them for
> see lots of broken pipe/connection messages in machine.log
** have looked for machine.log, can't find it. looking for samba
where machine name == name_of_computer
should be in /var/log/samba
and will either be:
The samba log is:
and well as nmb.log in the same place.
More information about the samba