[Samba] ARGH!!! Samba and Re-installing Windows 2000
James Kreuziger
jkreuzig at massun.peds.mc.uci.edu
Mon Apr 15 19:47:02 GMT 2002
Ok, I'll try the questions again and hopefully get
some help.
Current setup:
Samba 2.2.3a running on Solaris 8 set up as a PDC.
Various systems running Windows 95/98/NT 4.0.
TRYING to add new Windows 2000 machines.
Problem is, when I add the new machines to the domain,
the group "DOMAIN\unix_group.2147483404" gets added to
both the Administrators group and Users group. So domain
users start with Administrator rights! If I remove
the "DOMAIN\unix_group.2147483404" group from the Administrators
group, it mucks thinks up bad enough to require a reinstall
of Win2k. I'd like to think that this is not a required
feature of using Samba with Win2k. I would like to restrict
users to the same rights as normal users, so I can lock down
who can install software on each individual machine. As it
stands now, I can't do that.
Now for the new part. I've managed to get Win2k re-installed,
and I'm still having problems. When I try to join the domain
is when I have problems. I'm successful in joing the domain,
but after reboot is when weird things happen. The
"DOMAIN\unix_group.2147483404" is back in the Administrators
group. Whoever logs into the domain through THIS SPECIFIC
MACHINE gets logged on, and all of the mapped shares show up
with the "red x" through them. This indicates that the shares
are not logged into. However, the shares can be accessed. If
I set log level = 3 (or greater) it shows a number of the following:
[2002/04/15 19:21:53, 4] smbd/password.c:password_ok(602)
Null passwords not allowed.
Followed by:
[2002/04/15 19:21:53, 2] smbd/service.c:make_connection(328)
Invalid username/password for share_name [samba]
These messages occur for each share I have, with the samba
user being my guest user. Funny thing, the samba (guest) user
can log in and the same messages appear. If I bump up the log level
high enough, I start getting the following:
[2002/04/12 17:07:40, 2] smbd/service.c:make_connection(328)
Invalid username/password for share_name [samba]
[2002/04/12 17:07:40, 3] smbd/error.c:error_packet(103)
error packet at smbd/reply.c(167) cmd=117 (SMBtconX) NT_STATUS_WRONG_PASSWORD
I have my logs set up by machine (log file =
/samba/current/var/log.smbd.%m) and I don't see this in any other
log file. I've tried a number of things, including
dropping out of the domain and re-joining, and this still
occurs ONLY ON THIS ONE MACHINE!
I'm really pulling my hair out, because nothing seems to
work right. I might add that this is the only problem
that I have had with samba that I haven't been able to
get solved by reading the newsgroup or emailing someone.
So far, I've had nothing but good luck using samba.
I'm including the global section of my smb.conf, if it
helps.
Thanks,
-Jim
*************************************************
Jim Kreuziger
jkreuzig at uci.edu
*************************************************
# Global parameters
[global]
# include = /samba/current/lib/smb.conf.%U
workgroup = <DOMAIN>
preexec = csh -c `echo /usr/local/samba/bin/smbclient \
-M %m -I %I` &
server string = Samba %v on (%L)
security = user
domain logons = yes
encrypt passwords = Yes
password level = 3
log level = 1
log file = /samba/current/var/log.smbd.%m
wins support = Yes
name resolve order = wins hosts lmhosts bcast
dns proxy = yes
deadtime = 30
keepalive = 120
client code page = 437
os level = 65
preferred master = Yes
domain master = Yes
guest account = samba
invalid users = root daemon bin sys lp smtp uucp nuucp listen dcs
consult dumper nobody
# invalid users = daemon bin sys lp smtp uucp nuucp listen dcs
consult dumper nobody
veto oplock files = /*.mdb/*.dbm/*.doc/*.xls
socket options = TCP_NODELAY IPTOS_LOWDELAY
getwd cache = yes
logon script = %U.bat
logon path = \\server\profile\%U
remote announce = <IP ADDRESS>/<DOMAIN>
utmp = True
# utmp consolidate = yes
username map = /samba/current/lib/usermap.txt
# config file = /samba/current/lib/smb.conf.%U
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list