Unable to join Win2k Pro SP2 to Samba 2.2.2 PDC
Kohei Yoshida
kyoshida at mesco.com
Wed Jan 9 05:55:14 GMT 2002
On Wed, 2002-01-09 at 08:31, security at zule.ne.mediaone.net wrote:
> Hello,
> I have Samba 2.2.2 running on RedHat 7.1 acting as a PDC. I have
> successfully joined Win98 as well as NT4.0 stations into this domain but
> have been unable join any w2k devices. I have attempted both Pro and
> Server, with and without service packs. A sniffer trace shows that
> everytime the w2k machine tries to join the domain the PDC responds with
> NetLogon command 15 "Station not in Domain's Computer List". The win2k
> device just responds with a generic message along the lines of
> incorrect password or the domain cannot be contacted. Now I have been
> actively following
> the mailing lists and have attempted just about every suggestion that
> anyone has made in the past, but to no avail. If anyone has any
> suggestions I would greatly appreciate it.
>
> Best Regards,
> -Mark Persons
I found at least two things that are lacking here. One is "add user
script" parameter in your global section, and a password entry for root
in your smbpasswd file (the password doesn't have to match the one in
/etc/passwd). IIRC these two things are not necessary to have Win9x/ME
or WinNt clients, but you need them for win2k clients. In other words,
you can't manually create machine accounts for win2k.
For details go to
http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.html#SAMBA-PDC
and look under section 8.4.2.
Kohei
> # Global parameters
> [global]
> workgroup = XX
> netbios name = kane
> wins server = 172.16.200.203
> # wins server = 172.16.200.208
> interfaces = 172.16.200.203 127.0.0.1
> bind interfaces only = yes
> preferred master = yes
> domain master = yes
> local master = yes
> # OS Level = 34
> OS Level = 64
> # remote announce = zeus
> server string = Unix SMB Server on %h v%v
> security = USER
> # password server = apollo
> encrypt passwords = yes
> password level = 2
> max log size = 100
> dns proxy = No
> restrict anonymous = no
> name resolve order = lmhosts wins host bcast
> create mask = 0777
> force directory mode = 0777
> locking = yes
> log level = 2
> log file = /var/log/samba/samba.log.%m
> domain admin group = @wheel
> domain logons = yes
> # These are the things I added from Dejanews
> # max xmit = 65535
> # strict sync = no
> # strict locking = no
> # hide files = no
> # read raw = yes
> # write raw = yes
> # oplocks = yes
> # dead time = 15
> status = yes
>
>
> socket options = TCP_NODELAY IPTOS_LOWDELAY
> ; Security and file integrity related options
> ; Strict locking is available for paranoid locking
> situations only
> ; enabling this severely degrades read / write performance.
> ; strict locking = yes
> ; fake oplocks = yes
> #share modes = yes
> #veto files = /lost*/
> #local master = no
>
> [netlogon]
> path=/usr/local/samba/lib/netlogon
> writeable = no
> write list = ntadmin
>
> #
> # This is for automounted home dir's to appear in explorer windows
> # homedir map = auto.home
> # NIS homedir = yes
> [homes]
> comment = Home Directories
> read only = No
> browseable = No
>
> #########################################################################################
> smbpasswd file:
>
>
> PC16$:602:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
> ]:LCT-00000000:PC16 PDCacct.
> NT1$:606:5AA6327063FA3C030040A3697CF771AB:5AA6327063FA3C030040A3697CF771AB:[W
> ]:LCT-3C027E47:
> PEPSI$:608:6FD92534BFEC8274AAD3B435B51404EE:6FC5929356B92633861B4610B93BDF61:[W
> ]:LCT-3C02A4A7:
> WPI1$:611:1AA2440BF558D6DB6B04BED96CEF7A9A:1AA2440BF558D6DB6B04BED96CEF7A9A:[W
> ]:LCT-3C0C030F:
> mark123456789123456789:613:36F821466A974D4DAAD3B435B51404EE:E95F5EE42AB18DC4D888C0E01185EDDF:[UX
> ]:LCT-3C1693D2:
> NT8$:615:AD8B1B2EBCC270E14BBF4C76B543B521:AD8B1B2EBCC270E14BBF4C76B543B521:[W
> ]:LCT-3C17B697:
> NT4$:616:E756DE8A52AB0E43A2C5E4312B855720:E756DE8A52AB0E43A2C5E4312B855720:[W
> ]:LCT-3C17B682:
> test1:617:E88D94D6EBD10FC7AAD3B435B51404EE:AACD12D27C87CAC8FC0B8538AED6F058:[UX
> ]:LCT-3C18CE62:
> NAS1$:621:CDB971CFC905E273B8AE461DCB9ABAB3:CDB971CFC905E273B8AE461DCB9ABAB3:[W
> ]:LCT-3C3A2631:
> NAS3$:622:78F0B678048D3E85945A9FB83D0882C9:78F0B678048D3E85945A9FB83D0882C9:[W
> ]:LCT-3C3A2B6B:
> NAS2$:623:4A6C776B39FDD6B42B5C67ABC85AAE9C:4A6C776B39FDD6B42B5C67ABC85AAE9C:[W
> ]:LCT-3C3A1E4C:
> test2:624:E3FDADCB358C2967AAD3B435B51404EE:0E8231621F574D3636255FF36DD86C9C:[UX
> ]:LCT-3C3A1FFB:
> test3:625:3DB7B914FAE75EC0AAD3B435B51404EE:ED78E4BEE2001D143286284067C3BE3F:[UX
> ]:LCT-3C3A299D:
> ACTON$:626:83E65F76765BC107AAD3B435B51404EE:5C0598D154404189430AECE40C351C50:[W
> ]:LCT-00000000:
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list