Unable to join Win2k Pro SP2 to Samba 2.2.2 PDC

Kohei Yoshida kyoshida at mesco.com
Wed Jan 9 05:55:14 GMT 2002 

On Wed, 2002-01-09 at 08:31, security at zule.ne.mediaone.net wrote:
> Hello,
> 	I have Samba 2.2.2 running on RedHat 7.1 acting as a PDC. I have
> successfully joined Win98 as well as NT4.0 stations into this domain but
> have been unable join any w2k devices. I have attempted both Pro and
> Server, with and without service packs. A sniffer trace shows that
> everytime the w2k machine tries to join the domain the PDC responds with
> NetLogon command 15 "Station not in Domain's Computer List". The win2k
> device just responds with a generic message along the lines of
> incorrect password or the domain cannot be contacted. Now I have been
> actively following
> the mailing lists and have attempted just about every suggestion that
> anyone has made in the past, but to no avail. If anyone has any
> suggestions I would greatly appreciate it. 
> 
> Best Regards,
> -Mark Persons

I found at least two things that are lacking here.  One is "add user
script" parameter in your global section, and a password entry for root
in your smbpasswd file (the password doesn't have to match the one in
/etc/passwd).  IIRC these two things are not necessary to have Win9x/ME
or WinNt clients, but you need them for win2k clients.  In other words,
you can't manually create machine accounts for win2k.

For details go to

http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.html#SAMBA-PDC

and look under section 8.4.2.

Kohei

> # Global parameters
> [global]
>         workgroup = XX
>         netbios name = kane
>         wins server = 172.16.200.203
> #       wins server = 172.16.200.208
>         interfaces = 172.16.200.203 127.0.0.1
>         bind interfaces only = yes
>         preferred master = yes
>         domain master = yes
>         local master = yes
> #       OS Level = 34
>         OS Level = 64
>        # remote announce = zeus
>         server string = Unix SMB Server on %h v%v
>         security = USER
>        # password server = apollo
>         encrypt passwords = yes
>         password level = 2
>         max log size = 100
>         dns proxy = No
>         restrict anonymous = no
>         name resolve order = lmhosts wins host bcast
>         create mask = 0777
>         force directory mode = 0777
>         locking = yes
>         log level = 2
>         log file = /var/log/samba/samba.log.%m
>         domain admin group = @wheel
>         domain logons = yes
> # These are the things I added from Dejanews
> #       max xmit = 65535
> #       strict sync = no
> #       strict locking = no
> #       hide files = no
> #       read raw = yes
> #       write raw = yes
> #       oplocks = yes
> #       dead time = 15
>         status = yes
> 
> 
>         socket options = TCP_NODELAY IPTOS_LOWDELAY
>         ; Security and file integrity related options
>         ;       Strict locking is available for paranoid locking
> situations only
>         ;        enabling this severely degrades read / write performance.
>         ;       strict locking = yes
>         ;       fake oplocks = yes
>         #share modes = yes
>         #veto files = /lost*/
>         #local master = no
> 
> [netlogon]
>         path=/usr/local/samba/lib/netlogon
>         writeable = no
>         write list = ntadmin
> 
> #
> # This is for automounted home dir's to appear in explorer windows
> #        homedir map = auto.home
> #        NIS homedir = yes
> [homes]
> comment = Home Directories
> read only = No
> browseable = No
> 
> #########################################################################################
> smbpasswd file:
> 
> 
> PC16$:602:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
> ]:LCT-00000000:PC16 PDCacct.
> NT1$:606:5AA6327063FA3C030040A3697CF771AB:5AA6327063FA3C030040A3697CF771AB:[W
> ]:LCT-3C027E47:
> PEPSI$:608:6FD92534BFEC8274AAD3B435B51404EE:6FC5929356B92633861B4610B93BDF61:[W
> ]:LCT-3C02A4A7:
> WPI1$:611:1AA2440BF558D6DB6B04BED96CEF7A9A:1AA2440BF558D6DB6B04BED96CEF7A9A:[W
> ]:LCT-3C0C030F:
> mark123456789123456789:613:36F821466A974D4DAAD3B435B51404EE:E95F5EE42AB18DC4D888C0E01185EDDF:[UX
> ]:LCT-3C1693D2:
> NT8$:615:AD8B1B2EBCC270E14BBF4C76B543B521:AD8B1B2EBCC270E14BBF4C76B543B521:[W
> ]:LCT-3C17B697:
> NT4$:616:E756DE8A52AB0E43A2C5E4312B855720:E756DE8A52AB0E43A2C5E4312B855720:[W
> ]:LCT-3C17B682:
> test1:617:E88D94D6EBD10FC7AAD3B435B51404EE:AACD12D27C87CAC8FC0B8538AED6F058:[UX
> ]:LCT-3C18CE62:
> NAS1$:621:CDB971CFC905E273B8AE461DCB9ABAB3:CDB971CFC905E273B8AE461DCB9ABAB3:[W
> ]:LCT-3C3A2631:
> NAS3$:622:78F0B678048D3E85945A9FB83D0882C9:78F0B678048D3E85945A9FB83D0882C9:[W
> ]:LCT-3C3A2B6B:
> NAS2$:623:4A6C776B39FDD6B42B5C67ABC85AAE9C:4A6C776B39FDD6B42B5C67ABC85AAE9C:[W
> ]:LCT-3C3A1E4C:
> test2:624:E3FDADCB358C2967AAD3B435B51404EE:0E8231621F574D3636255FF36DD86C9C:[UX
> ]:LCT-3C3A1FFB:
> test3:625:3DB7B914FAE75EC0AAD3B435B51404EE:ED78E4BEE2001D143286284067C3BE3F:[UX
> ]:LCT-3C3A299D:
> ACTON$:626:83E65F76765BC107AAD3B435B51404EE:5C0598D154404189430AECE40C351C50:[W
> ]:LCT-00000000:
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list