Unable to join Win2k Pro SP2 to Samba 2.2.2 PDC

Kohei Yoshida kyoshida at mesco.com
Wed Jan 9 06:18:07 GMT 2002 

On Wed, 2002-01-09 at 09:00, security at zule.ne.mediaone.net wrote:
> Thanks,
> 	As far as the add user script is concerned, I had not gotten
> the point of impelementing that yet. In the mean time I just manually add
> users using the "useradd" command and then execute the command:
> smbpasswd -a "username"
> smbpasswd -e "username"

Unfortunately there is no other way to join win2k without using "add
user script".  So you need to go ahead and implement it.  Just to
clarify, "add user script" is for adding *machine accounts*, not for
adding ordinary *users* (I know it's a bit confusing).  For adding
users, your method is the way to go.

> 	Here is the root entry in the smbpasswd file, I just did not send
> it with the original post:
> 
> root:0:AAD3B435B51404EEAAD3B435B51404EE:31D6CFE0D16AE931B73C59D7E0C089C0:[U
> ]:LCT-3C3A1FE6:root,,,

Oh, Okay.  Looks good to me.

> Thanks again,
> -Mark
> On 9 Jan 2002, Kohei Yoshida wrote:
> 
> > On Wed, 2002-01-09 at 08:31, security at zule.ne.mediaone.net wrote:
> > > Hello,
> > > 	I have Samba 2.2.2 running on RedHat 7.1 acting as a PDC. I have
> > > successfully joined Win98 as well as NT4.0 stations into this domain but
> > > have been unable join any w2k devices. I have attempted both Pro and
> > > Server, with and without service packs. A sniffer trace shows that
> > > everytime the w2k machine tries to join the domain the PDC responds with
> > > NetLogon command 15 "Station not in Domain's Computer List". The win2k
> > > device just responds with a generic message along the lines of
> > > incorrect password or the domain cannot be contacted. Now I have been
> > > actively following
> > > the mailing lists and have attempted just about every suggestion that
> > > anyone has made in the past, but to no avail. If anyone has any
> > > suggestions I would greatly appreciate it. 
> > > 
> > > Best Regards,
> > > -Mark Persons
> > 
> > I found at least two things that are lacking here.  One is "add user
> > script" parameter in your global section, and a password entry for root
> > in your smbpasswd file (the password doesn't have to match the one in
> > /etc/passwd).  IIRC these two things are not necessary to have Win9x/ME
> > or WinNt clients, but you need them for win2k clients.  In other words,
> > you can't manually create machine accounts for win2k.
> > 
> > For details go to
> > 
> > http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.html#SAMBA-PDC
> > 
> > and look under section 8.4.2.
> > 
> > Kohei
> > 
> > > # Global parameters
> > > [global]
> > >         workgroup = XX
> > >         netbios name = kane
> > >         wins server = 172.16.200.203
> > > #       wins server = 172.16.200.208
> > >         interfaces = 172.16.200.203 127.0.0.1
> > >         bind interfaces only = yes
> > >         preferred master = yes
> > >         domain master = yes
> > >         local master = yes
> > > #       OS Level = 34
> > >         OS Level = 64
> > >        # remote announce = zeus
> > >         server string = Unix SMB Server on %h v%v
> > >         security = USER
> > >        # password server = apollo
> > >         encrypt passwords = yes
> > >         password level = 2
> > >         max log size = 100
> > >         dns proxy = No
> > >         restrict anonymous = no
> > >         name resolve order = lmhosts wins host bcast
> > >         create mask = 0777
> > >         force directory mode = 0777
> > >         locking = yes
> > >         log level = 2
> > >         log file = /var/log/samba/samba.log.%m
> > >         domain admin group = @wheel
> > >         domain logons = yes
> > > # These are the things I added from Dejanews
> > > #       max xmit = 65535
> > > #       strict sync = no
> > > #       strict locking = no
> > > #       hide files = no
> > > #       read raw = yes
> > > #       write raw = yes
> > > #       oplocks = yes
> > > #       dead time = 15
> > >         status = yes
> > > 
> > > 
> > >         socket options = TCP_NODELAY IPTOS_LOWDELAY
> > >         ; Security and file integrity related options
> > >         ;       Strict locking is available for paranoid locking
> > > situations only
> > >         ;        enabling this severely degrades read / write performance.
> > >         ;       strict locking = yes
> > >         ;       fake oplocks = yes
> > >         #share modes = yes
> > >         #veto files = /lost*/
> > >         #local master = no
> > > 
> > > [netlogon]
> > >         path=/usr/local/samba/lib/netlogon
> > >         writeable = no
> > >         write list = ntadmin
> > > 
> > > #
> > > # This is for automounted home dir's to appear in explorer windows
> > > #        homedir map = auto.home
> > > #        NIS homedir = yes
> > > [homes]
> > > comment = Home Directories
> > > read only = No
> > > browseable = No
> > > 
> > > #########################################################################################
> > > smbpasswd file:
> > > 
> > > 
> > > PC16$:602:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
> > > ]:LCT-00000000:PC16 PDCacct.
> > > NT1$:606:5AA6327063FA3C030040A3697CF771AB:5AA6327063FA3C030040A3697CF771AB:[W
> > > ]:LCT-3C027E47:
> > > PEPSI$:608:6FD92534BFEC8274AAD3B435B51404EE:6FC5929356B92633861B4610B93BDF61:[W
> > > ]:LCT-3C02A4A7:
> > > WPI1$:611:1AA2440BF558D6DB6B04BED96CEF7A9A:1AA2440BF558D6DB6B04BED96CEF7A9A:[W
> > > ]:LCT-3C0C030F:
> > > mark123456789123456789:613:36F821466A974D4DAAD3B435B51404EE:E95F5EE42AB18DC4D888C0E01185EDDF:[UX
> > > ]:LCT-3C1693D2:
> > > NT8$:615:AD8B1B2EBCC270E14BBF4C76B543B521:AD8B1B2EBCC270E14BBF4C76B543B521:[W
> > > ]:LCT-3C17B697:
> > > NT4$:616:E756DE8A52AB0E43A2C5E4312B855720:E756DE8A52AB0E43A2C5E4312B855720:[W
> > > ]:LCT-3C17B682:
> > > test1:617:E88D94D6EBD10FC7AAD3B435B51404EE:AACD12D27C87CAC8FC0B8538AED6F058:[UX
> > > ]:LCT-3C18CE62:
> > > NAS1$:621:CDB971CFC905E273B8AE461DCB9ABAB3:CDB971CFC905E273B8AE461DCB9ABAB3:[W
> > > ]:LCT-3C3A2631:
> > > NAS3$:622:78F0B678048D3E85945A9FB83D0882C9:78F0B678048D3E85945A9FB83D0882C9:[W
> > > ]:LCT-3C3A2B6B:
> > > NAS2$:623:4A6C776B39FDD6B42B5C67ABC85AAE9C:4A6C776B39FDD6B42B5C67ABC85AAE9C:[W
> > > ]:LCT-3C3A1E4C:
> > > test2:624:E3FDADCB358C2967AAD3B435B51404EE:0E8231621F574D3636255FF36DD86C9C:[UX
> > > ]:LCT-3C3A1FFB:
> > > test3:625:3DB7B914FAE75EC0AAD3B435B51404EE:ED78E4BEE2001D143286284067C3BE3F:[UX
> > > ]:LCT-3C3A299D:
> > > ACTON$:626:83E65F76765BC107AAD3B435B51404EE:5C0598D154404189430AECE40C351C50:[W
> > > ]:LCT-00000000:
> > > 
> > > 
> > > 
> > > -- 
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > 
> > 
> > 
> 
>

More information about the samba mailing list