[Samba] Samba 2.23a PDC

Thomas Kirk thomas at arkena.com
Wed Jul 10 03:27:02 GMT 2002

Hey there Listmembers

Im writing this because i havnt been able to solve my problem.
Im trying to set up a samba server as PDC and im using samba 2.2.3a
from debian "woody". ive attached my smb.conf file. 

The problem :

When i try to join a win2k box to the domain i get this error :

"The specified network passwords is not correct" Ofcourse ive
doublecheck if the password im using is ok and it is.

Here is the output from log.smb :

   Requested protocol [Windows for Workgroups 3.1a]
  negprot index=5
  Home server: nas
  smb_password_ok: Checking SMB password for user root
  smb_password_ok: challenge received
  smb_password_ok: Checking NT MD4 password
  smb_password_ok: NT MD4 password check succeeded
  smb_pam_start: PAM: Init user: root
  smb_pam_start: PAM: setting rhost to: mads
  smb_pam_start: PAM: setting tty
  smb_pam_start: PAM: Init passed for user: root
  smb_pam_account: PAM: Account Management for User: root
  smb_pam_account: PAM: Account OK for User: root
  smb_pam_end: PAM: PAM_END OK.
  user token sid S-1-5-11
  Clearing default real name
  User name: root       Real name: root
  smb_pam_start: PAM: Init user: root
  smb_pam_start: PAM: setting tty
  smb_pam_start: PAM: Init passed for user: root
  smb_pam_end: PAM: PAM_END OK.
  Chained message
  Got device type ?????
  authorise_login: ACCEPTED: guest account and guest ok (nobody)
  get_current_groups: user is in 1 groups: 65534
  get_current_groups: user is in 1 groups: 65534
  get_share_security: using default secdesc for IPC$
  se_access_check: also S-1-5-11
  Initialising default vfs hooks
  Can't become connected user!
  Yielding connection to IPC$
  error string = No such file or directory
  Transaction 3 of length 43
  smb_pam_start: PAM: Init user: root
  smb_pam_start: PAM: setting tty
  smb_pam_start: PAM: Init passed for user: root
  smb_pam_end: PAM: PAM_END OK.
  receive_smb error (Success) exiting
  Closing connections
  Yielding connection to 
  Server exit (normal exit)

I dont really know what this means? If anyone could help it would be
really cool. Please mail me for additional information or higher
loglevel output (this is 4 i think?)

smb.conf :


# Change this for the workgroup/NT-domain name your Samba server will part of
   netbios name = NAS
   workgroup = TEST
   os level = 64
   preferred master = yes
   domain master = yes
   local master = yes
   interfaces =
   domain logons = yes
   add user script = /usr/sbin/useradd  -d /dev/null -s /bin/false -g 900 %u
   domain admin group = root

# where to store user profiles?
   logon path = \\$N\$U\.profile

 ; where is a user's home directory and where should it be mounted at?
    logon drive = H:
    logon home = \\%N\%U

# server string is the equivalent of the NT Description field
   server string = %h server (Samba %v)

   invalid users = root

# This tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/log.%m

# Debug level
   log level = 5

# Put a capping on the size of the log files (in Kb).
   max log size = 1000

# If you want Samba to log though syslog only then set the following
# parameter to 'yes'. Please note that logging through syslog in
# Samba is still experimental.
;   syslog only = no

# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smb,nmb} instead. If you want to log
# through syslog you should set the following parameter to something higher.
   syslog = 0

# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# security_level.txt for details.
;   security = user

# You may wish to use password encryption. Please read ENCRYPTION.txt,
# Win95.txt and WinNT.txt in the Samba documentation. Do not enable this
# option unless you have read those documents
   encrypt passwords = yes

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
;   include = /home/samba/etc/smb.conf.%m

# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
# You may want to add the following on a Linux system:
#         SO_RCVBUF=8192 SO_SNDBUF=8192
   socket options = TCP_NODELAY

# --- Browser Control Options ---

# Please _read_ BROWSING.txt and set the next four parameters according
# to your network setup. The defaults are specified below (commented
# out.) It's important that you read BROWSING.txt so you don't break
# browsing in your network!

# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
;   local master = yes

# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
;   os level = 20

# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
;   domain master = auto

# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
;   preferred master = auto

# --- End of Browser Control Options ---

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
;   wins support = no

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
;   wins server = w.x.y.z

# This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

# What naming service and in what order should we use to resolve host names
# to IP addresses
   name resolve order = lmhosts host wins bcast

# Name mangling options
;   preserve case = yes
;   short preserve case = yes
# This boolean parameter controlls whether Samba attempts to sync. the Unix
# password with the SMB password when the encrypted SMB password in the
# /etc/samba/smbpasswd file is changed.
;   unix password sync = false

# For Unix password sync. to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Augustin Luton <aluton at hybrigenics.fr> for
# sending the correct chat script for the passwd program in Debian Potato).
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .

# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
;   pam password change = no

# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
;   message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

   obey pam restrictions = yes

# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
;   winbind uid = 10000-20000
;   winbind gid = 10000-20000
;   template shell = /bin/bash

#======================= Share Definitions =======================

   comment = Home Directories
   browseable = no

# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
   writable = yes

# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
   create mask = 0700

# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
   directory mask = 0700

# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)

   comment = Network Logon Service
   path = /raid/filserver/netlogon
   guest ok = yes
   writable = no
   share modes = no
   read only = yes
   write list = ntadmin,root,administrator

#    path = /raid/samba/ntprofile
#    read only = no
#    create mask = 0600
#    directory mask = 0700

Venlig hilsen/Kind regards
Thomas Kirk

BOFH excuse #331:

those damn racoons!

More information about the samba mailing list