[Samba] Samba as a PDC for W2K Network

Matt Hughes mhughes at inav.net
Wed Jun 19 12:27:22 GMT 2002

Yes, I have.  Just ran a check with Norton Anti-Virus (recent virus
definitions as well) and it detected nothing.  On a side note - Having
removed the Adaptec CD Burner Plug-In and Windows Media Player, the only
error message that Windows generates is "Error generated by winlogin.exe".
Not exactly much more than that to say.



-----Original Message-----
From: Thomas Klettke [mailto:thomask at aesbus.com]
Sent: Wednesday, June 19, 2002 10:31 AM
To: 'Matt Hughes'; samba at lists.samba.org
Subject: RE: [Samba] Samba as a PDC for W2K Network

Have checked your w2k computer for viruses lately?

Thomas Klettke
thomask at aesbus.com
Network Administrator
Aesbus Knowledge Solutions

-----Original Message-----
From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]On
Behalf Of Matt Hughes
Sent: Wednesday, June 19, 2002 12:24 PM
To: Thomas Klettke; samba at lists.samba.org
Subject: RE: [Samba] Samba as a PDC for W2K Network

You know, that is the oddest thing.  My coworker and I had gone over the
smb.conf file and  made sure that Domain Logons was in there but I checked
this morning and it was indeed absent.  Doh! I enabled that and
lo-and-behold...the PDC works!

Sort of.

I am able to get the computer to join the domain with no problems.  I then
reboot as it tells me and at the login prompt, I enter my user id and
password.  (I've double checked and these accounts do exist on the Samba
machine and are enabled for Samba).  I select INAVNET2 as the domain and hit
enter.  The "Loading your personal settings" screen comes up for a few
moments and then dissapears as it should.  I hear the generic login music
play and just when you would expect to see icons start popping up...the
computer reboots.

This is really darn odd.  I have been unable to find anything revelant in
the Samba logs which makes me think it's a Windows 2000 related error.  I
cleared out all the logs and repeated the process and found only this :

"The Cdralw2k service failed to start due to the following error : The
service cannot be started, either because it is disabled or because it has
no enabled devices associated with it."

According to some newsgroups, the Cdralw2k service is an Adaptec CD-Burner
plug-in for Windows Media Player.  Odd that I don't have a CD-Burner on this
machine but even odder is how it would effect logging in.  I removed the
Plug-In to see if it would solve the problem with no luck.  I then removed
all of Windows Media Player and still no luck.  Anyone have a clue?

Thanks in advance.


-----Original Message-----
From: Thomas Klettke [mailto:thomask at aesbus.com]
Sent: Tuesday, June 18, 2002 5:51 PM
To: Matt Hughes; samba at lists.samba.org
Subject: Re: [Samba] Samba as a PDC for W2K Network

Matt, you are at least missing:

    domain logons = yes

I'm not sure if that's the correct syntax, but that's where I would look at


----- Original Message -----
From: "Matt Hughes" <mhughes at inav.net>
To: <samba at lists.samba.org>
Sent: Tuesday, June 18, 2002 2:34 PM
Subject: [Samba] Samba as a PDC for W2K Network

> Hi all.  I hope someone here can help me with a bit of trouble I seem to
> having with Samba and Windows 2000.  Here's the deal:
> We are attempting to setup a Red Hat 7.3 machine (SYMPHONY2) running Samba
> 2.2.3a to act as a File Server and PDC for a number of Windows 2000
> workstations.  I have followed the instructions from
> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection.html but
> unfortunetly, that is not working.  I've attached my smb.conf file at the
> end of this email but I'll go through the rest of the stuff now.  We setup
> our Samba machine temporarily on a seperate network, INAVNET2 and that is
> what we are trying to connect to.
> From a Windows 2000 workstation (CORP), I try to change the Network
> Properties to join INAVNET2.  I recieve the message "The domain does not
> exist".  However, from that same machine I can browse with Network
> Neighborhood and see the INAVNET2 domain.  I can even get into the machine
> and browse a few of the directories.  Also, a 'net view /domain:INAVNET2'
> points me right to the Samba machine.
> I have setup a Machine Trust Account with the following commands with no
> success:
> /usr/sbin/useradd -g 100 -d /dev/null -c "corp" -s /bin/false corp$
> passwd -l corp$
> smbpasswd -a -m corp$
> I'm a little befuddled.  Any advice or something I may have missed in my
> smb.conf file?  Thanks a bundle in advance.
> [global]
>         workgroup = INAVNET2
>         netbios name = SYMPHONY2
>         server string = Samba %v on (%L)
>         encrypt passwords = Yes
>         obey pam restrictions = Yes
>         pam password change = Yes
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
>         unix password sync = Yes
>         log file = /var/log/samba/%m.log
>         max log size = 0
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> /bin/false -M %u
>         logon drive = H:        domain logons = Yes
>         os level = 64
>         preferred master = True
>         domain master = True
>         dns proxy = No
>         wins support = Yes
>         printing = lprng
> [homes]
>         comment = Home Directories
>         valid users = %S
>         read only = No
>         create mask = 0664
>         directory mask = 0775
>         browseable = No
> [printers]
>         comment = All Printers
>         path = /var/spool/samba
>         printable = Yes
>         browseable = No
> [netlogon]
>         comment = Necessary share for domain controller
>         path = /samba_shares/netlogon
>         admin users = admins
> [profiles]
>         comment = Share for storing user profiles
>         path = /samba_shares/profiles/
>         read only = No
>         create mask = 0600
>         directory mask = 0700
