[Samba] Samba PDC on FreeBSD problem?

Erik Ranà ranajas at hotmail.com
Thu Mar 14 06:31:07 GMT 2002 

Problem: Samba running as a PDC on a FreeBSD, the clients can connect 
without computer accounts and browse the shares in the domain.

Should the PDC allow that?
As far as i have understood the PDC should refuse since the computer 
does not have a account in the domain regardless that the user have a 
user account?
Can it somehow be that i have named the computers as the users, user bob 
with computer bob
But samba shuld not do that since it require a $ and W istead of U in 
smbpasswd file?

Also i get this in the samba.log???
[2002/03/13 16:08:49, 0] smbd/password.c:domain_client_validate(1517)
  domain_client_validate: could not fetch trust account password for 
domain DOMAIN

/Erik Ranà

--copy of  smb.conf--
[global]
   log level = 10
 
   message command = cat %s | logger -t message-%U@%f -p local3.notice &
   netbios name = PDC
   workgroup = DOMAIN
   server string = Samba server
   hosts allow =  10.0.0.0/255.0.0.0 172.16.0.0/255.248.0.0 
192.168.0.0/255.255.0.0
 
 
;  for NT domain
   domain master = yes
   preferred master = yes
   os level = 64
   local master = yes
   domain logons = yes
 
   wins support = no
   wins server = 10.0.0.12
   wins proxy = yes
 
   security = domain
   null passwords = no
 
;  Preparation for encrypted passwords
   smb passwd file = /etc/samba/smbpasswd
   update encrypted = no
   encrypt passwords = yes
 
   guest account = nobody
   passwd program = /usr/local/bin/smbpasswd
 

   socket options = TCP_NODELAY
 
   printing = BSD
   print command = lpr -h -r -P%p %s >> /tmp/print.log
   load printers = yes
 
;2.2.2 new functions
;disable spoolss
;Setting this parameter causes Samba to go back to the old 2.0.x
;LANMAN printing behaviour, for people who wish to disable the
;new SPOOLSS pipe.
 
;2.2.2 new functions
   use client driver = yes
;Causes Windows NT/2000 clients to need have a local printer driver
;installed and to treat the printer as local.
 
   # protection against nimbda virus
   # This can break Administration installations of Office2k.
   # in that case, don't veto the riched20.dll
   veto files = /*.eml/*.nws/riched20.dll/
  
   #protection agains files with CLSID in their filename
   veto files = /*.{*}/
 
   log file = /var/log/samba.log
   log level = 1
  
   lock directory = /usr/local/samba/var/locks
 
   character set = ISO8859-1
 
   mangle case = no
   case sensitive = no
   preserve case = yes
   short preserve case = yes
 
   wide links = no
 
   time server = yes
 
   oplocks = yes
   level2 oplocks = yes
 
;  logon path = \\%N\%U\.profiles\%U
;logon path är för roaming profiles
   logon drive = h:
   logon home = \\%N\%U\.profile\%U
   logon script = /etc/samba/netlogon/netlogon.bat
 
;necessary share for domain controller
   [netlogon]
   path = /usr/local/samba/lib/netlogon
   read only = yes
   write list = @ntadmin

 
[www]
   comment = Web files at www.mydomain.com
   browseable = yes
   path = /backup/http/www.mydomain.com
   public = no
   read only = no
   force group = webmasters
   force create mode = 0664
   force directory mode = 0775
 
[homes]
   comment = My webpage
   browseable = no
   path = %H/.html
   public = no
   read only = no

More information about the samba mailing list