AW: [Samba] Login from win2k client to samba PDC

Markus PISTAUER (CISC) m.pistauer at cisc.at
Wed Apr 2 17:10:33 GMT 2003


John,

thanks for that hint. It did not kill the server by you are perfectly right.
I changed this and restarted the "smb" and "nmb" deamons - unfortunately
with the same result.

When I watch e.g. the status with "swat" I see as follows after trying with:

smbclient -U <user> -L win2k1

(what is strange since I connect as different user and not "nobody") The
connectiosn seems to be up, no errro in the logs but all is referring to
that user "nobody". I even have added "nobody" to the smbpasswd (but as you
can guess this did not help either).

Also I get the well known message "session setup failed:
NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE"

Cut from SWAT (Status page):

------------8<--------------

Active Connections
PID  Client  IP address
--------------------------------------
4654 win2k1  192.168.xx.xx .....

Active Shares
Share User   Group  PID  Client  Date
--------------------------------------
IPC$  nobody nobody 4654 win2k1  .....

------------8<---------------



Do you have an other idea?

Thank you
	Markus





"John H Terpstra" <jht at samba.org> schrieb im Newsbeitrag
news:<20030402162023$4954 at gated-at.bofh.it>...
> On Wed, 2 Apr 2003, Markus PISTAUER (CISC) wrote:
>
> > Dear Eric,
> >
> > thanks for your answer. I have non of the items you defined in the
global
> > section. There is also no error in the log file. So I'm realy at the end
of
> > my "know-how"  (if any ...)
> >
> > My global section is:
> > ---------8<---------
> > [global]
> >         workgroup = TEST
> >         netbios aliases = TEST
>
> The above will kill your server! You can NOT have the workgroup name and a
> machine name that are the same.
>
> - John T.
>
> >         encrypt passwords = Yes
> >         log level = 3
> >         log file = /data/samba/log/samba.log.%m
> >         max log size = 100
> >         max xmit = 17384
> >         domain admin group = @root
> >         logon script = logon.bat %U %G %L
> >         logon path = \\sambasrv\profiles\%U
> >         logon home = /data/samba/data/users/%U
> >         domain logons = Yes
> >         os level = 34
> >         preferred master = True
> >         domain master = True
> >         map system = Yes
> >         map hidden = Yes
> > ---------8<---------
> >
> > Thanks, any other hint is very welcome
> >
> > Markus
> >
> >
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Eric Halverson [mailto:ehalverson at dchs.us]
> > > Gesendet: Mittwoch, 02. April 2003 18:48
> > > An: Markus PISTAUER (CISC)
> > > Cc: Samba List
> > > Betreff: Re: [Samba] Login from win2k client to samba PDC
> > >
> > >
> > > Do you have either of the following defined in your global section:
> > >
> > > write list
> > > valid users
> > >
> > > also look in your log files for that machine to see if you're getting
an
> > > error about invalid user nobody.  I was getting the same error because
I
> > > defined those variables in the global section, which of course made
the
> > > user nobody invalid as well as whoever else was undefined (including
the
> > > machine account).
> > >
> > > On Wed, 2003-04-02 at 02:58, Markus PISTAUER (CISC) wrote:
> > > > I have joined my win2k client machines (win2k professional or win2k
> > > > professional server) to my PDC. This worked fine and I did all
> > > recommended
> > > > as e.g. in the HOWTO
> > > > http://hr.uoregon.edu/davidrl/samba/samba-pdc.html#joining.
> > > >
> > > > So far I can also login localy to the win2k client machines
> > > using a local
> > > > account and connect a network drive from the PDC using a valid
> > > account on
> > > > the PDC (as given in the "smbpasswd" file)
> > > >
> > > > I have done all major steps:
> > > >
> > > > passwd file:
> > > > 	added users and machine accounts (as user <machine>$)
> > > > smbpasswd file:
> > > > 	added users with 'smbpasswd -a <user>'
> > > > 	added machines with 'smbpasswd -a <machine>
> > > > 	added user 'root' to smbpasswd
> > > > smb.conf:
> > > > 	all the necessary settings done (I can post the smb.conf if
> > > requested)
> > > >
> > > >
> > > > The problem:
> > > > ------------
> > > > If I try to login on the domain using the win2k client machine
> > > (selecting
> > > > the domain instead of the local machine name the login window) I
cannot
> > > > connect to the domain and get the error message:
> > > >    The system cannot log you on to this domain because the system's
> > > >    computer account in its primary domain is missing or the password
on
> > > >    that account is incorrect
> > > >
> > > >
> > > > My environments settings:
> > > > -------------------------
> > > > I'm using Samba 2.2.5 (release 160), win2k prof with SP3 or no
> > > SP, classic
> > > > authentication on the PDC. Linux Kernel is 2.4.19 (Build 174).
> > > > I have also tried 2.2.8 with same failure.
> > > >
> > > > Any help would be VERY appreciated.
> > > >
> > > > Thanks
> > > >
> > > > Markus Pistauer
> > > > mailto:m.pistauer at cisc.at
> > > >
> > > >
> >
> >
>
> --
> John H Terpstra
> Email: jht at samba.org
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba



More information about the samba mailing list