[Samba] SAMBA and NT4 domain

Randy Grafton rgrafton at indatacorp.com
Thu Apr 24 01:20:52 GMT 2003 

I have replaced several NT servers with SAMBA on FreeBSD 4.7. The versions
of SAMBA vary from 2.2.7a to 2.2.8.
The SAMBA servers have been joined to the domain and show up as Windows NT
4.9 Server under Server Manager on NT. I am now down to two remaining NT4
servers that are domain controllers. I am experiencing two issues; NetBIOS
resolution seems to have gotten messed up and the logs on the NT and SAMBA
machines are full of repetitive entries. 

Issue 1:
It seems one of our SAMBA servers is having its name resolved to an IP
address used by another box. This happens if you ping its NetBIOS name or
try to do start menu->run->\\NetBIOS. I tried nbtstat -R on the NT boxes but
the problem persists. I finally moved the machine with the incorrectly
resolved NetBIOS name to the IP address and relocated the other machine to a
new address. I am not running a WINS server nor am I attempting to allow
WINS through DHCP.

Issue 2:
The event log on the NT machines are littered with the following entry:

Date:	4/20/2003	Source:  Src
Time: 4:26:28 PM	Category: None
Type: Error		Event ID: 2006
User: N/A
Computer: PHXNT02

Description:
The server received an incorrectly formatted request from \\PHXFB01.

Data: Bytes
0000: 00 00 34 00 02 00 7c 00   ..4...|.
0008: 00 00 00 00 d6 07 00 c0   ....Ö..À
0010: 00 00 00 00 01 20 98 c0   ..... ˜À
0018: 00 00 00 00 00 00 00 00   ........
0020: 00 00 00 00 00 00 00 00   ........
0028: b3 06 00 00 ff 53 4d 42   ³...ÿSMB
0030: 25 00 00 00 00 08 01 c0   %......À
0038: 00 00 00 00 00 00 00 00   ........
0040: 00 00 00 00 04 18 3e 2a   ......>*
0048: 00 30 01 00 10 00 00 48   .0.....H
0050: 00 00 00 48 00 00 00 00   ...H....
0058: 00 00 00 00               ....

When I say littered, I mean that this entry is showing up in groups of 6-8,
spaced only a few seconds apart with inconsistent amounts of time between
the groups. This message shows up for the all SAMBA servers, though the more
heavily used SAMBA machines have more entries than the others.

The log files on the SAMBA servers are littered with the following entries:

[2003/04/23 15:05:03, 0] rpc_client/cli_netlogon.c:cli_net_req_chal(246)
  cli_net_req_chal: Error NT_STATUS_INVALID_COMPUTER_NAME
[2003/04/23 15:05:03, 0] rpc_client/cli_login.c:cli_nt_setup_creds(47)
  cli_nt_setup_creds: request challenge failed
[2003/04/23 15:05:03, 0] rpc_client/cli_trust.c:modify_trust_password(142)
  modify_trust_password: unable to setup the PDC credentials to machine
192.168.100.10. Error was : NT_STATUS_UNSUCCESSFUL.
[2003/04/23 15:05:04, 0] rpc_client/cli_netlogon.c:cli_net_req_chal(246)
  cli_net_req_chal: Error NT_STATUS_INVALID_COMPUTER_NAME
[2003/04/23 15:05:04, 0] rpc_client/cli_login.c:cli_nt_setup_creds(47)
  cli_nt_setup_creds: request challenge failed
[2003/04/23 15:05:04, 0] rpc_client/cli_trust.c:modify_trust_password(142)
  modify_trust_password: unable to setup the PDC credentials to machine
192.168.100.11. Error was : NT_STATUS_UNSUCCESSFUL.
[2003/04/23 15:05:04, 0]
rpc_client/cli_trust.c:change_trust_account_password(248)
  2003/04/23 15:05:04 : change_trust_account_password: Failed to change
password for domain INDATACORP.

Here is my smb.conf file:
#========================== Global Settings ============================
[global]
  workgroup = indatacorp
  server string = Litigation Services Samba Server
  log file = /var/log/log.%m
  max log size = 50
  oplocks = no
  level2 oplocks = no
  security = domain
  password server = 192.168.100.10, 192.168.100.11
  encrypt passwords = yes
  socket options = TCP_NODELAY
  show add printer wizard = no
  local master = no
  domain master = no
  preferred master = no

#========================= Share Definitions =============================
[Data]
  comment = Production Files
  path = /data
  public = yes
  writeable = yes
  browseable = yes
  force directory mode = 0777
  force create mode = 0777

Everything else appears to be working; if you log in locally to a computer
and try to browse the shares on the SAMBA servers you're prompted for
username and password, if you log into the domain from the workstation and
then attempt to browse a SAMBA server you can access and read and write to
the shares.

Thank you for any input or direction.

-Randy

More information about the samba mailing list