[Samba] XP join and logon

Ross McInnes (Systems) sysrm at stvincent.ac.uk
Wed Dec 10 13:58:12 GMT 2003


1st of all i assume you are joining a domain? since my info below doesnt 
really apply to a workgroup. get to the bit where is allows to to change 
machinename/workgroup and instead of entering the server in workgroup, 
enter it in Domain.
 2nd of all are you adding the machine into the /etc/passwd file? eg.

m6-1$:x:60101:107:Domain account for M6-1:/dev/null:/bin/false

before you are trying to add them?

I had this problem. When it prompted me for the Username/Password 
i was putting in Administrator and its password. I was half right...

create root a smb account, "smbpasswd -a root PASSWORD", where PASSWORD 
is your prefered password (note i made mine different to the unix root 
password, so if someone did get hold of the smbpasswd i wouldnt be up the 
creak without a paddle)

then when it prompts you to put in username password, put in root / 
password. it should work fine after that. The only thing i will say is 
that it was weird and seemed to take a random time to join the domain.
some took 5 seconds
some took 20-40 seconds
one even took 2 minutes. Not sure why (anyone shead any light on this?)

Hope this helps.

Ross

On Wed, 10 Dec 2003, I Wayan Widi Pradnyana wrote:

> Hi
> 
> My plan is joining XP Pro client to authenticate via Samba 3.0 domain or
> workgroup.
> The problem is the XP client at first login interface didnt show logon
> location like to "This Computer" and "AJK-ITS" workgroup, so it cannot
> authenticate to Samba Server.
> 
> Any help would be appreciated.
> 
> I have configured those machines like these:
> on XP Pro client I've set:
> 
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
> "requiresignorseal"=dword:00000000
> "signsecurechannel"=dword:00000000
> and join workgroup AJK-ITS (but without prompted for username/password?),
> restarting
> 
> on Samba I use :
> [global]
>     workgroup = AJK-ITS
>     server string = Server
>     include = /etc/samba/dhcp.conf
>     dns proxy = no
>     obey pam restrictions = yes
>     unix password sync = yes
>     security = user
>     map to guest = never
>     password level = 0
>     null passwords = no
>     os level = 255
>     preferred master = yes
>     domain master = yes
>     wins support = yes
>     dead time = 0
>     debug level = 3
>     load printers = yes
> #    server schannel = yes
>     encrypt passwords = yes
> 
>     socket options = TCP_NODELAY
>     domain logons = yes
>     netbios name = kunti
>     local master = yes
>     logon path = \\%n\profiles\%u
>     logon drive = Q:
>     logon home = \\kunti\%u
> 
>    passdb backend = ldapsam:ldap://10.126.13.88:389/
>     ldap suffix = dc=ta,dc=its-sby,dc=edu
>     ldap machine suffix = cn=Computers
>     ldap user suffix = cn=Users
>     ldap admin dn = "cn=admin,dc=ta,dc=its-sby,dc=edu"
>     ldap passwd sync = yes
>     obey pam restrictions = yes
>     invalid users = root
> 
> [netlogon]
>    path = /var/lib/samba/netlogon
>    guest ok = yes
>    writable = no
>    share modes = no
> 



More information about the samba mailing list