[Samba] Samba Domain Support Problems
Brian White
bcwhite at precidia.com
Fri Feb 21 20:44:52 GMT 2003
I'm out of ideas here. I'm trying to set up a computer network using samba
on Linux as the primary server and a WinXP machine as the client. I'm just
beginning with XP, but I've been using Linux and Samba (for Win95/98) for
many years now.
So, I've set up samba machine "griffon" to support domains...
; Domain Stuff
domain master = yes
domain logons = yes
logon path = \\%L\profiles\%u
logon home = \\%L\%u
logon script = logon.cmd
add user script = /etc/samba/adduser %u
This should allow automatic "on-the-fly" creation of new machine accounts.
I've created a "samba administrative account" called "machines" in /etc/passwd
machines:x:0:5000:Machine Account (creator):/tmp:/bin/false
and a corresponding one in /etc/samba/smbpasswd
machines:0:3E3E844D9FA7D83317306D272A9441BB:57BCEA1EC8B53A61D032E6B338A0C23B:[UX ]:LCT-3E56855C:
Under XP machine "watertown", I've gone to Control Panel, System, Computer
Name Changes, "member of domain 'precidia'", OK.
Samba runs and logs
[2003/02/21 15:30:58, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=GRIFFON name2=WATERTOWN
[2003/02/21 15:30:58, 2] smbd/reply.c:reply_special(111)
netbios connect: local=griffon remote=watertown
[2003/02/21 15:30:59, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
get_md4pw: Workstation watertown$: no account in domain
[2003/02/21 15:30:59, 2] smbd/server.c:exit_server(458)
Closing connections
calls /etc/samba/adduser and presto-chango, there is now an /etc/passwd entry
watertown$:x:5001:5000:Machine Account,,,:/tmp$:/bin/false
and a corresponding entry in /etc/samba/smbpasswd so that file is now
bcwhite:10001:C75CC291E06B5A54F7E62F36F8DB5AE6:1ADA7AD6BE20188D6F929F801B25443C:[U ]:LCT-392D6EF2:
machines:0:3E3E844D9FA7D83317306D272A9441BB:57BCEA1EC8B53A61D032E6B338A0C23B:[UX ]:LCT-3E56855C:
watertown$:5001:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDW ]:LCT-3E56858D:
Now things go wrong. The rest of the log.smbd file shows
[2003/02/21 15:31:00, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=GRIFFON name2=WATERTOWN
[2003/02/21 15:31:00, 2] smbd/reply.c:reply_special(111)
netbios connect: local=griffon remote=watertown
[2003/02/21 15:31:03, 0] rpc_server/srv_samr_nt.c:_samr_set_userinfo(2458)
_samr_set_userinfo: Unable to get smbpasswd entry for uid 0
[2003/02/21 15:31:03, 0] rpc_server/srv_samr_nt.c:_samr_delete_dom_user(2664)
_samr_delete_dom_user: Not yet implemented.
[2003/02/21 15:31:03, 2] smbd/server.c:exit_server(458)
Closing connections
I traced this around (using strace, log file, and source code) and determined
that samba is taking UID 0, looking it up in /etc/passwd to get the name
"root" and then trying to find "root" in /etc/samba/smbpasswd, but it doesn't
exist.
Next, I added a line to /etc/samba/smbpasswd of "root" for samba to find
root:0:CC596B7CE5FA59805ACDCD7C247FA83A:C1222219AEDBECEB895E7D9D0417A607:[UX ]:LCT-3E5683CF:
This password happens to match the real unix password for that machine.
Next time I try, the log file looks like
[2003/02/21 15:32:30, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=GRIFFON name2=WATERTOWN
[2003/02/21 15:32:30, 2] smbd/reply.c:reply_special(111)
netbios connect: local=griffon remote=watertown
[2003/02/21 15:32:31, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
get_md4pw: Workstation watertown$: no account in domain
[2003/02/21 15:32:31, 2] smbd/server.c:exit_server(458)
Closing connections
[2003/02/21 15:32:32, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=GRIFFON name2=WATERTOWN
[2003/02/21 15:32:32, 2] smbd/reply.c:reply_special(111)
netbios connect: local=griffon remote=watertown
[2003/02/21 15:32:35, 0] libsmb/smbencrypt.c:decode_pw_buffer(259)
decode_pw_buffer: incorrect password length (-193558569).
[2003/02/21 15:32:35, 0] rpc_server/srv_samr_nt.c:_samr_delete_dom_user(2664)
_samr_delete_dom_user: Not yet implemented.
[2003/02/21 15:32:36, 2] smbd/server.c:exit_server(458)
Closing connections
The "watertown$" account was recreated (I deleted it before running this
attempt) but I was not able to figure out why the password length is so
wrong. I am using shadow passwords here if that makes any difference.
Giving up on that line of thought, I decided to try just using the "root"
acount as the "samba administrative account". That didn't work either:
Now when I try to connect to the domain, I get
[2003/02/21 15:36:12, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=GRIFFON name2=WATERTOWN
[2003/02/21 15:36:12, 2] smbd/reply.c:reply_special(111)
netbios connect: local=griffon remote=watertown
[2003/02/21 15:36:13, 0] smbd/service.c:make_connection(564)
Can't become connected user!
[2003/02/21 15:36:13, 2] smbd/server.c:exit_server(458)
Closing connections
[2003/02/21 15:36:14, 2] smbd/reply.c:reply_special(92)
netbios connect: name1=GRIFFON name2=WATERTOWN
[2003/02/21 15:36:14, 2] smbd/reply.c:reply_special(111)
netbios connect: local=griffon remote=watertown
[2003/02/21 15:36:14, 0] smbd/service.c:make_connection(564)
Can't become connected user!
[2003/02/21 15:36:14, 2] smbd/server.c:exit_server(458)
Closing connections
I've verified the password (it's the same for both samba and unix) but
it still doesn't work. Both "machine" uid-0 entries were removed for
this attempt.
I am now officially out of ideas. Help?!? What am I doing wrong here?
Brian
( bcwhite at precidia.com )
-------------------------------------------------------------------------------
Don't drink and park. Accidents cause kids.
More information about the samba
mailing list