[Samba] Samba 2.2.7 as PDC causing BSOD on 2K domain logon
Anders
ionizer at cola.cc
Tue Jun 10 14:30:11 GMT 2003
Hello,
Have wrestled this one for about a week, now, getting frustrated ;-)
Running samba as PDC for my domain (cf. smb.conf further down)
When logging in on my 2K Pro machine, I first get a "can't find roaming
profile, attempting local profile"-error, but logon using my user's smb
account accepts only the correct password and so the identification part
works well.
Next, the screen on my 2K plays the chimes, displays the background for a
little while, and then the Blue Screen Of Death with the brief text "...
the windows logon process terminated unexpectedly ..." and subsequent
automatic reboot.
I'd appreciate any help.
I have some thoughts of what could be wrong, but I'm at road's end trying
to do something about it, not even knowing if it's the true problem.
Oh, and btw, I've tried two different 2K machines, same result.
Possible errors:
* the user anders-l exists only on the PDC and not locally on the 2K
machine, hence it could die trying to find a local profile.
* the owner structure on the PDC /home/%U stuff could be messed up (see
below) (not sure how this would cause the BSOD though)
* the //dl280/profile share doesn't show when listing the shares (see
below), should it? (also unsure how this would cause the BSOD)
* I've made a darn stupid hum-dinger of a rookie error (and really, what
better way to expose your ignorance than to post to a list - right?)
Follows some helpful(?) stats:
*********************
$ smbclient -L //dl380 -U anders-l
added interface ip=192.168.0.191 bcast=192.168.0.255 nmask=255.255.255.0
Password:
Domain=[PN-TRADING] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]
Sharename Type Comment
--------- ---- -------
netlogon Disk Network Logon Service (Samba)
IPC$ IPC IPC Service (PDC on dl380 (Linux with samba version: -hidden-)
ADMIN$ Disk IPC Service (PDC on dl380 (Linux with samba version: -hidden-)
anders-l Disk Home Directories
Server Comment
--------- -------
DL380 PDC on dl380 (Linux with samba version:
-hidden-
Workgroup Master
--------- -------
PN-TRADING DL380
************************
<a trimmed smb.conf, for brevity. The complete one posted on
http://www.dsv.su.se/~anders-l/samba/smb.conf> (full of crap comments,
work notes etc, just in case you'll need to see it.) This one is the same,
just with all comments grep -v:ed
[global]
workgroup = pn-trading
server string = PDC on %L (Linux with samba version: -hidden-)
hosts allow = 192.168.0. 127.
printing = cups
log file = /var/log/samba/%m.log
max log size = 1024
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
pam password change = yes
username map = /etc/samba/smbusers
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
logon home = \\%L\%U
logon path = \\%L\profiles\%U
dns proxy = no
status = yes
domain admin group = @ntadmin
add user script = /usr/sbin/adduser -n -g machines -c Machine -d
/dev/null -s /sbin/nologin %m\$
share modes=yes
[homes]
comment = Home Directories
path = /home/%U
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
guest ok = no
read only = no
create mask = 0700
directory mask = 0700
oplocks = false
locking = yes
[netlogon]
comment = Network Logon Service (Samba)
path = /home/samba/netlogon
read only = yes
share modes = no
write list = ntadmin
[profiles]
comment = The roaming profile share.
path = //home/nt-profiles/%U
read only = no
create mask = 0600
directory mask = 0700
browseable = no
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
****************
the log file /var/log/samba/ibm.log (the 2K's netbios name)
contains these very cryptic messages, that aren'r generated from a
pattern I can discern (i.e. not every time I get the BSOD, for instance,
but could nonetheless be a result thereof. I include them for reference.
[2003/06/10 10:09:30, 0] lib/util_sock.c:read_data(436)
read_data: read failure for 4. Error = Connection reset by peer
[2003/06/10 10:10:57, 0] lib/util_sock.c:read_data(436)
read_data: read failure for 4. Error = Connection reset by peer
[2003/06/10 10:27:28, 0] lib/util_sock.c:read_data(436)
read_data: read failure for 4. Error = Connection reset by peer
[2003/06/10 10:47:37, 0] smbd/service.c:make_connection(252)
ibm (192.168.0.190) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2003/06/10 11:18:45, 0] lib/util_sock.c:read_data(436)
read_data: read failure for 4. Error = Connection reset by peer
****************
the dir tree for /home/ with the permissions I mentioned looks like this
I know it's messy, I know anders-l:ntusers shouldn't own /home, I've just
been messing with it to see if I could get a different result - not so
however.
anders-l is in group ntusers and root is in ntadmins.
./anders-l:
total 24
drwx------ 2 anders-l ntusers 4096 Jun 10 15:33 .
drwxr-xr-x 6 anders-l ntusers 4096 Jun 10 15:33 ..
-rw-r--r-- 1 anders-l ntusers 24 Jun 6 12:53 .bash_logout
-rw-r--r-- 1 anders-l ntusers 191 Jun 6 12:53 .bash_profile
-rw-r--r-- 1 anders-l ntusers 259 Jun 6 12:53 .bashrc
-rw-r--r-- 1 anders-l ntusers 120 Jun 6 12:53 .gtkrc
./nt-admin:
total 24
drwx------ 2 nt-admin root 4096 Jun 6 17:05 .
drwxr-xr-x 6 anders-l ntusers 4096 Jun 10 15:33 ..
-rw-r--r-- 1 nt-admin root 24 Jun 6 17:05 .bash_logout
-rw-r--r-- 1 nt-admin root 191 Jun 6 17:05 .bash_profile
-rw-r--r-- 1 nt-admin root 259 Jun 6 17:05 .bashrc
-rw-r--r-- 1 nt-admin root 120 Jun 6 17:05 .gtkrc
./samba:
total 12
drwxr-xr-x 3 root ntadmins 4096 Jun 10 11:23 .
drwxr-xr-x 6 anders-l ntusers 4096 Jun 10 15:33 ..
drwxrwxr-x 2 root ntadmins 4096 Jun 10 09:32 netlogon
./samba/netlogon:
total 8
drwxrwxr-x 2 root ntadmins 4096 Jun 10 09:32 .
drwxr-xr-x 3 root ntadmins 4096 Jun 10 11:23 ..
******************
Well, that should do it.
Appreciate yall's input.
Sincerely,
Anders
More information about the samba
mailing list