Fwd: Re: [Samba] add user script & samba 3.0b

robowarp at gmx.de robowarp at gmx.de
Fri Jun 20 19:45:51 GMT 2003


machine add does not work, manual or on the fly,
if have an complete test enviroment so nothing is dangerios,
but sometimes i have to install the boxes new *grins
interface = lo, ....  changes nothing to the result,
i cant join the samba domain with win2k , cause failure is:
the machine account is not found or trusted by domain controller

after all i bulid a bdc with 2.2.7a on traditional way an it worked very
nice.

my problem is this
[2003/06/20 21:25:53, 2] auth/auth.c:check_ntlm_password(295)
  check_ntlm_password:  Authentication for user [] -> [] FAILED with error
NT_STATUS_NO_SUCH_USER
[2003/06/20 21:26:04, 2] smbd/server.c:exit_server(558)
  Closing connections
this comes up to logged machine when try to get in the samba3beta domain
 i have no idea what to do next...
Regards


> What seems to be a dangerous thing to me is that your samba doesn't bend 
> to lo (127.0.0.1 aka localhost) I'm not shure if it is the origin of 
> your problems, but in the docs is written, that lots of tools, including 
> smbpasswd (maybe others things too ?) relays on accessing localhost, if 
> security=user. Anyway I would suggest to try with this new settings too. 
> I'm really new to the 3.0 branch, and I would want an LDAP solution 
> (Samba PDC+ Samba BDC).
> 
> Best Regards
> 
> Geza Gemes
> 
> robowarp at gmx.de írta:
> 
> > this is my smb.conf,
> > as i failed before , the machine add script works on the fly, but the
> > machine account which is right in the smbpasswd, does not login after
> > required
> > reboot win2k serv3 to domain, with failure message
> > local computer account is not trusted
> > My plan is to make samba easier administrate with usmgr, machine
> creation
> > on
> > the fly.
> > 
> > And i dont wanna use ldap.
> > is anyone  working on that too? 
> > 
> >  
> >
> >>i compiled the beta on suse 8.2 from scratch
> >>do sombody have any usefull comments about this config?
> >> 
> >>
> >>
> >>[global]
> >>        dos charset = ASCII
> >>        display charset = UTF8
> >>        workgroup = LINUX
> >>        interfaces = eth0
> >>        bind interfaces only = Yes
> >>        map to guest = Bad User
> >>        passwd program = /usr/bin/passwd %u
> >>        username map = /etc/samba/smbusers
> >>        unix password sync = Yes
> >>        log level = 2
> >>        log file = /var/log/samba/%m
> >>        time server = Yes
> >>        keepalive = 255
> >>        socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192
> >>SO_RCVBUF=8192
> >>        load printers = No
> >>        printcap name = cups
> >>        add user script = /usr/sbin/useradd -m %u
> >>        delete user script = /usr/sbin/userdel -r %u
> >>        add group script = /usr/sbin/groupadd -r %g
> >>        delete group script = /usr/sbin/groupdel %g
> >>        add user to group script = /usr/bin/gpasswd -a %u %g
> >>        delete user from group script = /usr/bin/gpasswd -d %u %g
> >>        set primary group script = /usr/sbin/usermod -g '%g' '%u'
> >>        #create a group machines first !
> >>        add machine script = /usr/sbin/useradd -g machines -c Machine -d
> >>/dev/null -s /bin/false %u
> >>        logon drive = z
> >>        domain logons = Yes
> >>        os level = 255
> >>        preferred master = Yes
> >>        domain master = Yes
> >>        wins proxy = Yes
> >>        wins support = Yes
> >>        ldap ssl = no
> >>        utmp = Yes
> >>        host msdfs = Yes
> >>        admin users = Administrator
> >>
> >>[homes]
> >>        comment = Home Directories
> >>        read only = No
> >>        create mask = 0640
> >>        directory mask = 0750
> >>        browseable = No
> >>
> >>
> >>
> >>    
> >>
> >>>it seems that the developers group has changed the command name from
> >>>add user script to add machine script
> >>>you can see the difference only in the man page on the CVS tree
> >>>after I changed it to this command in smb.conf - it worked.
> >>>
> >>>regards
> >>>
> >>>robowarp at gmx.de schrieb:
> >>>
> >>>      
> >>>
> >>>>HI if tested the add user script (samba3beta) and it works fine for me
> 
> >>>>but the created machine account , it not followed
> >>>>with a working login, win2k serv pack 3 says computer account is not
> >>>>        
> >>>>
> >>>trusted
> >>>      
> >>>
> >>>>in the domain,
> >>>>this is is not a failure by the script , cause i tried traditional way
> >>>>        
> >>>>
> >>>too.
> >>>      
> >>>
> >>>>( smbpasswd -a -m )
> >>>>any ideas?
> >>>>Regards
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> 
> >>>>
> >>>>        
> >>>>
> >>>>>Howdy,
> >>>>>
> >>>>>I would like to use the samba server as a replacment for NT Servers.
> >>>>>So I need the add user script command for adding new machines to the
> >>>>>domain.
> >>>>>This is no problem in all 2.2.X versions of samba which I used.
> >>>>>But on version 3.0 alpha and beta it is not working.
> >>>>>
> >>>>>I am using debian 3.0r1 with the unstable package of samba 3.0beta.
> >>>>>
> >>>>>smb.conf:
> >>>>>[global]
> >>>>>   workgroup = unreal
> >>>>>   server string = %h server (Samba %v)
> >>>>>   log file = /var/log/samba/log.%m
> >>>>>   syslog = 0
> >>>>>   security = user
> >>>>>   encrypt passwords = true
> >>>>>   passdb backend = smbpasswd:/etc/samba/smbpasswd
> >>>>>   socket options = TCP_NODELAY
> >>>>>   wins server = 192.168.0.133
> >>>>>   dns proxy = no
> >>>>>   admin users = root, admin, administrator
> >>>>>   add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> >>>>>          
> >>>>>
> >>bin/false
> >>    
> >>
> >>>>>-M %u
> >>>>>   domain logons = yes
> >>>>>   domain master = yes
> >>>>>   logon path = \\%N\profiles\%U
> >>>>>   logon drive = H:
> >>>>>   logon home = \\%N\%U
> >>>>>   logon script = logon.bat
> >>>>>
> >>>>>samba.log:
> >>>>>[2003/06/20 00:33:38, 0] smbd/service.c:set_admin_user(314)
> >>>>>  root logged in as admin user (root privileges)
> >>>>>[2003/06/20 00:33:39, 0]
> >>>>>          
> >>>>>
> >>>passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(597)
> >>>      
> >>>
> >>>>>  add_smbfilepwd_entry: cannot add account roof2$ without unix
> >>>>>          
> >>>>>
> >>identity
> >>    
> >>
> >>>>>[2003/06/20 00:33:39, 0] 
> >>>>>rpc_server/srv_samr_nt.c:_api_samr_create_user(2313)
> >>>>>  could not add user/computer roof2$ to passdb.  Check permissions?
> >>>>>
> >>>>>
> >>>>>The same command line is working with 2.2.3a (Debian testing).
> >>>>>
> >>>>>thanks for any answer
> >>>>>Thomas
> >>>>>
> >>>>>-- 
> >>>>>To unsubscribe from this list go to the following URL and read the
> >>>>>instructions:  http://lists.samba.org/mailman/listinfo/samba
> >>>>>
> >>>>>   
> >>>>>
> >>>>>          
> >>>>>
> >>>> 
> >>>>
> >>>>        
> >>>>
> >>>      
> >>>
> >>-- 
> >>+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
> >>Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
> >>
> >>
> >>    
> >>
> >
> >  
> >
> 
> 

-- 
+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!




More information about the samba mailing list