AW: [Samba] Can't join my domain

[Hendrik]

Hi Fran,

I have had the same Problem with Samba 2.2.8 but I solved it. I created
an user "root" on my W2k Client with Administrator Privileges and the
same password as on my Samba Server. 
In Samba 2.2.8 you only can join the Samba PDC as "root".

Perhaps this could also work on Samba3.

-----Ursprüngliche Nachricht-----
Von: samba-bounces+hendrik=styx.homeunix.org at lists.samba.org
[mailto:samba-bounces+hendrik=styx.homeunix.org at lists.samba.org] Im
Auftrag von Fran Fabrizio
Gesendet: Sonntag, 23. November 2003 08:08
An: samba at lists.samba.org
Betreff: [Samba] Can't join my domain



Day 2 of my adventure into Samba.  Having had such success with 
workgroup-based Samba, it was time to try Samba as a PDC.
Unfortunately, 
it got cut short very quickly because I am not able to log into the
domain 
from the XP client.

I took the following steps (I'm using Samba 3.0):

- modified my smb.conf as per instructions in O'Reilly Using Samba, 2nd 
Ed.  (I think this may be part of the problem - see below)
- ran 'smbpasswd -a root' giving the account a password different than
the 
real root password
- restarted the daemons
- hacked my XP registry to turn off the signorseal bit
- rebooted XP
- logged into XP with my administrator account
- control panel, system, computer name, change, enter name of my domain
to 
join,click ok, user/pass dialog pops up
- tried 'root' with the samba password i created above, not the real
root 
password, and get the following WinXP error message dialog:

The following error occurred attempting to join the domain "CISSAMBA"
The user name could not be found

checking the log files on the linux server, I see nothing unusual.

I investigated and learned from testparm that Samba 3.0 no longer 
understands "domain admin group" as an smb.conf parameter (so much for 
Using Samba's claim that it covers Samba 2.2 and 3.0 :-(

So I poked around the web and the samba site and tried the sample
smb.conf 
from the official HOWTO, which seemed to replace the old "domain admin 
group" with a "write list" in the [netlogon] section.  I tried "write
list 
= root" in there, but it's still giving me the same error.  What's the 
proper way to set this up on Samba 3.0?  Here is my smb.conf...

[global]
   netbios name = ds119b
   workgroup = cissamba
   wins support  = yes
   encrypt passwords = yes
   domain master = yes
   local master = yes
   preferred master = yes
   os level = 65
   security = user
   domain logons = yes
   logon path = \\%L\profiles\%u\%m
   logon script = logon.bat
   logon drive = H:
   logon home = \\%L\%u\.win_profile\%m
   time server = yes
   ;domain admin group = root    ; book says to do this but is invalid
for 
Samba 3.0
   add user script = /usr/sbin/useradd  -d /dev/null -g 100 -s
/bin/false -M %u

[netlogon]
   path = /usr/local/samba/lib/netlogon
   writable = no
   browsable = no
   write list = root

[profiles]
   path=/home/samba-ntprof
   browsable = no
   writable = yes
   create mask = 0600
   directory mask = 0700

[homes]
   read only = no
   browsable = no
   guest ok = no
   map archive = yes


Any ideas?

Thanks,
Fran