[Samba] Can not register W2K computer (WXP and W98 without
problems)
Reiner Buehl
reiner at buehl.net
Wed Sep 17 18:28:45 GMT 2003
Hi,
I had the same problem and the following steps executed on the Win2K system
as Administrator did it for me:
Start the Administrative Tools (Start / Settings / Control Panel /
Administrative Tools). From there start the Local Security Policy.
In the Local Security Policy open Local Policies and then Security Options.
Disable the following entries:
Domain member: Digitally encrypt or sign secure channel data (Always)
Domain member: Digitally encrypt secure channel data (when possible)
Domain member: Digitally sign secure channel data (when possible)
Domain member: Require strong (Windows 2000 or later) session key
In the Group Policy Editor (C:\windows\system32\gpedit.msc) enable the
following entry:
Computer Configuration\Administrative Templates\System\User Profiles\do not
check for user ownership of roaming profiles folders
Best regards,
Reiner.
> -----Original Message-----
> From: samba-bounces+reiner=buehl.net at lists.samba.org
> [mailto:samba-bounces+reiner=buehl.net at lists.samba.org] On
> Behalf Of Ricardo Martinezgarza
> Sent: Tuesday, September 16, 2003 10:26 PM
> To: samba at lists.samba.org
> Subject: [Samba] Can not register W2K computer (WXP and W98
> without problems)
>
>
> I can NOT have a W2KPro computer to reconnect to a RH9 Samba
> PDC server
> domain after initial "registration". (I don't have any
> problems with WXPPro)
>
> NetBios name of the W2KPro computer: PRUEBA
> RH9 PDC Samba domain name: SAMBA
>
> When "registering" the W2KPro computer to the domain for the
> first time,
> everything seems to work fine (even though it takes longer
> than usual to get
> the "Welcome to domain Samba" window). The entries in /etc/passwd,
> /etc/shadow and /etc/samba/smbpasswd get created:
>
> prueba$:x:504:100::/dev/null:/bin/false (/etc/passwd)
> prueba$:!!:12311:0:99999:7::: (/etc/shadow)
> prueba$:504:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyyy
> yyyyyyyyyyyyyy
> y:[W ]:LCT-3F6761AE: (/etc/samba/smbpasswd)
>
> The Samba log (prueba.log) for the W2K computer does not report any
> problems.
>
> After reboot, after typing a valid domain user and password,
> I get the error
> message "The system can not initiate a session because either
> there is no
> account for this computer in the primary domain or the
> password for this
> account is incorrect"
>
> To add to my perplexity, if I log into the W2KPro computer using a
> local(windows) username/password identical to a valid samba
> account I can
> browse through the domain via the windows Network Neighborhood without
> having to supply any further username or password. I can even
> browse through
> the Samba "home" directory (linux box) of such username/password.
>
> I´m using the "add user script = /usr/sbin/useradd -d
> /dev/null -g 100 -s
> /bin/false -M %u" on-the-fly method in smb.conf (which, by
> the way, has been
> working just fine for WXPPro computers)
>
> I've also tried manual creation of the /etc/passwd and
> /etc/samba/smbpasswd
> entries with the same results
>
> I've even tried modifying the W2KPro registry parameters in
> [HKEY_LOCAL_MACHINE|SYSTEM|CurrentControlSet|Service|Netlogon|
> Parameters] as
> I did for WXPPro, no luck either.
>
> Further yet, I´ve tried to "sniffer-debug" the unsuccessful
> re-registration
> of the W2KPro box vs. a successful re-registration of a
> WXPPro box and can
> not find what the problem is.
>
> Any ideas why this is happening and what else could/should I
> do/try ????
>
> Thanks gals and guys !!!!
>
> _________________________
> Ricardo Martinezgarza F.
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list