[Samba] Migration succesful , but can't add machine to domain

Marcus White 1midniterider at comcast.net
Tue Apr 27 02:43:29 GMT 2004


On Mon, 2004-04-26 at 16:38, LanRol wrote:
> from enigma at riddlefixer.com
> >
> > What do your logs tell you?
> >
> > What do you have for your add machine script = ?
> >
> > Cheers!
> > --
> 
> 
> my smb.conf is
> 
> [global]
>         workgroup                       = SOLARSYSTEM
>         netbios name                    = Sedna
>         server string                   = Samba szerver
> 
>         wins support                    = yes
>         name resolve order              = wins lmhosts hosts bcast
>         socket options                  = TCP_NODELAY SO_RCVBUF=8192
> SO_SNDBUF=8192
>         os level                        	= 64
> 
>         local master                    = yes
>         preferred master                = yes
>         domain master                   = yes
> 
>         domain logons                   = yes
>         passdb backend                  = tdbsam:/etc/samba/passdb.tdb
> 
>         dos charset                     = CP852
>         unix charset                    = ISO8859-2
>         case sensitive                  = no
>         default case                    = lower
>         preserve case                   = yes
> 
>         security                        = user
>         encrypt passwords               = yes
> 
>         log file                        = /var/log/samba/log.%m
>         log level                       = 3
>         max log size                    = 50
>         hosts allow                     = 127.0.0.1 172.0.0.0/255.255.255.0
>         interfaces                      = eth1 172.0.0.0/255.255.255.0
> 127.0.0.1
> 
>         logon path                      = \\samba\profiles\%U
>         logon script                    = %G.cmd
> 
>         add user script                 = /usr/sbin/useradd -s /bin/false
> '%u'
>         add group script                = /usr/sbin/groupadd '%g' && getent
> group '%g' |awk -F: '{print $3}'
>         add user to group script        = /usr/bin/gpasswd -a '%u' '%g'
>         add machine script              = /usr/sbin/useradd -d /dev/null -g
> machines -s /bin/false -M '%u'
>         set primary group script        = /usr/sbin/usermod -g '%g' '%u'
>         delete user script              = /usr/sbin/userdel '%s'
>         delete group script             = /usr/sbin/groupdel '%g'
>         delete user from group script   = /usr/bin/gpasswd -d '%u' '%g'
> ...
> 
> 
> # smbclient -U% -L localhost
> Domain=[SOLARSYSTEM] OS=[Unix] Server=[Samba 3.0.2-SuSE]
> 
>         Sharename      Type      Comment
>         ---------      ----      -------
>         netlogon       Disk      login scriptek
>         install        Disk      telepitok
>         works          Disk      Munkakonyvtar
>         public         Disk      Kozos konyvtar
>         development    Disk      A fejlesztok cuccai
>         IPC$           IPC       IPC Service (Samba szerver)
>         ADMIN$         IPC       IPC Service (Samba szerver)
>         Domain=[SOLARSYSTEM] OS=[Unix] Server=[Samba 3.0.2-SuSE]
> 
>         Server               Comment
>         ---------            -------
>         SEDNA                Samba szerver
> 
>         Workgroup            Master
>         ---------            -------
>         SOLARSYSTEM          SEDNA
> 
> 
> # smbclient //sedna/netlogon -u admin
> session setup failed: NT_STATUS_LOGON_FAILURE
> 
> and log file shows:
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/04/26 21:37:17, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/04/26 21:37:17, 3] auth/auth.c:check_ntlm_password(219)
>   check_ntlm_password:  Checking password for unmapped user
> [SOLARSYSTEM]\[root]@[SEDNA] with the new password interface
> [2004/04/26 21:37:17, 3] auth/auth.c:check_ntlm_password(222)
>   check_ntlm_password:  mapped user is: [SOLARSYSTEM]\[root]@[SEDNA]
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/04/26 21:37:17, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/04/26 21:37:17, 3] auth/auth_sam.c:check_sam_security(200)
>   check_sam_security: Couldn't find user 'root' in passdb file.
> [2004/04/26 21:37:17, 3] auth/auth_winbind.c:check_winbind_security(80)
>   check_winbind_security: Not using winbind, requested domain [SOLARSYSTEM]
> was for this SAM.
> [2004/04/26 21:37:17, 2] auth/auth.c:check_ntlm_password(312)
>   check_ntlm_password:  Authentication for user [root] -> [root] FAILED with
> error NT_STATUS_NO_SUCH_USER
> [2004/04/26 21:37:17, 3] smbd/process.c:timeout_processing(1104)
>   timeout_processing: End of file from client (client has disconnected).
> [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/04/26 21:37:17, 2] smbd/server.c:exit_server(558)
>   Closing connections
> [2004/04/26 21:37:17, 3] smbd/connection.c:yield_connection(69)
>   Yielding connection to
> [2004/04/26 21:37:17, 3] smbd/connection.c:yield_connection(76)
>   yield_connection: tdb_delete for name  failed with error Record does not
> exist.
> [2004/04/26 21:37:17, 3] smbd/server.c:exit_server(601)
>   Server exit (normal exit)
> 
> 
> 
> 
> 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
> >

To rule out the obvious... Did you perform "smbpasswd -a root" on the
PDC? Did you also add "admin users = root" in your global section? Just
curious are you actually using the network address 172.0.0.0 for your
setup?

Marcus O.



More information about the samba mailing list