[Samba] [Old] Clients cannot login into Samba-Domain
htl.traun.kustos at eduhi.at
Wed Feb 18 12:26:56 GMT 2004
I had a working "Samba-2.2.7a-SuSE" domain (with roaming profiles,etc.)
but this server crashed. So I copied the samba directory with the config
files (including secrets.tdb, passwd, ...) from my backup to the second
server and started nmb and smb, but the Clients could'nt log onto the
domain. The error was something like: "You couldn't log on. Please check
username and domain and try to reenter the password"
So I tried "Samba3.0.2a-SuSE", changed the config somewhat and started
the deamon but no luck either.
- connecting to the shares of the samba server (using usr/pwd)
- re-insert the PC into the domain
=> domain logon is working again
So I figured this must be a SID problem. Like domain-SID != machine-SID.
To test, whether this is the problem, I used the following commands but
the SID was always the same:
net getlocalsid ,domain'
net rpc getsid
rpclient ,server' -U ,user'
pdbedit -Lv ,user'
For Windows I downloaded the program "getsid", which compares two
getsid \\server 'user-account' \\server 'machine-account'
-> with that I checked, if the PC SID was the same as an User SID ->
- Same Server & Clients as befor the crash.
- that includes the configs and SIDs
- same SID everywhere (at least the ones I could figure out)
- domain logon only functioning, after REJOINING the domain
Now, I could of course go to every PC and rejoin the domain, but that's
not very funny nor productive.
So what do I have to change on the server to allow the existing PCs to
mfg. Stumpfl Markus
mail: htl.traun.kustos at eduhi.at
------------------------ setup -----------------------------
Clients: WinXP-SP1 (with reg-patch)
Server: SuSe 8.2 w/ Samba 3.0.2a
------------------------ config -----------------------------
netbios name = 'server'
server string = Samba %v
workgroup = 'domain'
interfaces = eth0
bind interfaces only = true
hosts allow = 'network'
follow symlinks = no
wide links = no
hide dot files = yes
hide special files = yes
max disk size = 800
invalid users = bin daemon lp mail games wwwrun ftp man news
uucp sshd ntp at postfix named irc squid ldap pop mailman
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
deadtime = 15
lm announce = no
unix charset = LOCALE
unix extensions = no
syslog = 1
debug timestamp = yes
debug pid = yes
debug uid = yes
smb passwd file = /etc/samba/smbpasswd
encrypt passwords = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *new*password* %n\n *retype*new*password* %n\n
load printers = no
os level = 128
security = user
preferred master = yes
domain master = yes
domain logons = yes
default service = homes
logon script = logon.bat
time server = yes
username map = /etc/samba/smbusers
More information about the samba