[Samba] SAMBA 3 as PDC - W2K/WXP Pro logon trouble

Scott Gross SGross at newsgroupwest.com
Fri Feb 27 17:24:38 GMT 2004

I have a Samba 3 PDC running with an LDAP backend on Red Hat 8.  All
authentication appears to be working correctly but I can't login to the
domain from a W2K or WXP Pro workstation after I have successfully joined
them to the domain.  If I login locally to the workstation I can browse the
Samba shares just fine.  I have checked the schannel and sign or seal
settings on both the workstations and the server and made sure they were set
to disable but still no luck.  Can anyone give me any ideas on how to solve
this problem.






# Samba config file created using SWAT

# from (

# Date: 2003/11/25 10:42:04


# Global parameters


        workgroup = FIFEDEV

        netbios name = Dev

        null passwords = Yes

        passdb backend = ldapsam

        passwd program = /usr/local/bin/smbldap-passwd.pl -o %u

        passwd chat = *new*password* %n\n *new*password:* %n\ *successfully*

        passwd chat debug = Yes

        log file = /var/log/samba/%m.log

        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

        add user script = /usr/local/sbin/smbldap-useradd.pl -a "%u"

        delete user script = /usr/local/sbin/smbldap-useradd.pl -d "%u"

        add group script = /usr/local/sbin/smbldap-useradd.pl -a -g "%g%

        delete group script = /usr/local/sbin/smbldap-useradd.pl -d -g "%g"

        add user to group script = /usr/local/sbin/smbldap-useradd.pl -j -u
"%u" -g "%g"

        delete user from group script = /usr/local/sbin/smbldap-useradd.pl
-j -u "%u" -g "%g"

        set primary group script = /usr/local/sbin/smbldap-useradd.pl -m -u
"%u" -gid "%g"

        add machine script = /usr/local/sbin/smbldap-useradd.pl -a -w "%m"

        logon script = logon.bat

        logon path =

        logon drive =

        domain logons = Yes

        os level = 22

        preferred master = Yes

        domain master = Yes

        wins support = Yes

        wins proxy = No

        ldap suffix = dc=test,dc=com

        ldap machine suffix = ou=_COMPUTERS_

        ldap user suffix = ou=_USERS_

        ldap group suffix = ou=_GROUPS_

        ldap admin dn = "cn=Manager,dc=test,dc=com"

        ldap ssl = No

        ldap passwd sync = yes

        comment = Samba-PDC Server

        public = No

        browseable = Yes

        writable = No

        client schannel = No

        server schannel = No

        client signing = No

        server signing = No



        path = /usr/local/samba/lib/netlogon

        read only = Yes

        write list = ntadmin

        locking = No



        path = /tmp

        guest ok = Yes

        read only = Yes



        path = /profiles

        read only = No

        writable = Yes

        create mask = 0600

        directory mask = 0700



        comment = Home Directories

        browsable = no

        writeable = yes

        valid users = %S

        create mask = 0700

        directory mask = 0700

        hide dot files = yes


More information about the samba mailing list