AW: AW: [Samba] Samba - LDAP - User cannot login from 1 workstation

Bert_De_Ridder at peopleware.be Bert_De_Ridder at peopleware.be
Tue Jul 27 13:15:56 GMT 2004


Ok, so the getpeername was a coincidence; I haven't seen it more than 
once, that's true.

smb.conf:
[global]
        domain master = No
        domain logons = Yes
        map to guest = never
        netbios name = FATTY
        workgroup = PEOPLEWARE
        server string = Linux BDC
        encrypt passwords = Yes
        log level = 2
        name resolve order = lmhosts wins
        time server = Yes
        socket options = SO_SNDBUF=8192 SO_RCVBUF=8192
        guest account = nobody
        logon script = login.bat
        logon path =
        logon drive = H:
        os level = 99
        preferred master = No
        wins support = Yes
        wins server = 192.168.0.22
        remote browse sync = 192.168.0.22
        remote announce = 192.168.3.255/PEOPLEWARE
        printing = cups
        local master = yes
        load printers = yes
        printcap name = cups
        passwd program =/usr/local/sbin/smbldap-passwd %u
        passwd chat = *new*password* %n\n *new*password:* %n\ 
*successfully*
        add machine script = /usr/local/sbin/smbldap-useradd -w u%
        add user script = /usr/local/sbin/smbldap-useradd -a %u
        delete user script = /usr/local/sbin/smbldap-userdel %u
        add group script = /usr/local/sbin/smbldap-groupadd %g
        delete group script = /usr/local/sbin/smbldap-groupdel %g
        add user to group script = /usr/local/sbin/smbldap-groupmod -m %u 
%g
        delete user from group script = /usr/local/sbin/smbldap-groupmod 
-x %u %g
        set primary group script = /usr/local/sbin/smbldap-usermod -G %g 
%u
        passdb backend = ldapsam:ldap://127.0.0.1
        ldap suffix = dc=peopleware,dc=be
        ldap admin dn = cn=Manager,dc=peopleware,dc=be
        ldap user suffix = ou=Users
        ldap group suffix = ou=Groups
        ldap machine suffix = ou=Computers
        ldap idmap suffix = ou=Users
        ldap passwd sync = Yes
        ldap ssl = off

[netlogon]
        path = /var/lib/samba/netlogon
        read only = No
        create mask = 0600
        directory mask = 0700
        browseable = No
[homes]
        comment = Home directories
        path = /home/%U
        read only = No
        create mask = 0640
        directory mask = 0750
        browseable = Yes
[cvs]
     path = /local/cvs
     read only = No
     create mask = 0777
     force group = users
     public = yes
     guest ok = yes

Bert De Ridder




Umberto Zanatta <uzanatta at provincia.treviso.it> 
Sent by: samba-bounces+bert_de_ridder=peopleware.be at lists.samba.org
27/07/2004 14:57

To
Bert_De_Ridder at peopleware.be
cc
samba at lists.samba.org
Subject
Re: AW: AW: [Samba] Samba - LDAP - User cannot login from 1 workstation






No, isn't; but, there's some problems in resolvconf/hosts/dns.

"""
getpeername failed
"""

Meanwihile, should you post the smb.conf related to?

Il mar, 2004-07-27 alle 14:46, Bert_De_Ridder at peopleware.be ha scritto:

> That's true...
> 
> The message is : 
> 
> <sharename> is not accessible 
> Network access is denied
>                  <OK>
> 
> Even if I navigate to the share CVS (which works during login - see my 
> original mail) I get that message. 
> 
> I don't know whether it's related, but I now notice other messages in 
the 
> log : 
> 
> [2004/07/26 14:24:32, 1] smbd/service.c:make_connection_snum(619)
> allier (192.168.3.196) connect to service cvs initially as user mschijva 

> (uid=1015, gid=100) (pid 24964)
> [2004/07/26 14:24:48, 0] lib/util_sock.c:get_peer_addr(978)
>   getpeername failed. Error was Transport endpoint is not connected
> [2004/07/26 14:24:48, 0] lib/util_sock.c:read_socket_data(367)
>   read_socket_data: recv failure for 4. Error = Connection reset by peer
> 
> 
> Do you think it's related?
> 
> 
> 
> Bert 
> 
> 
> 
> 
> "Arno Seidel" <aseidel at aseidel.com> 
> Sent by: samba-bounces+bert_de_ridder=peopleware.be at lists.samba.org
> 27/07/2004 13:15
> Please respond to
> aseidel at aseidel.com
> 
> 
> To
> "Samba" <samba at lists.samba.org>
> cc
> 
> Subject
> AW: AW: [Samba] Samba - LDAP - User cannot login from 1 workstation
> 
> 
> 
> 
> 
> 
> Hi,
> 
> hm i don?t think that it has something to do with the trus-relationship 
if
> it where so than every user on that pc would get a permision denied.
> what does the error message exactly says?
> example:
> Access denied, the network path was not found...
> 
> 
>   -----Ursprungliche Nachricht-----
>   Von: Bert_De_Ridder at peopleware.be 
[mailto:Bert_De_Ridder at peopleware.be]
>   Gesendet: Dienstag, 27. Juli 2004 12:57
>   An: aseidel at aseidel.com
>   Betreff: Re: AW: [Samba] Samba - LDAP - User cannot login from 1
> workstation
> 
> 
> 
>   I have checked the user's permissions; I am convinced that it is not a
> server setting since the error 'Access denied' (on the client - Win2K) 
> does
> not happen when the user logs on to another workstation.
>   I think it has something to do with the trust relationship; but I 
> haven't
> got a clue where to start looking for it.
> 
>   What loglevel would you suggest ?
> 
> 
>   Bert
> 
> 
> 
> 
> 
>         "Arno Seidel" <aseidel at aseidel.com>
>         Sent by: 
> samba-bounces+bert_de_ridder=peopleware.be at lists.samba.org
>         27/07/2004 12:30 Please respond to
>               aseidel at aseidel.com
> 
> 
>        To <samba at lists.samba.org>
>               cc
>               Subject AW: [Samba] Samba - LDAP - User cannot login from 
1
> workstation
> 
> 
> 
> 
> 
> 
> 
>   Hi,
> 
>   did you checked the users permissions??
>   group-entrys... share/directory permissions
>   which account flags does the user have.
>   did you rise the loglevel to get some more informations?
>   what error message do you receive on the windows-pc?
> 
>   this is no a solution... but may bring you on the right way
> 
>   > -----Ursprungliche Nachricht-----
>   > Von: samba-bounces+aseidel=aseidel.com at lists.samba.org
>   > [mailto:samba-bounces+aseidel=aseidel.com at lists.samba.org]Im Auftrag 

> von
>   > Bert_De_Ridder at peopleware.be
>   > Gesendet: Dienstag, 27. Juli 2004 12:16
>   > An: samba at lists.samba.org
>   > Betreff: [Samba] Samba - LDAP - User cannot login from 1 workstation
>   >
>   >
>   > Hello, everyone,
>   >
>   > This is the situation :
>   >
>   > We have 2 sites; one domain; 2 samba's on every site; one is PDC, 
the
>   > other is BDC.
>   > They both use LDAP; the LDAP has a master on the site where the PDC 
> is;
>   > the slave LDAP is on the site where the BDC is.
>   >
>   > There is a user (ONE to be precise) that gives problems when working 

> on
> a
>   > specific machine.
>   >
>   > When the user logs in using his machine; he can't access shares on
> either
>   > of the servers. When he logs in on any other machine, there is no
> problem
>   > whatsoever. When anybody else logs in using this user's machine, 
there
> is
>   > no problem either.
>   > It's only when the user logs in on that specific machine.
>   > The login is fine; I can see the user in the logs:
>   >
>   >   allier (192.168.3.196) connect to service netlogon initially as 
user
>   > mschijva (uid=1015, gid=100) (pid 25065)
>   > [2004/07/26 14:34:29, 1] smbd/service.c:make_connection_snum(619)
>   >   allier (192.168.3.196) connect to service cvs initially as user
>   > mschijva
>   > (uid=1015, gid=100) (pid 25065)
>   >
>   > >From that point on, the shares can no longer be accessed.
>   >
>   > The machine HAS been used in the past in a domain with the same 
name,
> but
>   > with a different ID.
>   > The user receives the 'old' sambasid from the server to avoid local
>   > profile loss (deleting the user's local profile is NOT an option 
BTW).
>   >
>   > Where can I start looking for this ?
>   > Any ideas anyone ?
>   >
>   > Thanks in advance
>   >
>   > Bert De Ridder
>   >
>   >
>   >
>   > --
>   > To unsubscribe from this list go to the following URL and read the
>   > instructions:  http://lists.samba.org/mailman/listinfo/samba
>   >
> 
>   --
>   To unsubscribe from this list go to the following URL and read the
>   instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

_______________________
Umberto Zanatta
linuxDidattica

tel: +39 (335) 54 71 385
email: umberto.z at tin.it
web: http://linuxdidattica.org
_______________________
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba



More information about the samba mailing list