[Samba] Unable to login using 3.0.2a-SuSE as PDC and WinXP

RRuegner robert at ruegner.org
Sun Mar 7 11:00:12 GMT 2004


badewanne schrieb:

> Hello,
> I've got a strange problem here: I installed Samba 3.0.2a using
> the official rpms on a SuSE 9.0 machine.
> I configured samba in the smb.conf as a PDC and created user and
> machine accounts on the system as well as in the smbpasswd. Afterwards
> I was able to join the domain with my Windows XP client.
> After a reboot I am unable to log on to the Domain on my WinXP client.
> There's just the following error message:
> 
> "Windows cannot connect to the domain, either because the domain
> controller is down or otherwise unavailable, or because your computer
> account was not found. Please try again later. If this message
> continues to appear contact your Sys Admin for help."
> 
> "Requiresignorseal" on the client (Win XP SP1) is already disabled.
> Nonetheless I can see the shared drives on the server after a local
> login on my client, but I cannot access them as the server refuses my
> login (user/pass). It is definately no typo or caps lock error.
> My smb.conf:
> 
> [global]
>    workgroup = domain
>    guest account = nobody
>    keep alive = 30
>    os level = 80
>    kernel oplocks = false
>    security = user
>    encrypt passwords = yes
>    socket options = TCP_NODELAY
>    map to guest = Bad User
>    interfaces = 192.168.1.1/255.255.255.0
>    wins support = no
>    logon script = %U.bat
>    domain logons = yes
>    domain master = yes
>    username level = 3
>    password level = 3
>    log level = 3
> 
> [NetLogon]
>    path = /usr/samba/netlogon
>    browseable = yes
>    public = no
>    read only = no
>    valid users = steven
>    read list = steven
>    write list = steven
>    force create mode = 0777
>    force directory mode = 0777
> 
> 
> The following is what the log file says (log level 3) after trying a
> logon:
> WinXP client name: cli
> Domain name: DOMAIN
> Samba server name: SERVER
> 
> ========================snip========================
> 
> [2004/03/07 00:06:34, 3] smbd/oplock.c:init_oplocks(1226)
>   open_oplock_ipc: opening loopback UDP socket.
> [2004/03/07 00:06:34, 3] smbd/oplock.c:init_oplocks(1257)
>   open_oplock ipc: pid = 2346, global_oplock_port = 32770
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 0 of length 72
> [2004/03/07 00:06:34, 2] smbd/reply.c:reply_special(105)
>   netbios connect: name1=SERVER          name2=ABC
> [2004/03/07 00:06:34, 2] smbd/reply.c:reply_special(112)
>   netbios connect: local=server remote=cli, name type = 0
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 1 of length 137
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBnegprot (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [PC NETWORK PROGRAM 1.0]
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [LANMAN1.0]
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [Windows for Workgroups 3.1a]
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [LM1.2X002]
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [LANMAN2.1]
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [NT LM 0.12]
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_nt1(329)
>   using SPNEGO
> [2004/03/07 00:06:34, 3] smbd/negprot.c:reply_negprot(532)
>   Selected protocol NT LM 0.12
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 2 of length 238
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBsesssetupX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_sesssetup_and_X(638)
>   wct=12 flg2=0xc807
> [2004/03/07 00:06:34, 2] smbd/sesssetup.c:setup_new_vc_session(591)
>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(518)
>   Doing spnego session setup
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(549)
>   NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[]
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_spnego_negotiate(427)
>   Got OID 1 3 6 1 4 1 311 2 2 10
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_spnego_negotiate(430)
>   Got secblob of size 38
> [2004/03/07 00:06:34, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
>   Got NTLMSSP neg_flags=0xe008b297
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 3 of length 260
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBsesssetupX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_sesssetup_and_X(638)
>   wct=12 flg2=0xc807
> [2004/03/07 00:06:34, 2] smbd/sesssetup.c:setup_new_vc_session(591)
>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(518)
>   Doing spnego session setup
> [2004/03/07 00:06:34, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(549)
>   NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[]
> [2004/03/07 00:06:34, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(616)
>   Got user=[] domain=[] workstation=[CLI] len1=1 len2=0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] auth/auth.c:check_ntlm_password(219)
>   check_ntlm_password:  Checking password for unmapped user []\[]@[CLI] with the new password interface
> [2004/03/07 00:06:34, 3] auth/auth.c:check_ntlm_password(222)
>   check_ntlm_password:  mapped user is: [DOMAIN]\[]@[CLI]
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(235)
>   fetch sid from gid cache 65533 -> S-1-5-21-2903860860-3466111512-1381306433-132067
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] auth/auth.c:check_ntlm_password(268)
>   check_ntlm_password: guest authentication for user [] succeeded
> [2004/03/07 00:06:34, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
>   NTLMSSP Sign/Seal - Initialising with flags:
> [2004/03/07 00:06:34, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
>   Got NTLMSSP neg_flags=0x60088215
> [2004/03/07 00:06:34, 3] smbd/password.c:register_vuid(221)
>   User name: nobody     Real name: nobody
> [2004/03/07 00:06:34, 3] smbd/password.c:register_vuid(240)
>   UNIX uid 65534 is UNIX user nobody, and will be vuid 100
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 4 of length 82
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBtconX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/service.c:make_connection_snum(543)
>   Connect path is '/tmp' for service [IPC$]
> [2004/03/07 00:06:34, 3] lib/util_seaccess.c:se_access_check(251)
> [2004/03/07 00:06:34, 3] lib/util_seaccess.c:se_access_check(252)
>   se_access_check: user sid is S-1-5-21-2903860860-3466111512-1381306433-501
>   se_access_check: also S-1-5-21-2903860860-3466111512-1381306433-514
>   se_access_check: also S-1-1-0
>   se_access_check: also S-1-5-2
>   se_access_check: also S-1-5-32-546
>   se_access_check: also S-1-5-21-2903860860-3466111512-1381306433-132067
>   se_access_check: also S-1-5-21-2903860860-3466111512-1381306433-132069
> [2004/03/07 00:06:34, 3] smbd/vfs.c:vfs_init_default(203)
>   Initialising default vfs hooks
> [2004/03/07 00:06:34, 3] lib/util_seaccess.c:se_access_check(251)
> [2004/03/07 00:06:34, 3] lib/util_seaccess.c:se_access_check(252)
>   se_access_check: user sid is S-1-5-21-2903860860-3466111512-1381306433-501
>   se_access_check: also S-1-5-21-2903860860-3466111512-1381306433-514
>   se_access_check: also S-1-1-0
>   se_access_check: also S-1-5-2
>   se_access_check: also S-1-5-32-546
>   se_access_check: also S-1-5-21-2903860860-3466111512-1381306433-132067
>   se_access_check: also S-1-5-21-2903860860-3466111512-1381306433-132069
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (65534, 65533) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/service.c:make_connection_snum(705)
>   cli (192.168.0.1) connect to service IPC$ initially as user nobody (uid=65534, gid=65533) (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/reply.c:reply_tcon_and_X(326)
>   tconX service=IPC$
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 5 of length 108
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBntcreateX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (65534, 65533) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/nttrans.c:nt_open_pipe(503)
>   nt_open_pipe: Known pipe NETLOGON opening.
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 6 of length 140
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBwriteX (pid 2346)
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(860)
>   api_pipe_bind_req: \PIPE\NETLOGON -> \PIPE\lsass
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe.c:check_bind_req(732)
>   check_bind_req for \PIPE\NETLOGON
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
>   writeX-IPC pnum=7050 nwritten=72
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 7 of length 63
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBreadX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_read_and_X(242)
>   readX-IPC pnum=7050 min=1024 max=1024 nread=68
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 8 of length 156
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBwriteX (pid 2346)
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>   free_pipe_context: destroying talloc pool of size 0
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe.c:api_rpcTNP(1509)
>   api_rpcTNP: rpc command: NET_REQCHAL
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>   free_pipe_context: destroying talloc pool of size 26
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
>   writeX-IPC pnum=7050 nwritten=88
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 9 of length 63
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBreadX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_read_and_X(242)
>   readX-IPC pnum=7050 min=1024 max=1024 nread=36
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 10 of length 184
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBwriteX (pid 2346)
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>   free_pipe_context: destroying talloc pool of size 0
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>   free_pipe_context: destroying talloc pool of size 0
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
>   writeX-IPC pnum=7050 nwritten=116
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 11 of length 63
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBreadX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_read_and_X(242)
>   readX-IPC pnum=7050 min=1024 max=1024 nread=32
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 12 of length 184
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBwriteX (pid 2346)
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>   free_pipe_context: destroying talloc pool of size 0
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe.c:api_rpcTNP(1509)
>   api_rpcTNP: rpc command: NET_AUTH2
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(65534, 65533) : sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(100) : conn_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
> [2004/03/07 00:06:34, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(100) : conn_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2004/03/07 00:06:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (65534, 65533) - sec_ctx_stack_ndx = 0
> [2004/03/07 00:06:34, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>   free_pipe_context: destroying talloc pool of size 36
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
>   writeX-IPC pnum=7050 nwritten=116
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 13 of length 63
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBreadX (pid 2346)
> [2004/03/07 00:06:34, 3] smbd/pipes.c:reply_pipe_read_and_X(242)
>   readX-IPC pnum=7050 min=1024 max=1024 nread=40
> [2004/03/07 00:06:34, 3] smbd/process.c:process_smb(890)
>   Transaction 14 of length 45
> [2004/03/07 00:06:34, 3] smbd/process.c:switch_message(685)
>   switch message SMBclose (pid 2346)
> 
> 
> ========================snip========================
> 
> 
> Is here anybody who can help? I'm looking for the failure for 2 days
> now and I read hundereds of tutorials and other stuff google told me
> to, but I don't find a solution. I also tried Samba 2.2.8 before I
> upgraded to 3.0.2 - no success.
> Any help and every hint is welcome.
> 
> Steve
> 
hi,
you dont need the seal reg patch anymore ,
make wins support = yes
this is a working smb pdc with suse 9 samba 3.02a please compare the conf
regards
# Samba config file created using SWAT
# from 10.10.10.7 (10.10.10.7)
# Date: 2003/12/06 16:12:36

# Global parameters
[global]
	guest account = nobody
	winbind enum users = yes
         winbind enum groups = yes
	winbind use default domain = yes
	winbind uid = 10000-20000
	winbind gid = 10000-20000
         winbind cache time = 10
	winbind separator = +
         template shell = /bin/bash
         template homedir = /home/%D/%U
	password server = *
	load printers = yes
	unix charset = ISO8859-1
	display charset = ISO8859-1
	workgroup = ROBOWARP
	netbios name = SMBPDC
	interfaces = lo, eth1, tap0
	bind interfaces only = Yes
	server schannel = Yes
	passdb backend = smbpasswd:/etc/samba/smbpasswd
	pam password change = Yes
	passwd program = /usr/bin/passwd %u
	passwd chat = *password* %n\n *password* %n\n *changed*
	username map = /etc/samba/smbusers
	unix password sync = Yes
	log level = 2
	syslog = 0
	log file = /var/log/samba/%m
	name resolve order = host lmhosts wins bcast
	time server = Yes
	keepalive = 255
	socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF
	printcap name = cups
	add user script = /usr/sbin/useradd -m %u
	delete user script = /usr/sbin/userdel -r %u
	add group script = /usr/sbin/groupadd -r %g
	delete group script = /usr/sbin/groupdel %g
	add user to group script = /usr/bin/gpasswd -a %u %g
	delete user from group script = /usr/bin/gpasswd -d %u %g
	set primary group script = /usr/sbin/usermod -g '%g' '%u'
	add machine script = /usr/sbin/useradd -g Machines -c Machine -d 
/dev/null -s /bin/false %u
	shutdown script = /sbin/shutdown
	abort shutdown script = /sbin/shutdown -c
	logon path = \\%L\%U\profile
	logon drive = Z:
	logon home = \\%L\%u
	logon script = default.bat
	domain logons = Yes
	os level = 255
	domain master = Yes
	wins proxy = Yes
	wins support = Yes
	ldap ssl = no
	add share command = 
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
	change share command = 
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
	delete share command = 
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
	utmp = Yes
	host msdfs = Yes
	idmap uid = 15000-20000
	idmap gid = 15000-20000
	admin users = root, Administrator, rruegner
	hosts allow = 127., 10.10.100., 10.10.110., 10.10.10., 10.10., 192.168.
	#sync wins
	remote browse sync = 192.168.10.1, 10.10.10.2, 10.10.0.2
	remote announce = 192.168.10.1, 10.10.10.2, 10.10.10.2
	use sendfile = Yes
	printing = cups
	delete veto files = Yes
	browseable = No
	dns proxy = yes
	wins hook = /usr/share/doc/packages/samba3/examples/wins_hook/dns_update
	add printer command =
	local master = yes
[files1]
	comment = public files
	path = /files1
	read only = No
	guest ok = Yes
	browseable = Yes
	csc policy = disable
	vfs objects = vscan-fprotd, netatalk, audit, recycle:repository, 
recycle:keeptree, recycle:versions
	hosts allow = 127., 10.10.100., 10.10.110.
[files2]
	comment = public files
	path = /files2
	read only = No
	guest ok = Yes
	browseable = Yes
	csc policy = disable
	vfs objects = vscan-fprotd, netatalk, audit, recycle:repository, 
recycle:keeptree, recycle:versions
	hosts allow = 127., 10.10.100., 10.10.110.
[files3]
	comment = public files
	path = /files3
	read only = No
	guest ok = Yes
	browseable = Yes
	csc policy = disable
	vfs objects = vscan-fprotd, netatalk, audit, recycle:repository, 
recycle:keeptree, recycle:versions
	hosts allow = 127., 10.10.100., 10.10.110.
[win2kcd]
         comment = win2kcd
         path = /files3/win2kcd
         read only = No
         guest ok = Yes
         browseable = Yes
         csc policy = disable
         vfs objects = vscan-fprotd, netatalk, audit, 
recycle:repository, recycle:keeptree, recycle:versions
         hosts allow = 127., 10.10.100., 10.10.110.
[homes]
	comment = Home Directories
	read only = No
	veto files = 
/*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network 
Trash Folder/.*/
	hide files = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
	vfs objects = vscan-fprotd, netatalk, audit, recycle:repository, 
recycle:keeptree, recycle:versions
	hosts allow = 127., 10.10.100., 10.10.110.
[netlogon]
	comment = Netlogon Share
	path = /var/lib/samba/netlogon
	csc policy = disable
	locking = No
	share modes = No
	vfs objects = vscan-fprotd, netatalk, audit, recycle:repository, 
recycle:keeptree, recycle:versions
	hosts allow = 127., 10.10.100., 10.10.110., 10.10.10., 10.10.
[pdf]
         comment = output files from pdf printer
         path = /pdf
         read only = No
         guest ok = Yes
         browseable = Yes
         csc policy = disable
	vfs objects = vscan-fprotd, netatalk, audit, recycle:repository, 
recycle:keeptree, recycle:versions
	hosts allow = 127., 10.10.100., 10.10.110.
[printers]
	comment = All Printers
	path = /var/spool/samba
	guest ok = Yes
	printable = Yes
	browseable = no
  	read only = No
	hosts allow = 127., 10.10.100., 10.10.110., 10.10.10., 10.10.
[bjc2000]
	comment = printer bjc2000
	path = /var/spool/samba
	read only = No
	guest ok = Yes
	printable = Yes
	browseable = yes
	printer admin = root
     	default devmode = Yes
	hosts allow = 127., 10.10.100., 10.10.110.
[print$]
	comment = printer driver area
	path = /var/lib/samba/drivers
	browsable = yes
	read only = yes
	guest ok = yes
	write list = root
[pdfwriter]
	comment = PDF File Generator
	path = /var/spool/samba
	printable = yes
	guest ok = Yes
	browseable = yes
	default devmode = Yes
	read only = No
	printer admin = root
	hosts allow = 127., 10.10.100., 10.10.110.
[cdrom]
         comment = server cdrom automount service
         path = /media/cdrom
         read only = yes
         guest ok = Yes
         browseable = Yes
	csc policy = disable
	locking = no
	vfs objects = vscan-fprotd
	hosts allow = 127., 10.10.100., 10.10.110.
[dvd]
         comment = server dvd automount service
         path = /media/dvd
         read only = yes
         guest ok = Yes
         browseable = Yes
	csc policy = disable
	locking = no
	vfs objects = vscan-fprotd
	hosts allow = 127., 10.10.100., 10.10.110.
[www]
         comment = www ftp
         path = /srv
         read only = no
         write list = rruegner, root
         browseable = Yes
         locking = no
	csc policy = disable
	vfs objects = vscan-fprotd
	hosts allow = 127., 10.10.100., 10.10.110.












More information about the samba mailing list