[Samba] OS X Server (Samba 3.0.5) and Windows clients logging on with cached credentials

Paul Fisher paulinvancouver at hotmail.com
Mon Nov 29 23:35:09 GMT 2004

I am having some issues with my Windows clients (2000 SP4 and XP SP2) 
authenticating to my Mac OS X server running Samba 3.0.5.  The OS X server 
is configured as a PDC for the Windows domain.  Clients are able to log on 
and map drives when wired to the network, but when the net connection is 
unavailable, they cannot log on using cached credentials.  This is an issue 
for my laptop users who need the ability to log on when not in the office.  
The error message displayed when attempting to log on is "The system cannot 
log you on now because the domain OFFICE is not available."

Upon review of the log files it appears as if the clients are authenticating 
using NTLM.

Is there a setting that I can modify in the smb.conf which will trigger the 
clients to allow offline access?

Here are the contents of smb.conf:
        workgroup = OFFICE
        display charset = UTF-8-MAC
        print command = /usr/sbin/PrintServiceAccess printps %p %s
        lprm command = /usr/sbin/PrintServiceAccess remove %p %j
        security = user
        guest account = unknown
        encrypt passwords = yes
        printing = BSD
        allow trusted domains = no
        preferred master = yes
        lppause command = /usr/sbin/PrintServiceAccess hold %p %j
        netbios name = officeserver
        wins support = no
        add machine script = /usr/bin/opendirectorypdbconfig -c 
create_computer_account -r %u -n "/LDAPv3/"
        max smbd processes = 0
        printcap =
        server string = Office Server
        lpresume command = /usr/sbin/PrintServiceAccess release %p %j
        logon drive = H:
        client ntlmv2 auth = no
        domain logons = yes
        lpq command = /usr/sbin/PrintServiceAccess jobs %p
        admin users = @admin
        passdb backend = opendirectorysam guest
        dos charset = CP437
        unix charset = UTF-8-MAC
        auth methods = guest opendirectory
        local master = yes
        use spnego = no
        domain master = yes
        logon path = \\%N\profiles\%u
        printer admin = @admin, @staff
        map to guest = Never
        log level = 2


More information about the samba mailing list