[Samba] Windows XP SP2 doesn't login to SAMBA domain

Dean Landry landryd at bethany-ca.edu
Thu Sep 2 16:42:26 GMT 2004 

Hello,

We have a samba server for our computer lab.  Currently all the machines are
either windows 98 or windows 2000.  The 98 machines are assigned to the
'INTRANET' workgroup, while the windows 2000 machines are part of the
'INTRANET' domain.  We have no problems with this setup.

I'm now trying to deploy Windows XP (sp2) computers to this lab.  I'm
constantly getting errors about not being able to access the server (e.g.
Windows cannot connect to the domain, either because the domain controller
is down or otherwise available, or because your computer account was not
found).  Note, I was successfully able to join the computer to the domain (I
created the machine account on samba first).  Also, browsing the network
shares works fine.

I've tried the following:

- added an lmhosts file with a '\0x1b' entry for the domain
- told the XP client to use the samba machine for WINS
- disabled 'Domain Member:Digitally encrypt or sign secure channel data
(always)'
- enabled NetBIOS over TCP/IP
- disabled Windows Firewall

It sounds to me like a resolution issue (there are no entries in the log.smb
file), but I'd expect the WINS and/or lmhosts to fix that.

Any ideas?

Thanks,

Dean


More INFO:

Running Samba Version 2.2.3a-13 for Debian


smb.conf:

[global]
        interfaces = 192.168.1.0/24
        bind interfaces only = yes
        hosts allow = 192.168.1. 127.
        netbios name = public
        netbios aliases = student
        server string = File & Print Server
        workgroup = INTRANET
        remote announce = 192.168.1.255/INTRANET
        domain master = yes
        domain logons = yes
        preferred master = yes
        local master = yes
        os level = 34
 	  wins support = yes
        name resolve order = wins hosts lmhosts bcast
        dns proxy = yes
        security = user
        invalid users = bin daemon adm sync shutdown halt mail news sys uucp
operator gopher
        browseable = no
        guest ok = no
        encrypt passwords = yes
        null passwords = no
        password level = 0
        unix password sync = yes
        domain admin group = @admin
        add user script = /usr/sbin/useradd -d /dev/null -g machines -c
'Machine Account' -s /bin/false -M %u
        passwd program = /usr/bin/passwd %u
        passwd chat = *old*password* %o\n *new*password* %n\n *new*password*
%n\n *changed*
        logon script = %u.bat
        logon path =
        logon home =
[netlogon]
        comment = The domain logon service
        path = /home/public/netlogon
        writeable = no
        write list = @admin
        force group = users
[homes]
        comment = Files stored here are not accessible by others
        writable = yes
[apps]
        path = /home/public/apps
        volume = Apps
        comment = These applications are free for everyone to use
        writable = no
        read list = @admin, at users
        write list = @admin, at users
        force group = users

More information about the samba mailing list