[Samba] Joining XP SP2 to a Samba PDC

Lee Ball lee at effective-it.co.uk
Wed Aug 10 17:32:43 GMT 2005


Correction, the command you want is:

smbpasswd -a -m {machine name, no $}

DSanchez wrote:
> Hello and Thanks in advance.
>   
> I have a CentOS 4.1 Server and i have samba Version 3.0.10-1.4E
> I have 2 users on this server right now: Root, Dsanchez.
> 
> I have also issued this command to set up these 2 users on the Samba
> Server as well.
> smbpasswd -a root
> smbpasswd -a dsanchez
> and i set up the password to match the linux account.
> 
> Here is my SMB.conf file:
> 
> # Global parameters
> [global]
>         workgroup = ETNET
>         server string = Samba PDC Server
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*UNIX*password* %n\n
> *ReType*new*UNIX*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
>         unix password sync = Yes
>         log file = /var/log/samba/%m.log
>         max log size = 50
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         printcap name = /etc/printcap
>         add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
> /bin/false -M %u
>         add machine script = /usr/sbin/useradd -c Machine -d /dev/null
> -s /bin/false machine_name$
>         domain logons = Yes
>         os level = 65
>         preferred master = Yes
>         domain master = Yes
>         dns proxy = No
>         idmap uid = 16777216-33554431
>         idmap gid = 16777216-33554431
>         hosts allow = 10.78., 127.
>         cups options = raw
> 
> [homes]
>         comment = Home Directories
>         read only = No
>         browseable = No
> 
> [netlogon]
>         comment = Network Logon Service
>         path = /home/netlogon
>         guest ok = Yes
>         share modes = No
> 
> [printers]
>         comment = All Printers
>         path = /var/spool/samba
>         printable = Yes
>         browseable = No
> 
> 
> I have also made the following changes to the XP box.
> 
> Registry changes:
> 
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters\Requiresignorseal
> 
> Which i set to '0' from '1'
> 
> I have made sure the following in Local Security Policy is set:
> I edited or checked the following entries:
> "Domain member: Digitally encrypt or sign secure channel(Disabled)"
> "Domain member: Disable machine account password changes(Disabled)."
> "Domain member: Require strong (Windows 2000 or later) session key(Disabled)"
> 
> 
> Then i go to the Systems Properties/computer name change/
> 
> I change from workgroup: workgroup to Domain:ETINET
> 
> Then i click the 'ok' button, and a login window pops up.
> 
> I then use the following usernames to 'Join'
> 
> root
> admin
> administrator
> dsanchez
> etinet\root
> etinet\admin
> etinet\administrator
> etinet\dsanchez
> 
> I get the following error when i try to join as:
> administrator
> admin
> etinet\admin
> etinet\administrator
> 
> The following error occurred attempting to join the domain "ETINET":
> Logon Failure: Unknown Username or bad password.
> 
> When i try using the following this is what i get:
> root
> etinet\root
> 
> The following error occurred attempting to join the domain "ETINET":
> The username could not be found.
> 
> Then, if i try and use my account, whcih i added to the root group.
> Dsanchez
> etinet\Dsanchez
> 
> The following error occurred attempting to join the domain "ETINET":
> Access is Denied.
> 
> 
> Note, this is an XP SP2 Machine and i only have 1 user on this machine
> (Dsanchez)
> 
> 
> Also,
> 
> I did find that this script
> add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false
> 
> has a group of 102
> 
> and the machine log file that was in /var/log/samba/<machinename>.log
> had this error in it.
> 
> useradd: unknown group 102
> 
> however i do have this script in the smb.conf file.
> 
> add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
> 
> 
> So do i need both of these lines?
> do i need to make a group with the Gid of 102?
> 
> Thanks.


More information about the samba mailing list