[Samba] Samba 3.0.10 as a PDC

Philip Pemberton philpem at dsl.pipex.com
Tue Feb 22 23:33:52 GMT 2005


Hi,
  I'm trying to get Samba to act as the PDC for a domain populated by Win2k
boxen. All the machines are running Windows 2000 Professional. Unfortunately,
the 2k boxen all produce this error when I try and log in as a normal user:

  Windows cannot log you on because the profile cannot be loaded. Contact
your network administrator
  REASON - Access is denied.
  
Here's my smb.conf:
[ BEGIN SMB.CONF ]
# Global parameters
[global]
	netbios name			= POLARIS
	server string			= Main fileserver
	workgroup			= MILKYWAY

; domain & local master browser
; coz we're dealing with Win2k
	os level			= 65
	preferred master		= Yes
	domain master			= Yes
	local master			= Yes
	domain logons			= Yes

; misc options
	socket options			= TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
	time server			= Yes

; do not allow guest access, use only local system accounts
	security			= user
	guest ok			= No
	invalid users			= bin daemon sys man postfix mail ftp
	admin users			= @root, root

; domain administrators
;	domain admin group		= @root
;	domain admin users		= root

; use encrypted passwords
	encrypt passwords		= Yes

; logging (max log size is in kbytes)
	log level			= 0
	log file			= /var/log/samba/log.%m
	max log size			= 50
	debug timestamp			= Yes
	syslog				= 1

; user roaming profiles path
	logon path			= \\%N\profiles\%u
; general logon script (in DOS format)
#	logon script			= logon.bat

#	interfaces = 10.0.0.5
#	interfaces = eth0
#	dns proxy = No
#	wins proxy = Yes
#	printer admin = root, philpem
#	printing = cups

; share for domain controller
[netlogon]
	path				= /samba/netlogon
	public				= No
	writeable			= No
	browsable			= No
	valid users			= root @users

; share for storing user profiles
[profiles]
	path				= /samba/profiles
	writeable			= Yes
	create mask			= 0700
	directory mask			= 0700
	browsable			= No
	valid users			= root @users
	profile acls			= Yes

[homes]
	comment = Home Directories
	valid users = %S
	read only = No
	browseable = No

[printers]
	comment = All Printers
	path = /usr/spool/samba
	guest ok = Yes
	printable = Yes
	browseable = No

[CDs]
	comment = CDs
	path = /samba/cds
	read only = Yes
	guest ok = Yes
	write list = root, philpem

[public]
	comment = Public share (for file exchanging)
	path = /samba/public
	read only = No
	guest ok = Yes

[print$]
	comment = Printer drivers
	path = /etc/samba/drivers
	write list = root, philpem

[ END SMB.CONF ]

/samba/profiles is chmod 1777, /samba/netlogon is chmod 755. Both are chowned
root.root.

Does anyone have any suggestions?

Thanks.
-- 
Phil.                              | Acorn Risc PC600 Mk3, SA202, 64MB, 6GB,
philpem at philpem.me.uk              | ViewFinder, 10BaseT Ethernet, 2-slice,
http://www.philpem.me.uk/          | 48xCD, ARCINv6c IDE, SCSI
Acme Dynamite. Guaranteed to fail unsafe.


More information about the samba mailing list