[Samba] SAMBA 3 not working with W2K/XP in PDC mode.
Jean Carlos de Almeida
jeancarlos at ig.com.br
Sun Jan 23 00:26:53 GMT 2005
Hi Everybody,
I tried to use SAMBA 3.0.7 in Mandrake 10.1 / Kernel 2.6 but Itś not
working. I did see muchs documents about this, and the first machine
make the registration in domain and make the first logon (runnig scripts
and saves profiles perfect). But when I try to put a second machine,
using the same version of Windows and the same configuration, the
machine make the registration in Domain but the Logon fail. The message
is : The Domain is not accessible or the machine count not exist or
password is wrong. After try with second machine, the first machine stop
works, and no more make logons, the same error happens !
I did make the same with Windows 98, and this working fine, run scripts
and saves profiles, only W2k/XP not working.
I saw the docs in SAMBA.ORG, and see the parameter like server
schannel, user schannel, but I changed all and nothing happens.
In attachements is my smb.conf.
PS - in smbpasswd the 12 first numbers about the password of the
account machine after first logon good is changed do "X", but the orders
not change.
-------------- next part --------------
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]
log file = /var/log/samba/log.%m
smb passwd file = /etc/samba/smbpasswd
load printers = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
username level = 8
domain master = yes
map to guest = bad user
encrypt passwords = yes
logon home = \\NEO\netlogon
wins support = yes
name resolve order = bcast wins lmhosts hosts
passwd program = /usr/bin/passwd %u
printer admin = @adm
password level = 8
dns proxy = no
netbios name = NEO
server string = Samba Server %v
printing = cups
logon script = %U.bat
unix password sync = yes
local master = yes
logon path = \\NEO\Profiles\%U
workgroup = LINUX
os level = 99
printcap name = cups
security = user
preferred master = yes
max log size = 50
domain logons = yes
password chat debug = yes
password chat = \
*password* %n\n \
*password* %n\n \
*successful*
[homes]
comment = Home Directories
browseable = no
writable = yes
# You can enable VFS recycle bin on a per share basis:
# Uncomment the next 2 lines (make sure you create a
# .recycle folder in the base of the share and ensure
# all users will have write access to it. See
# examples/VFS/recycle/REAME in samba-doc for details
; vfs object = /usr/lib/samba/vfs/recycle.so
# Un-comment the following and create the netlogon directory for Domain Logons
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = yes
writable = yes
#Uncomment the following 2 lines if you would like your login scripts to
#be created dynamically by ntlogon (check that you have it in the correct
#location (the default of the ntlogon rpm available in contribs)
;root preexec = /usr/bin/ntlogon -u %U -g %G -o %a -d /var/lib/samba/netlogon
;root postexec = rm -f /var/lib/samba/netlogon/%U.bat
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
[Profiles]
create mode = 0600
csc policy = disable
directory moded = 0700
path = /home/profile
profile acls = yes
read only = no
# This script can be enabled to create profile directories on the fly
# You may want to turn off guest acces if you enable this, as it
# hasn't been thoroughly tested.
;root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \
; then mkdir -pm700 $PROFILE; chown %u.%g $PROFILE;fi
# NOTE: If you have a CUPS print system there is no need to
# specifically define each individual printer.
# You must configure the samba printers with the appropriate Windows
# drivers on your Windows clients or upload the printer driver to the
# server from Windows (NT/2000/XP). On the Samba server no filtering is
# done. If you wish that the server provides the driver and the clients
# send PostScript ("Generic PostScript Printer" under Windows), you have
# to use 'printcap name = cups' or swap the 'print command' line below
# with the commented one. Note that print commands only work if not using
# 'printing=cups'
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# to allow user 'guest account' to print.
guest ok = yes
writable = no
printable = yes
create mode = 0700
# =====================================
# print command: see above for details.
# =====================================
print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
; print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients).
# This share is used for Windows NT-style point-and-print support.
# To be able to install drivers, you need to be either root, or listed
# in the printer admin parameter above. Note that you also need write access
# to the directory and share definition to be able to upload the drivers.
# For more information on this, please see the Printing Support Section of
# /usr/share/doc/samba-<version>/docs/Samba-HOWTO-Collection.pdf
#
# A special case is using the CUPS Windows Postscript driver, which allows
# all features available via CUPS on the client, by publishing the ppd file
# and the cups driver by using the 'cupsaddsmb' tool. This requires the
# installation of the CUPS driver (http://www.cups.org/windows.php)
# on the server, but doesn't require you to use Windows at all :-).
[print$]
path = /var/lib/samba/printers
browseable = yes
write list = @adm root
guest ok = yes
inherit permissions = yes
# Settings suitable for Winbind:
; write list = @"Domain Admins" root
; force group = +@"Domain Admins"
# A useful application of samba is to make a PDF-generation service
# To streamline this, install windows postscript drivers (preferably colour)
# on the samba server, so that clients can automatically install them.
# Note that this only works if 'printing' is *not* set to 'cups'
[pdf-generator]
path = /var/tmp
guest ok = No
printable = Yes
comment = PDF Generator (only valid users)
#print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP &
print command = /usr/share/samba/scripts/print-pdf %s ~%u //%L/%u %m %I "%J" &
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba/public
; public = yes
; writable = no
; write list = @staff
# Audited directory through experimental VFS audit.so module:
# Uncomment next line.
; vfs object = /usr/lib/samba/vfs/audit.so
# Other examples.
#
# A private printer, usable only by Fred. Spool data will be placed in Fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# A private directory, usable only by Fred. Note that Fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %u option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes
# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
[Public]
path = /home/public
public = yes
guest ok = yes
writable = yes
printable = no
browseable = yes
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
[RAIZ]
path = /
public = yes
guest ok = yes
[USUARIOS]
path = /home/usuarios
-------------- next part --------------
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/sh
daemon:x:2:2:daemon:/sbin:/bin/sh
adm:x:3:4:adm:/var/adm:/bin/sh
lp:x:4:7:lp:/var/spool/lpd:/bin/sh
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/bin/sh
news:x:9:13:news:/var/spool/news:/bin/sh
uucp:x:10:14:uucp:/var/spool/uucp:/bin/sh
operator:x:11:0:operator:/var:/bin/sh
games:x:12:100:games:/usr/games:/bin/sh
nobody:x:65534:65534:Nobody:/:/bin/sh
rpm:x:13:101:system user for rpm:/var/lib/rpm:/bin/false
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:70:70:system user for portmap:/:/bin/false
xfs:x:71:71:system user for xorg-x11:/etc/X11/fs:/bin/false
messagebus:x:72:72:system user for dbus:/:/sbin/nologin
postfix:x:73:73:system user for postfix:/var/spool/postfix:/bin/false
rpcuser:x:74:74:system user for nfs-utils:/var/lib/nfs:/bin/false
sshd:x:75:75:system user for openssh:/var/empty:/bin/true
gdm:x:76:76:system user for gdm:/var/lib/gdm:/bin/false
named:x:77:77:system user for bind:/var/named:/bin/false
squid:x:78:78:system user for squid:/var/spool/squid:/bin/false
paulinha:x:500:100::/home/paulinha:/bin/bash
jean:x:501:100:Jean Carlos de Almeida:/home/jean:/bin/bash
morpheo$:x:1200:300:Workstation:/dev/null:/bin/false
teste:x:1201:100::/home/teste:/bin/bash
administrador:x:1202:100::/home/administrador:/bin/bash
atoledo:x:1203:100::/home/atoledo:/bin/bash
rzanatta$:x:1200:300:Workstation:/dev/null:/bin/false
tmelo$:x:1200:300:Workstation:/dev/null:/bin/false
avayalab4$:x:1200:300:Workstation:/dev/null:/bin/false
stec$:x:1200:300:Workstation:/dev/null:/bin/false
para$:x:1200:300:Workstation:/dev/null:/bin/false
maxpress$:x:1200:300:Workstation:/dev/null:/bin/false
-------------- next part --------------
root:$1$h4SE1Er1$7WE8rNc2d1JmsLVQ7n3320:12743:0:99999:7:::
bin:*:12728:0:99999:7:::
daemon:*:12728:0:99999:7:::
adm:*:12728:0:99999:7:::
lp:*:12728:0:99999:7:::
sync:*:12728:0:99999:7:::
shutdown:*:12728:0:99999:7:::
halt:*:12728:0:99999:7:::
mail:*:12728:0:99999:7:::
news:*:12728:0:99999:7:::
uucp:*:12728:0:99999:7:::
operator:*:12728:0:99999:7:::
games:*:12728:0:99999:7:::
nobody:*:12728:0:99999:7:::
rpm:!!:12728:0:99999:7:::
vcsa:!!:12728:0:99999:7:::
rpc:!!:12728:0:99999:7:::
xfs:!!:12728:0:99999:7:::
messagebus:!!:12728:0:99999:7:::
postfix:!!:12728:0:99999:7:::
rpcuser:!!:12728:0:99999:7:::
sshd:!!:12728:0:99999:7:::
gdm:!!:12728:0:99999:7:::
named:!!:12730:0:99999:7:::
squid:!!:12730:0:99999:7:::
paulinha:$1$6u.KBuSI$6Gg451RY1JcUkFa2GghMm1:12733::99999::::
jean:$1$GD7W58/H$nls.ngxhPL07Iou8mOaWQ.:12743::99999::::
morpheo$:*:9797:0:::::
teste:$1$vgWxbGWT$2l0oEIbFoq8hHzADByVE71:12735:0:99999:7:::
administrador:$1$xJBbnoTb$p5JQDeTDvlV7FKLccZLL7/:12737:0:99999:7:::
atoledo:$1$UcYdkWc3$a7sogzrK8fEZWTikAreUc.:12770:0:99999:7:::
tmelo$:*:9797:0:::::
rzanatta$:*:9797:0:::::
avayalab4$:*:9797:0:::::
stec$:*:9797:0:::::
para$:*:9797:0:::::
maxpress$:*:9797:0:::::
-------------- next part --------------
root:x:0:
bin:x:1:
daemon:x:2:messagebus
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:
mail:x:12:
news:x:13:
uucp:x:14:
man:x:15:
floppy:x:19:
games:x:20:
cdrom:x:22:
utmp:x:24:
usb:x:43:
cdwriter:x:80:
audio:x:81:
video:x:82:
users:x:100:paulinha
nogroup:x:65534:
rpm:x:101:
xgrp:x:102:xfs,gdm
ntools:x:103:
ctools:x:104:
vcsa:x:69:
rpc:x:70:
xfs:x:71:
messagebus:x:72:
postfix:x:73:
postdrop:x:105:postfix
rpcuser:x:74:
machines:x:421:
sshd:x:75:
slocate:x:422:
gdm:x:76:
named:x:77:
squid:x:78:
paulinha:x:500:
workstation::300:
teste:x:1201:
pppusers:x:230:
popusers:x:231:
slipusers:x:232:
More information about the samba
mailing list