[Samba] Domain login - XP 64 -> Samba
Brian Ruth
brian at bigkitty.org
Fri Jun 17 22:55:41 GMT 2005
I've tried changing the following under parameters over the last couple
of days:
disablepasswordchange
requiresignorseal
requirestrongkey
sealsecurechannel
signsecurechannel
Any other keys I should be looking at?
I'm beginning to wonder if Microsoft made some changes to the final copy
of XP 64 and there is perhaps a new registry key hidden somewhere.
Brian
Dominic Iadicicco wrote:
> It probably has nothing to do with the 64 bit processer. It sounds
> like there is somthing in the windows registry that not right, You
> migh try messing with the different setting in
> HKLM\System\CurrnetControlSet\Services\Netlogon\Parameters\
>
> Things like sealsecurechannel or signsecurechannel my need to be
> changed to a 0, also I know it should not make a difference you might
> also want to change requiresignalorseal .
>
> Good Luck
>
> On 6/17/05, Brian Ruth <brian at bigkitty.org> wrote:
>
>>I currently have samba setup as a file/login server. A variety of
>>clients running Windows 2000 and XP 32-bit authenticate normally without
>>any issues. I just brought up a Windows XP 64-bit box made the standard
>>group policy changes and joined the domain without any issues. When
>>attempting to login against the domain Windows returns "A remote
>>procedure call (RPC) protocol error occurred".
>>
>>The samba log for the client appears to indicate that the credentials
>>were correct. I have tried both versions 3.0.14a and
>>3.0.20pre1-SVN-build-766 with the exact same results.
>>
>>The output from testparm:
>>Load smb config files from /usr/local/etc/smb.conf
>>Processing section "[homes]"
>>Processing section "[netlogon]"
>>Processing section "[mp3s]"
>>Processing section "[world]"
>>Processing section "[wwwroot]"
>>Processing section "[apps]"
>>Processing section "[mame]"
>>Processing section "[media]"
>>Processing section "[backup]"
>>Server's Role (logon server) NOT ADVISED with domain-level security
>>Loaded services file OK.
>>Server role: ROLE_DOMAIN_BDC
>>Press enter to see a dump of your service definitions
>>[global]
>> workgroup = HOME
>> interfaces = xl0
>> security = DOMAIN
>> log file = /var/log/samba/log.%m
>> time server = Yes
>> logon script = logon.bat
>> logon drive = u:
>> logon home = \\panther\%U
>> domain logons = Yes
>> os level = 65
>> preferred master = Yes
>> domain master = Yes
>> wins support = Yes
>> invalid users = bin, daemon, sys, man, mail, ftp, alias, qmaill,
>>qmaild, qmailp, qmailq, qmailr, qmails, sshd, bind, uucp
>> admin users = @wheel
>>
>>[homes]
>> read only = No
>> create mask = 0600
>> directory mask = 0700
>>
>>[netlogon]
>> path = /export/home/samba/netlogon
>> admin users = brian
>> browseable = No
>>
>>[world]
>> comment = Misc Share
>> path = /world
>> valid users = @samba
>> read only = No
>>
>>[apps]
>> comment = Applications
>> path = /storage01/apps
>> valid users = @samba
>> read only = No
>>
>>[media]
>> comment = Media Share
>> path = /storage01/media
>> valid users = @samba
>> read only = No
>>
>>[backup]
>> comment = PC Backups
>> path = /storage01/pc.backup
>> valid users = @staff
>> read only = No
>>
>>It's interesting that the box can join the domain and successfully
>>connect to network shares - it just fails to authenticate. I'm probably
>>missing something obvious but a search of the list archives and the web
>>didn't produce any solutions.
>>
>>Thanks,
>>Brian
>>
>>--
>>To unsubscribe from this list go to the following URL and read the
>>instructions: https://lists.samba.org/mailman/listinfo/samba
>>
More information about the samba
mailing list