[Samba] Re: Primard Domain Controller feature not working

Paul Gienger pgienger at ae-solutions.com
Tue Mar 29 22:31:19 GMT 2005 

>problem!  I am using the 'using samba' book from o'reilly and it says
>that the parameter "domain admin group" is obsoleted in samba 3.0  I
>  
>
A good way to do that would be creating a unix group that you want to be 
mapped to Domain Admins, map it and assign it the appropriate SID (you 
can look into the source for the smbldap-tools to get it in plain 
text).  Then you simply add users to it.

>am using 3.0 and i cant add computers to the domain.  
>
Either use root (properly added as a samba user) or another user with 
uid=0, or use the privilege delegation tools in recent versions.  I 
believe the version that started with them was 3.0.9.   The 
documentation at samba.org (the howto and by example) should be your 
guide as they are updated for the current version.


>
>On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering
><thinkaboutit at gmail.com> wrote:
>  
>
>>Hey guys,
>>
>>I configured Samba do be the domain controller for my network and to
>>share folders.  the folder sharing works great.  The problem is that
>>the domain function does not work at all.  I cannot join the domain
>>from any workstation.  It just says that the controller cannot be
>>contacted.  I ran an Ethereal sniff on the packets and the computer
>>that i want to be PDC is sending ICMP Destination unreachable packets
>>in response to the NBNS Name Query.  Here is the packet that the
>>workstation is sending to the server.
>>
>>0000  00 11 11 ba 82 1a 00 0a  e6 d5 fa b4 08 00 45 00   ........ ......E.
>>0010  00 4e 01 fb 00 00 80 11  b4 53 c0 a8 01 9e c0 a8   .N...... .S......
>>0020  01 62 00 89 00 89 00 3a  81 4e 80 63 01 00 00 01   .b.....: .N.c....
>>0030  00 00 00 00 00 00 20 46  46 46 44 45 43 45 4a 45   ...... F FFDECEJE
>>0040  4f 45 48 45 50 43 41 43  41 43 41 43 41 43 41 43   OEHEPCAC ACACACAC
>>0050  41 43 41 43 41 42 4d 00  00 20 00 01               ACACABM. . ..
>>
>>The config file that i am using (not including shares that have
>>nothing to do with the domain controller).  I do not want roaming
>>profiles.
>>
>>        #NetBIOS settings
>>        netbios name            =       FILESERVER
>>        workgroup               =       USBINGO
>>        server string           =       File Server
>>
>>        log file                =       /var/log/samba/log.%m
>>        max log size            =       50
>>        time server             =       yes
>>        hide dot files          =       yes
>>        log level               =       1
>>
>>        #Security settings
>>        security                =       user
>>        domain logons           =       yes
>>        encrypt passwords       =       yes
>>
>>        #Turn on the WINS server
>>        wins support            =       yes
>>
>>        #Make sure that Samba is the master browser and domain master browser
>>        domain master           =       yes
>>        local master            =       yes
>>        preferred master         =       yes
>>        os level                =       65
>>
>>        add user script         =       /usr/sbin/useradd -d /dev/null
>>-g 100 -s /bin/false -M %u
>>
>>[netlogon]
>>        path                    =       /files/netlogon
>>        writable                =       no
>>        browsable               =       no
>>
>>Thanks,
>>-Mark
>>
>>    
>>
>
>
>  
>

-- 
Paul Gienger                    Office: 701-281-1884
Applied Engineering Inc.
Systems Architect               Fax:    701-281-1322
URL: www.ae-solutions.com       mailto: pgienger at ae-solutions.com

More information about the samba mailing list