[Samba] Can't login samba domain from xp/2k

Sebastian Rodriguez Guevara sguevara at blitzit.com.ar
Tue May 3 12:21:48 GMT 2005

Hello everybody.
    I am having troubles to log on a samba domain from winxp and win 
2000 workstations.
I patched the registry with the requiresignorseal=0, changed the local 
and group policies (following various comments found on the web), and 
added the machine account for samba (obviously, /etc/passwd too). I 
tried with samba 3.0.7, 3.0.10 and 3.0.13, Winxp with and without sp2, 
and win200 sp4. The computers join the domain without problems, but 
users can't log in. Win9x works fine. I put the log level on the high 
value (10), but i didn't find any difference in log files when I try to 
login from Win9x (the workin one)  or winxp/2k (non working).
    I can see the domain from "my network places" when I am working in a 

Tanks you all

This is the error: "The system cannot log you on to this domain because 
the system's computer account in its primary domain is missing or the 
password on that account is incorrect"

This is my smb.conf

   workgroup = DOMINIO
   netbios name = DOMAINSERVER
   server string = Samba Server %v
   printcap name = cups
   load printers = yes
   printing = cups
   printer admin = @adm
   log file = /var/log/samba3/log.%m
   max log size = 500
   log level = 10
   hosts allow = 192.168. 127.
   map to guest = bad user
   security = user
   encrypt passwords = yes
   smb passwd file = /etc/samba/private/smbpasswd
   unix password sync = no
   pam password change = yes
   passwd program = /usr/bin/passwd %u
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   local master = yes
   os level = 64
   domain master = yes
   preferred master = yes
   domain logons = yes
   logon script = logon.bat
   add user script = /usr/sbin/useradd -s /bin/false '%u'
   delete user script = /usr/sbin/userdel '%s'
   add user to group script = /usr/bin/gpasswd -a '%u' '%g'
   delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
   set primary group script = /usr/sbin/usermod -g '%g' '%u'
   add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: 
'{print $3}'
   delete group script = /usr/sbin/groupdel '%g'
   add machine script = /usr/sbin/useradd -d /dev/null -g smbmaq -c 
'Machine Account' -s /bin/false -M %u"$"
   passdb backend = smbpasswd guest
   name resolve order = wins lmhosts bcast
   wins support = yes
   wins proxy = no
   dns proxy = no
   preserve case = yes
   short preserve case = yes
   case sensitive = no
   valid users = +smbuser,root
   force group = +smbuser

#============================ Share Definitions 
   comment = Carpeta Personal de %U
   path = /smbshare/homes/share/%S
   browseable = no
   writable = yes
   create mask = 0700
   directory mask = 0700

   comment = Network Logon Service
   path = /var/lib/samba/netlogon
   guest ok = yes
   writable = no

   comment = All Printers
   path = /var/spool/samba
   browseable = yes
   guest ok = yes
   writable = no
   printable = yes
   create mode = 0700
   print command = lpr-cups -P %p -o raw %s -r

   comment = Recurso publico
   path = /smbshare/std/share
   valid users = +smbuser
   public = no
   writable = yes
   printable = no
   create mask = 0770
   force create mode = 0770
   directory mode = 0770
   force directory mode = 0770
   force group = smbuser
   hide unreadable = yes
*Sebastián Rodríguez Guevara*
Soporte Técnico
Blitz Information Technologies
(011) 4583-3334 Int.33

More information about the samba mailing list