[Samba] Can't login samba domain from xp/2k

John H Terpstra jht at PrimaStasys.Com
Tue May 3 12:29:29 GMT 2005


On Tuesday 03 May 2005 06:21, Sebastian Rodriguez Guevara wrote:
> Hello everybody.
>     I am having troubles to log on a samba domain from winxp and win
> 2000 workstations.
> I patched the registry with the requiresignorseal=0, changed the local
> and group policies (following various comments found on the web), and
> added the machine account for samba (obviously, /etc/passwd too). I
> tried with samba 3.0.7, 3.0.10 and 3.0.13, Winxp with and without sp2,
> and win200 sp4. The computers join the domain without problems, but
> users can't log in. Win9x works fine. I put the log level on the high
> value (10), but i didn't find any difference in log files when I try to
> login from Win9x (the workin one)  or winxp/2k (non working).
>     I can see the domain from "my network places" when I am working in a
> workgroup.
>
> Tanks you all

Hello. Have you been following the Samba documentation?
Which documents have you followed?
Have you followed the book "Samba-3 by Example"? If not, following this book 
may save you a lot of trouble. If you have, I would appreciate a step-by-step 
log of what you did as well as a detailed description of all failures so that 
the documentation can be corrected.

Thanks.

- John T.

>
> This is the error: "The system cannot log you on to this domain because
> the system's computer account in its primary domain is missing or the
> password on that account is incorrect"
>
> This is my smb.conf
>
> [global]
>    workgroup = DOMINIO
>    netbios name = DOMAINSERVER
>    server string = Samba Server %v
>    printcap name = cups
>    load printers = yes
>    printing = cups
>    printer admin = @adm
>    log file = /var/log/samba3/log.%m
>    max log size = 500
>    log level = 10
>    hosts allow = 192.168. 127.
>    map to guest = bad user
>    security = user
>    encrypt passwords = yes
>    smb passwd file = /etc/samba/private/smbpasswd
>    unix password sync = no
>    pam password change = yes
>    passwd program = /usr/bin/passwd %u
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>    local master = yes
>    os level = 64
>    domain master = yes
>    preferred master = yes
>    domain logons = yes
>    logon script = logon.bat
>    add user script = /usr/sbin/useradd -s /bin/false '%u'
>    delete user script = /usr/sbin/userdel '%s'
>    add user to group script = /usr/bin/gpasswd -a '%u' '%g'
>    delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
>    set primary group script = /usr/sbin/usermod -g '%g' '%u'
>    add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F:
> '{print $3}'
>    delete group script = /usr/sbin/groupdel '%g'
>    add machine script = /usr/sbin/useradd -d /dev/null -g smbmaq -c
> 'Machine Account' -s /bin/false -M %u"$"
>    passdb backend = smbpasswd guest
>    name resolve order = wins lmhosts bcast
>    wins support = yes
>    wins proxy = no
>    dns proxy = no
>    preserve case = yes
>    short preserve case = yes
>    case sensitive = no
>    valid users = +smbuser,root
>    force group = +smbuser
>
> #============================ Share Definitions
> ==============================
> [homes]
>    comment = Carpeta Personal de %U
>    path = /smbshare/homes/share/%S
>    browseable = no
>    writable = yes
>    create mask = 0700
>    directory mask = 0700
>
> [netlogon]
>    comment = Network Logon Service
>    path = /var/lib/samba/netlogon
>    guest ok = yes
>    writable = no
>
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    browseable = yes
>    guest ok = yes
>    writable = no
>    printable = yes
>    create mode = 0700
>    print command = lpr-cups -P %p -o raw %s -r
>
> [Common]
>    comment = Recurso publico
>    path = /smbshare/std/share
>    valid users = +smbuser
>    public = no
>    writable = yes
>    printable = no
>    create mask = 0770
>    force create mode = 0770
>    directory mode = 0770
>    force directory mode = 0770
>    force group = smbuser
>    hide unreadable = yes
> --
> *Sebastián Rodríguez Guevara*
> Soporte Técnico
> Blitz Information Technologies
> www.blitzIT.com.ar
> (011) 4583-3334 Int.33

-- 
John H Terpstra, CTO
PrimaStasys Inc.
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.


More information about the samba mailing list