[Samba] Error join samba PDC from XP

Erik Skogh erik.skogh at gmail.com
Tue Oct 18 12:57:47 GMT 2005


Hi.

Iv'e set up samba as PDC with LDAP and trying to connect a Windows XP Pro
machine to the domain.
When i'm trying to join the domain XP popups a logon-windows, but no one of
the accounts i have added will work to login,
XP say something like "Cannot find the selected domain or cannot connect".

I've also detected an error in /var/log/samba/log.nmbd which i dont
understand:

[2005/10/18 14:45:51, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.


Here is my smb.conf


fileserver log/samba# testparm
Load smb config files from /etc/samba/smb.conf
params.c:Parameter() - Ignoring badly formed line in configuration file: log
file /var/log/samba/log.%m
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[pub]"
Processing section "[backup]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

# Global parameters
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = FASITET
realm = FASITET.SE <http://FASITET.SE>
server string = Samba Server %v
interfaces = eth1, lo
passdb backend = ldapsam:ldap://127.0.0.1
passwd program = /usr/sbin/smbldap-passwd -u %u
username map = /etc/samba/smbusers
unix password sync = Yes
syslog = 0
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
add user script = /usr/sbin/smbldap-useradd -m "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = startup.bat
logon path =
logon drive = F:
logon home =
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=Manager,dc=fasitet,dc=se
ldap delete dn = Yes
ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=fasitet,dc=se
ldap user suffix = ou=Users
idmap uid = 500-10000000
idmap gid = 500-10000000
winbind separator = .
winbind use default domain = Yes
admin users = "@Domain Admins"

[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon

[profiles]
comment = Network Profiles Service
path = /var/lib/samba/profiles/
read only = No
create mask = 0644

[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775

[pub]
comment = Public Directory
path = /pub
username = senate
force user = senate
read only = No
create mask = 0664
directory mask = 0775
guest ok = Yes

[backup]
comment = Backup Directory
path = /backup
valid users = @users
read only = No
create mask = 0664
directory mask = 0775



Configfile /etc/openldap/sldap.conf

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/samba.schema
#include /etc/openldap/schema/nis.schema


pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath /usr/lib/openldap/modules
# moduleload back_ldap.la
# moduleload back_meta.la
# moduleload back_monitor.la
# moduleload back_perl.la


access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by anonymous auth
by * none
access to *
by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database bdb
checkpoint 1024 5
cachesize 40000
suffix "dc=FASITET,dc=SE"
rootdn "cn=Manager,dc=FASITET,dc=SE"
rootpw {SSHA}<<<secret>>>

directory /var/lib/ldap

# Indices to maintain
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUID eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub



Configfile /etc/openldap/ldap.conf

HOST 127.0.0.1 <http://127.0.0.1>
BASE dc=fasitet,dc=se


And at least the /etc/smbldap-tools/smbldap.conf

##############################################################################
#
# General Configuration
#
##############################################################################

# UID and GID starting at...
UID_START="1000"
GID_START="1000"

# Put your own SID
# to obtain this number do: net getlocalsid
SID="S-1-5-21-2628040634-270012795-1265092401"

##############################################################################
#
# LDAP Configuration
#
##############################################################################

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
# (typically a replication directory)

slaveLDAP="127.0.0.1 <http://127.0.0.1>"
slavePort="389"

masterLDAP="127.0.0.1 <http://127.0.0.1>"
masterPort="389"

ldapTLS="0"

verify="require"

cafile="/etc/smbldap-tools/ca.pem"

clientcert="/etc/smbldap-tools/smbldap-tools.pem"

clientkey="/etc/smbldap-tools/smbldap-tools.key"

suffix="dc=FASITET,dc=SE"

usersdn="ou=Users,${suffix}"

computersdn="ou=Computers,${suffix}"

groupsdn="ou=Groups,${suffix}"

idmapdn="ou=Idmap,${suffix}"

sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"

scope="sub"

hash_encrypt="SSHA"

crypt_salt_format="%s"

##############################################################################
#
# Unix Accounts Configuration
#
##############################################################################

userLoginShell="/bin/bash"

userHome="/home/%U"

userGecos="System User"

defaultUserGid="513"

defaultComputerGid="555"

skeletonDir="/etc/skel"

defaultMaxPasswordAge="55"

##############################################################################
#
# SAMBA Configuration
#
##############################################################################

userSmbHome="\\fileserver\homes\%U"

userProfile="\\fileserver\profiles\%U"

userHomeDrive="F:"

userScript="startup.bat"

mailDomain="fasitet.se <http://fasitet.se>"

##############################################################################
#
# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
#
##############################################################################

with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
mk_ntpasswd="/usr/sbin/mkntpwd"



And the logfiles...
/var/log/samba/log.nmbd


[2005/10/18 10:43:45, 0]
nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
*****

Samba name server FILESERVER is now a local master browser for workgroup
FASITET on subnet 82.96.47.55 <http://82.96.47.55>

*****
[2005/10/18 10:43:45, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.
[2005/10/18 10:43:45, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(353)
find_domain_master_name_query_fail:
Unable to find the Domain Master Browser name FASITET<1b> for the workgroup
FASITET.
Unable to sync browse lists in this workgroup.
[2005/10/18 10:43:45, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.
[2005/10/18 10:43:45, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.
[2005/10/18 10:43:46, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.
[2005/10/18 10:43:47, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.
[2005/10/18 10:43:48, 0]
nmbd/nmbd_browsesync.c:collect_all_workgroup_names_from_wins_server(588)
collect_all_workgroup_names_from_wins_server:
Cannot find my workgroup FASITET on subnet UNICAST_SUBNET.

and the 3 last lines are repeating over and over again..


/var/log/samba/log.smbd

[2005/10/18 14:24:10, 0] smbd/server.c:main(798)
smbd version 3.0.13-1.1-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2005/10/18 14:31:54, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:31:59, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:31:59, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:00, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:01, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:03, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:06, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:16, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:18, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:21, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:27, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:32:27, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:32:27, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:32:27, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:32:35, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:32:35, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:32:35, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:32:38, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:42, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:32:44, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:32:44, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:32:44, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:32:53, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:32:53, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:32:53, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:32:53, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:33:01, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:33:01, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:33:01, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:33:01, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:33:09, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:33:09, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:33:09, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:33:09, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:33:12, 0] lib/util_sock.c:read_socket_data(384)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2005/10/18 14:33:21, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:33:21, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:33:21, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:33:26, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:33:26, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:33:26, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:33:26, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/10/18 14:33:50, 0] lib/util_sock.c:get_peer_addr(1150)
getpeername failed. Error was Transport endpoint is not connected
[2005/10/18 14:33:50, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/10/18 14:33:50, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset
by peer
[2005/10/18 14:33:50, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)


More information about the samba mailing list