[Samba] Not able to join domain

Bruno Guerreiro bruno.guerreiro at ine.pt
Thu Apr 6 12:56:09 GMT 2006 

Hi,
I think you should set security to USER instead of DOMAIN.

Best regards,
Bruno Guerreiro 

> -----Original Message-----
> From: samba-bounces+bruno.guerreiro=ine.pt at lists.samba.org 
> [mailto:samba-bounces+bruno.guerreiro=ine.pt at lists.samba.org] 
> On Behalf Of Chris Boyd
> Sent: quinta-feira, 6 de Abril de 2006 12:25
> To: samba at lists.samba.org
> Subject: [Samba] Not able to join domain
> 
> I'm trying to set up Samba 3.0.20-4-SUSE on a opensuse 10 
> machine. I'm working with XP Pro on the client machine. I 
> can't get the XP mahcine (RDS7) to join the domain (UCD). It 
> asks for a user when trying to join and then says it cannot 
> find it. The samba log is:
> 
> auth/auth.c:check_ntlm_password(317)
>   check_ntlm_password:  Authentication for user [root] -> 
> [root] FAILED with error NT_STATUS_NO_SUCH_USER
> 
> The root account is showing up in smbpasswd (that's assuming 
> it needs to be there). 
> 
> Now the XP machine can see the domain (UCD) as well as 
> WORKGROUP (which it currently is master of). 
> 
> 
> Domain=[UCD] OS=[Unix] Server=[Samba 3.0.20-4-SUSE]
> 
>         Server               Comment
>         ---------            -------
>         UCD01                Samba 3.0.20-4-SUSE
> 
>         Workgroup            Master
>         ---------            -------
>         UCD                  UCD01
>         WORKGROUP            RDS7
> 
> This is after having to manually create the machine account 
> (as there seems to be some problem with suse doing it "on-the-fly". 
> I've also noticed that testparm returns  the samba machine as 
> a BDC instead of a PDC. 
> 
> Load smb config files from /etc/samba/smb.conf Processing 
> section "[protel]"
> Processing section "[homes]"
> Processing section "[profiles]"
> Processing section "[users]"
> Processing section "[groups]"
> Processing section "[printers]"
> Processing section "[print$]"
> Processing section "[netlogon]"
> Server's Role (logon server) NOT ADVISED with domain-level 
> security Loaded services file OK.
> Server role: ROLE_DOMAIN_BDC
> Press enter to see a dump of your service definitions
> 
> Also here's the smb.conf: 
> 
> [global]
>         printcap name = cups
>         cups options = raw
>         map to guest = Bad User
> #       include = /etc/samba/dhcp.conf
>         logon path = \\%L\profiles\.msprofile
>         logon home = \\%L\%U\.9xprofile
>         logon drive = P:
>         security = domain
>         restrict anonymous = no
>         domain master = Yes
>         preferred master = Yes
> #       idmap uid = 15000-20000
> #       idmap gid = 15000-20000
>         log level = 2
>         netbios name = UCD01
>         max protocol = NT
>         ldap ssl = No
>         server signing = Auto
>         workgroup = UCD
>         add machine script = /usr/sbin/useradd  -c Machine -d 
> /var/nodirs -s /bin/false '%u'
>         passdb backend = tdbsam
>         domain logons =Yes
>         local master = Yes
>         os level = 65
> 
> [protel]
>         comment = Protel Data Folder
>         path = /protel
>         read only = no
> [homes]
>         comment = Home Directories
>         valid users = %S
>         browseable = No
>         read only = No
>         inherit acls = Yes
> 
> [profiles]
>         comment = Network Profiles Service
>         path = %H
> #       path = /var/lib/samba/profiles
>         read only = No
>         store dos attributes = Yes
>         create mask = 0600
>         directory mask = 0700
> 
> [users]
>         comment = All users
> path = /home
>         read only = No
>         inherit acls = Yes
>         veto files = /aquota.user/groups/shares/
> 
> [groups]
>         comment = All groups
>         path = /home/groups
>         read only = No
>         inherit acls = Yes
> 
> [printers]
>         comment = All Printers
>         path = /var/tmp
>         printable = Yes
>         create mask = 0600
>         browseable = No
> 
> [print$]
>         comment = Printer Drivers
>         path = /var/lib/samba/drivers
>         write list = @ntadmin root
>         force group = ntadmin
>         create mask = 0664
>         directory mask = 0775
> 
> [netlogon]
>         comment = Network Logon Service
>         path = /var/lib/samba/netlogon
>         write list = root
>         admin users = root
>         guest ok = Yes
>         browseable = No
> 
> 
> Anyway...if it's not obvious am a samba newb Oh and TIA 
> 
> -----------------------------------------------------------------
> This email message is intended only for the addressee(s) and 
> contains information that may be confidential and/or 
> copyrighted.  If you are not the intended recipient please 
> notify the sender by reply email and immediately delete this 
> email. Use, disclosure or reproduction of this email by 
> anyone other than the intended recipient(s) is strictly 
> prohibited. USIT has scanned this email for viruses and 
> dangerous content and believes it to be clean. However, virus 
> scanning is ultimately the responsibility of the recipient.
> -----------------------------------------------------------------
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list