[Samba] Not able to join domain
Stéphane Purnelle
stephane.purnelle at tiscali.be
Thu Apr 6 13:07:58 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Chris Boyd a écrit :
> I'm trying to set up Samba 3.0.20-4-SUSE on a opensuse 10 machine.
> I'm working with XP Pro on the client machine. I can't get the XP
> mahcine (RDS7) to join the domain (UCD). It asks for a user when
> trying to join and then says it cannot find it. The samba log is:
>
> auth/auth.c:check_ntlm_password(317) check_ntlm_password:
> Authentication for user [root] -> [root] FAILED with error
> NT_STATUS_NO_SUCH_USER
>
> The root account is showing up in smbpasswd (that's assuming it
> needs to be there).
>
> Now the XP machine can see the domain (UCD) as well as WORKGROUP
> (which it currently is master of).
>
>
> Domain=[UCD] OS=[Unix] Server=[Samba 3.0.20-4-SUSE]
>
> Server Comment --------- ------- UCD01
> Samba 3.0.20-4-SUSE
>
> Workgroup Master --------- ------- UCD
> UCD01 WORKGROUP RDS7
>
> This is after having to manually create the machine account (as
> there seems to be some problem with suse doing it "on-the-fly".
> I've also noticed that testparm returns the samba machine as a BDC
> instead of a PDC.
>
> Load smb config files from /etc/samba/smb.conf Processing section
> "[protel]" Processing section "[homes]" Processing section
> "[profiles]" Processing section "[users]" Processing section
> "[groups]" Processing section "[printers]" Processing section
> "[print$]" Processing section "[netlogon]" Server's Role (logon
> server) NOT ADVISED with domain-level security Loaded services file
> OK. Server role: ROLE_DOMAIN_BDC Press enter to see a dump of your
> service definitions
>
> Also here's the smb.conf:
>
> [global] printcap name = cups cups options = raw map to guest = Bad
> User # include = /etc/samba/dhcp.conf logon path =
> \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon
> drive = P: security = domain restrict anonymous = no domain master
> = Yes preferred master = Yes # idmap uid = 15000-20000 #
> idmap gid = 15000-20000 log level = 2 netbios name = UCD01 max
> protocol = NT ldap ssl = No server signing = Auto workgroup = UCD
> add machine script = /usr/sbin/useradd -c Machine -d /var/nodirs
> -s /bin/false '%u' passdb backend = tdbsam domain logons =Yes local
> master = Yes os level = 65
>
> [protel] comment = Protel Data Folder path = /protel read only = no
> [homes] comment = Home Directories valid users = %S browseable =
> No read only = No inherit acls = Yes
>
> [profiles] comment = Network Profiles Service path = %H #
> path = /var/lib/samba/profiles read only = No store dos attributes
> = Yes create mask = 0600 directory mask = 0700
>
> [users] comment = All users path = /home read only = No inherit
> acls = Yes veto files = /aquota.user/groups/shares/
>
> [groups] comment = All groups path = /home/groups read only = No
> inherit acls = Yes
>
> [printers] comment = All Printers path = /var/tmp printable = Yes
> create mask = 0600 browseable = No
>
> [print$] comment = Printer Drivers path = /var/lib/samba/drivers
> write list = @ntadmin root force group = ntadmin create mask = 0664
> directory mask = 0775
>
> [netlogon] comment = Network Logon Service path =
> /var/lib/samba/netlogon write list = root admin users = root guest
> ok = Yes browseable = No
>
>
> Anyway...if it's not obvious am a samba newb Oh and TIA
>
> -----------------------------------------------------------------
> This email message is intended only for the addressee(s) and
> contains information that may be confidential and/or copyrighted.
> If you are not the intended recipient please notify the sender by
> reply email and immediately delete this email. Use, disclosure or
> reproduction of this email by anyone other than the intended
> recipient(s) is strictly prohibited. USIT has scanned this email
> for viruses and dangerous content and believes it to be clean.
> However, virus scanning is ultimately the responsibility of the
> recipient.
> -----------------------------------------------------------------
>
In security = domain, Samba not act as a PDC, only a BDC.
- --
Stéphane Purnelle <stephane.purnelle at tiscali.be>
Site Web : http://www.linuxplusvalue.be
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFENRKr8tswkE3d0ecRApChAJ0ZTrR9c4WnawyapmGcZk+0nt82EwCeKGsI
y6HGuMMRMh5lUzj9N8zJFQs=
=l2mf
-----END PGP SIGNATURE-----
More information about the samba
mailing list