[Samba] Not able to join domain
Eric Hines
eehines at comcast.net
Thu Apr 6 13:33:53 GMT 2006
It might help, also, to set the samba machine explicitly to be the
PDC: <net rpc <set-to-PDC>>. I've forgotten the exact switch, but
you can do a man on net and look in the rpc section.
Eric Hines
At 04/06/06 07:56, you wrote:
>Hi,
>I think you should set security to USER instead of DOMAIN.
>
>Best regards,
>Bruno Guerreiro
>
> > -----Original Message-----
> > From: samba-bounces+bruno.guerreiro=ine.pt at lists.samba.org
> > [mailto:samba-bounces+bruno.guerreiro=ine.pt at lists.samba.org]
> > On Behalf Of Chris Boyd
> > Sent: quinta-feira, 6 de Abril de 2006 12:25
> > To: samba at lists.samba.org
> > Subject: [Samba] Not able to join domain
> >
> > I'm trying to set up Samba 3.0.20-4-SUSE on a opensuse 10
> > machine. I'm working with XP Pro on the client machine. I
> > can't get the XP mahcine (RDS7) to join the domain (UCD). It
> > asks for a user when trying to join and then says it cannot
> > find it. The samba log is:
> >
> > auth/auth.c:check_ntlm_password(317)
> > check_ntlm_password: Authentication for user [root] ->
> > [root] FAILED with error NT_STATUS_NO_SUCH_USER
> >
> > The root account is showing up in smbpasswd (that's assuming
> > it needs to be there).
> >
> > Now the XP machine can see the domain (UCD) as well as
> > WORKGROUP (which it currently is master of).
> >
> >
> > Domain=[UCD] OS=[Unix] Server=[Samba 3.0.20-4-SUSE]
> >
> > Server Comment
> > --------- -------
> > UCD01 Samba 3.0.20-4-SUSE
> >
> > Workgroup Master
> > --------- -------
> > UCD UCD01
> > WORKGROUP RDS7
> >
> > This is after having to manually create the machine account
> > (as there seems to be some problem with suse doing it "on-the-fly".
> > I've also noticed that testparm returns the samba machine as
> > a BDC instead of a PDC.
> >
> > Load smb config files from /etc/samba/smb.conf Processing
> > section "[protel]"
> > Processing section "[homes]"
> > Processing section "[profiles]"
> > Processing section "[users]"
> > Processing section "[groups]"
> > Processing section "[printers]"
> > Processing section "[print$]"
> > Processing section "[netlogon]"
> > Server's Role (logon server) NOT ADVISED with domain-level
> > security Loaded services file OK.
> > Server role: ROLE_DOMAIN_BDC
> > Press enter to see a dump of your service definitions
> >
> > Also here's the smb.conf:
> >
> > [global]
> > printcap name = cups
> > cups options = raw
> > map to guest = Bad User
> > # include = /etc/samba/dhcp.conf
> > logon path = \\%L\profiles\.msprofile
> > logon home = \\%L\%U\.9xprofile
> > logon drive = P:
> > security = domain
> > restrict anonymous = no
> > domain master = Yes
> > preferred master = Yes
> > # idmap uid = 15000-20000
> > # idmap gid = 15000-20000
> > log level = 2
> > netbios name = UCD01
> > max protocol = NT
> > ldap ssl = No
> > server signing = Auto
> > workgroup = UCD
> > add machine script = /usr/sbin/useradd -c Machine -d
> > /var/nodirs -s /bin/false '%u'
> > passdb backend = tdbsam
> > domain logons =Yes
> > local master = Yes
> > os level = 65
> >
> > [protel]
> > comment = Protel Data Folder
> > path = /protel
> > read only = no
> > [homes]
> > comment = Home Directories
> > valid users = %S
> > browseable = No
> > read only = No
> > inherit acls = Yes
> >
> > [profiles]
> > comment = Network Profiles Service
> > path = %H
> > # path = /var/lib/samba/profiles
> > read only = No
> > store dos attributes = Yes
> > create mask = 0600
> > directory mask = 0700
> >
> > [users]
> > comment = All users
> > path = /home
> > read only = No
> > inherit acls = Yes
> > veto files = /aquota.user/groups/shares/
> >
> > [groups]
> > comment = All groups
> > path = /home/groups
> > read only = No
> > inherit acls = Yes
> >
> > [printers]
> > comment = All Printers
> > path = /var/tmp
> > printable = Yes
> > create mask = 0600
> > browseable = No
> >
> > [print$]
> > comment = Printer Drivers
> > path = /var/lib/samba/drivers
> > write list = @ntadmin root
> > force group = ntadmin
> > create mask = 0664
> > directory mask = 0775
> >
> > [netlogon]
> > comment = Network Logon Service
> > path = /var/lib/samba/netlogon
> > write list = root
> > admin users = root
> > guest ok = Yes
> > browseable = No
> >
> >
> > Anyway...if it's not obvious am a samba newb Oh and TIA
> >
> > -----------------------------------------------------------------
> > This email message is intended only for the addressee(s) and
> > contains information that may be confidential and/or
> > copyrighted. If you are not the intended recipient please
> > notify the sender by reply email and immediately delete this
> > email. Use, disclosure or reproduction of this email by
> > anyone other than the intended recipient(s) is strictly
> > prohibited. USIT has scanned this email for viruses and
> > dangerous content and believes it to be clean. However, virus
> > scanning is ultimately the responsibility of the recipient.
> > -----------------------------------------------------------------
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
> >
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/listinfo/samba
The mode in which the inevitable comes to pass is through effort.
--Justice Oliver Wendell Holmes, Jr
More information about the samba
mailing list