[Samba] Problem with Samba PDC, W2k SP4 + rollup clients, user accounts

Asier asier.baranguan at elpagestion.com
Thu Apr 20 21:25:10 GMT 2006


I've one big problem.

In my work we have a mixed network: one Debian Sarge with samba 3.0.14
acting as PDC and some w2k sp4 and windows xp sp2 pro/home with all
updates (including w2k sp4 update rollup) . Samba uses OpenLDAP as backend
using smbldap-tools 0.9.1 to manage users and computers. This setup has
worked perfectly since december (the LDAP is used by other services as
Apache, subversion, ftp and so on)

We have the need to create new user accounts now, so this week I created
them with smbldap-useradd but the windows clients refuse to login with any
of this _new_ accounts telling me that the domain doesn't exist.

In the console of the PDC -the debian machine, named kasparov- I can login
succesfully with the new samba created accounts.
The most strange thing is that "old" users can login in the domain without
problems. Everything is ok with the "old" accounts: shares, permissions,
personal folders. Only new accounts cannot login.

To make one test, I removed my computer (w2k) from the domain, and now I
can't re-join it: an error messagebox shows the famous DNS error with
references to http://go.microsoft.com/?LinkID=5171.

If I login "locally" in my machine and mount some share with any of the
new accounts... works well with any account, old or new (net use y:
\\kasparov\shared /user:<user>).

But there's more... in the office we have one machine with w2k, plain sp4
*without* further updates. From this machine all accounts work perfectly.
Problem arises only with machines fully updated.

I suspect the error is produced by some microsoft update, but I'm not sure.

¿How can I fix this problem? ¿Has anyone experienced something like this?
¿any suggestion?

More information about the samba mailing list