[Samba] Issues with samba PDC + WinXP clients

Cybionet cybionet at videotron.ca
Fri Dec 8 18:00:54 GMT 2006 

Greeting mikko,

  Don't use the registry modification! It is not necessary and cause 
security vulnerability on the Windows professionnal client.

  Your LDAP section seen not to be configure correctly on the smb.conf. 
But it's is not the actual problem with the error message. I can't 
remember what is the problem, but it is very simple to resolve. I will 
make some test to have the same error...surely not to long to reproduce :-).

  If you use LDAP, I suggest you to not use logon options in Samba but 
use the LDAP options in the directory.

  By example:

       logon home -->  sambaHomePath
       logon path   -->  sambaProfilePath
       logon drive  -->  sambaHomeDrive
       logon script -->  sambaLogonScript

Robert

> Hello,
>
> I've been trying to configure samba 3.0.23d to work as PDC for a few 
> days now. I can successfully join computer to domain but logging with 
> user credentials fails with error message:
>
> The system can not log you on due to the following error:
>
> The system cannot find message text for message number 0x%1 in the 
> message file for %2
>
>
> Eventlog on windows side doesnt show anything usefull. I did all 
> registry tricks on windows side (Sign secure channel).
>
> Heres my smb.conf:
>
> [global]
> ; General setting
> netbios name = SMBADS
> workgroup = TESTDOMAIN
> os level = 64
> wins support = true
>
> ; PDC Settings
> preferred master = yes
> local master = yes
>
> domain master = yes
> domain logons = yes
>
> security = user
> encrypt passwords = true
>
> ; Log settings
> log level = 2
> log file = /var/log/samba/log.%m
> syslog = 0
> server string = SAMBA-LDAP PDC Server %v
>
> ; user profiles and home directory
> logon home = \\%L\%U\
> logon drive = h:
> logon path = \\%L\profiles\%U
> logon script = netlogon.bat
>
> ; LDAP Configuration
> passdb backend = ldapsam:ldap://127.0.0.1
> ldap suffix = dc=example,dc=com
> ldap machine suffix = ou=machines
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap admin dn = cn=admin,dc=example,dc=com
> ldap delete dn = no
> ldap password sync = yes
> enable privileges = yes
>
>
> [homes]
> comment = Home Directories
> browseable = no
> writeable = yes
>
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> guest ok = Yes
> browseable = No
>
> [profiles]
> path = /var/lib/samba/profiles
> read only = no
> create mask = 0600
> directory mask = 0700
>
>

More information about the samba mailing list