[Samba] Join Domain Problem?
Eric Hines
eehines at comcast.net
Sun Feb 5 18:06:13 GMT 2006
List,
I'm having trouble accessing shares, and I'm getting conflicting
indications on whether I've successfully joined the domain with my PC
and Samba server (which may bear on the share problem). I really
could use some help; I've not been able to recognize anything in the
docs or via Google that helps. I'm running SUSE 9.3 and Samba
3.0.21a, and I'm trying to access shares from a Win2k PC.
I ran <net join PDC -D <server> -W <domain> -U root> and got back the
answer "ads_connect: Transport end is not connected. Joined domain <domain>"
<net rpc testjoin> returns "Join to <domain> is OK."
However, wbinfo -u and wbinfo -g both return "Error looking up domain
users/groups", and winbindd can only find BUILTIN for a trusted
domain, according to its log, and my log. wb_<domain> indicates that
no trusted domain ever is found.
But wbinfo -t succeeds, wbinfo -D=<domain> returns the domain data,
including its SID, and wbinfo --sequence returns BUILTIN and
<domain>, albeit with the same numbers.
Testparm says the Samba is the domain PDC. My PC successfully boots
into the domain with me (or root, as the case may be) as the logged in user.
So, how can I tell whether I've correctly joined the domain?
The second part of this is that with each of two shares (<share1> and
<share2>), set up as below (I've only used bandwidth on one share;
their set up is identical), I get BAD_NETWORK_NAME from an smbclient
//<server>/<share1> -U <user> call. With valid user set to @group in
<share1> only, this changes to a bad login error (ACCESS_DENIED) for
that share. However, when logged in on the PC as root, I get into
<share2> (which does not have @group set) just fine, but I get the
login error when root tries to get into <share1>. This argues that I
have an access problem with the two shares, and my domain problem
impacts this only obliquely.
The logs all indicate that the shares are being formed correctly, but
the messages log says that my PC "couldn't find service: {[long
string of digits and characters, hyphenated into 5 groups]}, and that
the PC also couldn't find the to the directory containing <share2>
(without the @groups). It also appears that the last character of
each share gets truncated when its being sought out (found this in
the PC log on the Samba server). However, that last character always
is found eventually for <share1> and never is for <share2>.
Setting createmask, et al., has had no effect, probably because I'm
not getting into the shares for these to have an effect.
So, what have I got going on here? How can I further troubleshoot
this share problem, also?
<share1>
path=/data/<share1>
valid users=@group #Note: <Share2> has only valid users = ''; it is
otherwise identical to this
read only=no
Thanks for your help; I've been pulling my hair out over these for
several weeks. I'm going bald....
Eric Hines
There is no nonsense so errant that it cannot be made the creed of
the vast majority by adequate governmental action.
--Bertrand Russell
More information about the samba
mailing list