[Samba] Problems with domain logons

Edmundo Valle Neto edmundo.valle at terra.com.br
Thu Jul 6 18:12:41 GMT 2006 

Eric Evans escreveu:
>
>> As I mentioned in my last email and as explained below, the use of 
>> login scripts in the netlogon share only work when the samba server 
>> is acting as a PDC and your clients are part of this domain. Windows 
>> clients then automatically look for the existence of the netlogon 
>> share and run the script mentioned in the smb.conf. The users home 
>> directory will be automatically mapped using the drive letter 
>> completed in the smb.conf. Other drives can then be added using net 
>> use or you can use kixtart which is a great scripting program which 
>> allows you to be more creative with your scripting. Stick with net 
>> use if its just basic mapping your after.
>
> Thanks very much.  We've never used domain logins before but I looked 
> up in the "Using Samba" book about how to set up the Samba server as a 
> domain controller.  Here's the contents of my [global] section of my 
> smb.conf:

Using samba is a reference to the Samba 2 branch (although some things 
remains the same), Samba 3 has two books (available online), The 
Official Samba-3 Howto and Reference Guide, and Samba by Example.

>
> [global]
>         workgroup = Plab
>         domain logons = yes
>
>         socket options = TCP_NODELAY
>         invalid users = root bin daemon adm sync shutdown halt mail 
> news uucp
>         max log size = 100
>         security = user
>         encrypt passwords = yes
>         os level = 34
>         local master = yes
>         preferred master = yes
>         domain master = yes
>
>         print command = /bin/lp -d%p %s; sleep 5; rm -f %s
>         printer = 128_1
>         printing = SYSV
>
>         log file = /var/log/samba.log
>         log level = 0
>         max log size = 50
>         debug timestamp = yes
>         logon script = startup.bat
>
> Now I have two stupid questions:
>
> 1. When I go into one of my Windows 2000 clients and try to set it up 
> to be a member of the Plab domain, I get an error message saying that 
> it's not able to contact the Plab domain.  But I thought I had the 
> Samba server set up properly to be a PDC. 

Can be a lot of things, browsing, lack of guest user, the nmbd logs 
should show how elections are going.

> I don't see any error messages in the Samba log file.

Put a log level = 2, 0 doesn't log anything.

>   Is there any way I can test the Samba server to see if it's actually 
> operating as a PDC?

smbclient -L localhost -U% should show if you can list the resource of 
the server locally and show who is the master browser.

I recommend you to use the samba server as a WINS server too (if it will 
be always available), and configure the clients to use it.

The books have step by step examples on how to set up an test a PDC.

>
> 2. We also have Windows XP clients but I'm not able to find how to set 
> them up to be in the Plab domain.  Anybody know how to configure XP 
> clients for domain logons?
>

The books shows that too including pictures of the dialogs on the client 
and the scripts needed in the server, how to set privileges, etc.

> Thanks very much,
> Eric
>

Edmundo Valle Neto

More information about the samba mailing list