[Samba] samba as pdc in Ubuntu dapper, fails on ps$ join?
Lachlan Simpson
lachlan.simpson at wilderness.org.au
Thu Jul 20 07:35:02 GMT 2006
Hola,
I've done everything as correct as I can see in smb.conf under fresh ubuntu 6.06 fully
updated install to have it run as a PDC on hostname florentine, domain DAVEYST.
There are no testparm errors.
I've added users with useradd and smbpasswd -a
I've added machines with useradd and smbpasswd -a -m
I can see the server in my network neighbourhood and access/browse folders on the samba
server using a linux account login within the network neighbourhood.
However, when I try to go to My computer properties ---> computer name ---> Change.., and
then put in my domain name and computer name and when prompted use root account and
password (or any account and password) I get an Access Denied error.
I've attached a log level = 10 tar.gz of the /var/log/samba/smbd.log of everything that
happens when I do this process on the workstation (hostname = robin, ie robin$) - it's
quite long, but it also seems to be successful - see below for abridged listing.
I've been on the ubuntu forums where they suggested I should install quota - but I don't
think that installing quota would solve my problems.
Has anyone seen anything like this before, or know why despite my smb-log having the like
of:
[2006/07/15 15:57:41, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user [DAVEYST]\[root]@[ROBIN] with
the new password interface
[2006/07/15 15:57:41, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is: [DAVEYST]\[root]@[ROBIN]
....
....
[2006/07/15 15:57:41, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(267)
fetch sid from gid cache 0 -> S-1-5-21-3923429160-1838912494-2447857936-512
....
....
[2006/07/15 15:57:41, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: sam authentication for user [root] succeeded
...
...
[2006/07/15 15:57:41, 2] auth/auth.c:check_ntlm_password(307)
check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded
....
....
[2006/07/15 15:59:43, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user []\[]@[] with the new
password interface
[2006/07/15 15:59:43, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is: []\[]@[]
....
....
[2006/07/15 15:59:43, 3] smbd/service.c:make_connection_snum(488)
Connect path is '/tmp' for service [IPC$]
[2006/07/15 15:59:43, 3] lib/util_seaccess.c:se_access_check(250)
[2006/07/15 15:59:43, 3] lib/util_seaccess.c:se_access_check(251)
se_access_check: user sid is S-1-5-21-3923429160-1838912494-2447857936-501
se_access_check: also S-1-5-21-3923429160-1838912494-2447857936-514
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-32-546
....
....
[2006/07/15 15:59:43, 3] smbd/process.c:timeout_processing(1447)
timeout_processing: End of file from client (client has disconnected).
[2006/07/15 15:59:43, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/15 15:59:43, 2] smbd/server.c:exit_server(614)
Closing connections
[2006/07/15 15:59:43, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2006/07/15 15:59:43, 3] smbd/server.c:exit_server(655)
Server exit (normal exit)
any ideas?
smb.conf follows:
#======================= Global Settings =======================
[global]
workgroup = DAVEYST
netbios name = florentine
server string = %h server (Samba, Ubuntu)
wins support = yes
dns proxy = no
name resolve order = wins bcast hosts
security = user
encrypt passwords = true
username map = /etc/samba/smbusers
unix password sync = yes
; passdb backend = tdbsam
obey pam restrictions = yes
; guest account = nobody
invalid users = root
log file = /var/log/samba/smdb.log
log level = 3
max log size = 10000
time server = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n
*password\supdated\ssuccessfully* .
veto oplock files = \*.prm\*.mdb\*.mda pam password change = yes
domain logons = yes
# domain admin group = root @admin administrator
preferred master = yes
local master = yes
os level = 65
# Useradd scripts
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
logon path = \\%N\%U\profile
logon drive = H:
logon home = \\%N\%U
logon script = startnet.bat
socket options = TCP_NODELAY SO_RCVBUF=8191 SO_SNDBUF=8192
domain master = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
valid users = %S
read only = no
force user = %U
force group = %G
browsable = no
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
writable = no
share modes = no
browsable = no
[profiles]
comment = Users profiles
path = /home/samba/profiles
guest ok = no
browseable = no
create mask = 0600
directory mask = 0700
[admindocs]
path = /home/admindocs
valid users = @admin
force group = admin
read only = no
[apps]
path = /home/apps
read only = no
force group = admin
[twsdocs]
path = /home/twsdocs
read only = no
valid users = @staff, at admin
force group = staff
[twspics]
path = /home/twspics
read only = no
valid users = @staff, at admin
force group = staff
[shared]
path = /home/shared
read only= no
create mask = 0666
directory mask = 0777
writable = yes
valid users = @users
force group = users
cheers
L.
---
Lachlan Simpson, National Database & IT Support Officer
National Office
The Wilderness Society
57E Brisbane Street, Hobart TAS 7000, AUSTRALIA
lachlan.simpson at wilderness.org.au
Ph (03) 6270 1798
http://www.wilderness.org.au
More information about the samba
mailing list