[Samba] Unable to add an xp machine to my domain

Glen Kaukola glen at cert.ucr.edu
Mon Oct 9 19:10:10 GMT 2006

Hi there,

I've been going through the samba 3 by example book and have now 
successfully replaced my NT 4 PDC with a Linux machine running samba and 
an LDAP backend.  Beautiful.

However, I've run into a slight problem.  When I try and add a new XP 
pro machine to my domain, I get the following message:
A domain controller for the domain TEST could not be contacted.

After doing some research on this, it seems as though this is usually a 
result of not having dns set up, or not having the wins server field 
filled in on the XP machine.  Yet both my samba server and xp client can 
resolve the name of the other just fine, and I already have the wins 
server field filled in with the address of my samba server.  In addition 
I have netbios over tcp/ip explicitly enabled (even though that's 
probably not needed as my xp machine has a static ip).

After searching a bit for a solution, I saw mentioned that some registry 
tweaks on the xp machine are needed, but as far as I can tell this is 
only when you're using a version of samba older than version 3.  Is that 
not right?  At any rate, setting something along the lines of 
"requiresignorseal" to zero made no difference.

So, next, using various examples of samba pdc setups I've found on the 
web, I've tried various options such as "os level", "preferred master", 
"local master", as well as "wins support" (which for some reason is 
commented out in the samba 3 by example sample configuration).  But none 
of these options seem to make any difference either.

And finally I've tried was adding some entries to hosts and lmhosts on 
my client, but still no luck.

So, if anyone has any ideas, I'd greatly appreciate it.

Thanks in advance,

The version of samba I'm currently running is samba-3.0.23c-1.fc5, on 
Fedora Core 5.  And my current smb.conf is as follows (pretty much 
straight from the samba 3 by example book):

workgroup = TEST
netbios name = LINUX
passdb backend = ldapsam:ldap://localhost
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
smb ports = 139 445
name resolve order = wins bcast hosts

add user script = /etc/opt/IDEALX/smbldap-tools/smbldap-useradd -m '%u'
delete user script = /etc/opt/IDEALX/smbldap-tools/smbldap-userdel '%u'
add group script = /etc/opt/IDEALX/smbldap-tools/smbldap-groupadd '%g'
delete group script = /etc/opt/IDEALX/smbldap-tools/smbldap-groupdel '%g'
add user to group script = 
/etc/opt/IDEALX/smbldap-tools/smbldap-groupmod -m '%u' '%g'
delete user from group script = 
/etc/opt/IDEALX/smbldap-tools/smbldap-groupmod -x '%u' '%g'
set primary group script = /etc/opt/IDEALX/smbldap-tools/smbldap-usermod 
-g '%g' '%u'
add machine script = /etc/opt/IDEALX/smbldap-tools/smbldap-useradd -w '%u'

logon script = scripts\logon.cmd
logon path = \\%L\profiles\%U
logon home = \\%L\%U
logon drive = X:
domain logons = Yes
domain master = Yes
wins support = Yes
wins server =
ldap admin dn = cn=Directory Manager
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=People
ldap passwd sync = Yes
ldap suffix = dc=rmc,dc=cert,dc=ucr,dc=edu
ldap ssl = no
ldap timeout = 20
ldap user suffix = ou=People
idmap backend = ldap:ldap://localhost
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind nested groups = Yes
ea support = Yes
map acl inherit = Yes

comment = Home Directories
path = /home/%U
valid users = %S
read only = No
browseable = No

comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No

comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes

comment = Profile Data Share
path = /var/lib/samba/profdata
read only = No
profile acls = Yes

More information about the samba mailing list