[Samba] Linux as PDC

Robert Adkins radkins at impelind.com
Fri Sep 1 15:00:57 GMT 2006


Rob,

    Take your workstation and set it to the workgroup of 'testgroup' (Or 
whatever else you wish to name it), reboot the machine, then try and get 
it to join your BC Domain.

    I am not sure of the reasons, but either Windows or Samba dislikes 
trying to join a domain if it is already part of a workgroup with the 
same name as the domain.

    Also, if you have ANY mounted drives on the workstation that you are 
joining to the Domain Controller, you need to unmount those first. This 
is done thruogh the command I provided earlier and will provide again here:

    Open up the Windows command prompt.

    net use * /D (with a capital D)

    To summarize:

    1. Remove the workstation from the workgroup that matches the domain 
of the PDC. Reboot the workstation.

    2. Umount any mounted shares or connections to the server using the 
net use /D command. (If you have mounted shares remount at every login.)

    3. Join the Domain of the PDC.

    That should take care of your issue.

--

    Regards,
    Robert Adkins
    IT Manager/Buyer
    Impel Industries, Inc.

Rob Watkin wrote:
> Hi Robert
>
> I will post the latest version smb.conf file below. I have followed the
> instructions in http://us4.samba.org/samba/docs/man/Samba-HOWTO-
> Collection/FastStart.html section "Domain Controller" for the most part.
>
> I have one server (TAU) and one Windows XP client (vm-201). I can get
> vm-201 to join my BC workgroup but not the domain. I am rebooting the XP
> machine and restarting samba on TAU between experiments.
>
> I have just noticed the following error in the log file which I think is
> at the bottom of all this! When I try to get the XP box to join the BC
> domain it asks for a username and password, I give tom ****** and then
> Windows says
>       "Computer Name Changes" 
>    The following error occurred attempting to join the domain "BC":
>    The user name could not be found.
>        <OK>
>
> log.smbd
> ===========================================================
> [2006/09/01 14:39:42, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (1001, 100) - sec_ctx_stack_ndx = 0
> useradd: unable to lock password file
> [2006/09/01 14:39:42, 0] rpc_server/srv_samr_nt.c:_samr_create_user
> (2415)
>   _samr_create_user: Running the command `/usr/sbin/useradd -
> s /bin/false/ -d /var/lib/nobody vm-201$' gave 1
>
>
>
> smb.conf
> ====================================================
>
> [global]
>    workgroup = BC
>    netbios name = TAU
>    server string = %h server (Samba, Ubuntu)
>
>    
>    passdb backend = tdbsam
>    security = user
>    username map = /etc/samba/smbusers
>    name resolve order = wins bcast hosts
>    domain logons = yes
>    os level = 35
>    domain master = yes
>    preferred master = yes
>    wins support = yes
>    
>    # Set CUPS for printing
>    printcap name = CUPS
>    printing = CUPS
>    
>    # Default logon
>    logon drive = H:
>    logon home = \\%L\%U
>    ### logon script = scripts/logon.bat
>    logon script = scripts\logon.bat
>    logon path = \\%L\profile\%U
>
>
>    # Useradd scripts
>    add user script = /usr/sbin/useradd -m %u
>    delete user script = /usr/sbin/userdel -r %u
>    add group script = /usr/sbin/groupadd %g
>    delete group script = /usr/sbin/groupdel %g
>    add user to group script = /usr/sbin/usermod -G %g %u
>    add machine script = /usr/sbin/useradd -s /bin/false/ -
> d /var/lib/nobody %u
>    idmap uid = 15000-20000
>    idmap gid = 15000-20000
>
>
>    # sync smb passwords woth linux passwords
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX
> \spassword:* %n\n .
>    passwd chat debug = yes
>    unix password sync = yes
>    
>    # set the loglevel
>    log level = 3
>
>
> [homes]
>    comment = Home Directories
>    valid users = %S
>    read only = no
>    browsable = no
>
>
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    printer admin = root, rob
>    create mask = 0600
>    printable = yes
>    guest ok = yes
>    browsable = no
>
> [print$]
>    comment = Printer Drivers Share
>    path = /var/lib/samba/drivers
>    write list = rob, root
>    printer admin = rob, root
>
> [netlogon]
>    comment = Network Logon Service
>    path = /home/samba/netlogon
>    admin users = root, rob
>    guest ok = yes
>    browseable = no
>    ### admin users = Administrator
>    ### valid users = %U
>    ### read only = no
>
>
> [profile]
>    comment = Roaming profile share
>    path = /home/samba/profiles
>    read only = no
>    profile acls = yes
>    ### valid users = %U
>    ### create mode = 0600
>    ### directory mode = 0700
>    ### writable = yes
>    ### browsable = no
>
> [allusers]
>   comment = All Users
>   path = /home/shares/allusers
>   valid users = @users
>   force group = users 
>   create mask = 0660
>   directory mask = 0771
>   writable = yes
>
>
> On Fri, 2006-09-01 at 09:25 -0400, Robert Adkins wrote:
>   
>> Rob,
>>
>>     Post your smb.conf file, remove identifying information or 
>> substitute it for something else, such as IP Address ranges and 
>> Server/Workgroup names. You may also wish to cut out any information 
>> about the shares as well.
>>
>>     Beyond that, with these workstations you are attempting to join to 
>> the domain, are they already in a workgroup using the same name as the 
>> domain? Also, do they have any mounted drives on the server you are 
>> setting up as the Samba PDC?
>>
>>     Both of those will cause a failure for Samba to allow the creation 
>> of computer accounts and Domain joining.
>>
>>     If the computers are not part of DomainX and are part of WorkGroupY, 
>> but you have a share from the PDC of DomainX mounted, type the following 
>> in the Windows command line...
>>
>>    net use * /D (Yes, with a capital D)
>>
>>     This will disconnect all connections to the server and will allow 
>> you to join the workstation to the domain, just fine.
>>
>> --
>>
>>     Regards,  
>>     Robert Adkins
>>     IT Manager/Buyer
>>     Impel Industries, Inc.
>>
>> Rob Watkin wrote:
>>     
>>> Hi,
>>>
>>> I am trying to configure Samba as a primary domain controller so that
>>> our local school can have roaming logins. I am using Ubuntu server
>>> 6.06.1 on i386. So far I can get everything working as a workgroup but I
>>> can't get my windows clients to join the domain.
>>>
>>> I have read and followed several HOWTO's but I keep hitting the same
>>> problems. Are there any documents which explain what a PDC is and how I
>>> can tell why my windows clients wont join my domain.
>>>
>>> Thanks
>>>
>>> Rob W
>>>
>>>   
>>>       
>
>   




More information about the samba mailing list