[Samba] problems xp joining samba pdc

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Tue Sep 19 13:20:09 GMT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/18/2006 09:23 AM, Mike escreveu:
> Morning,
> 
> I have three machines, two xp and one win2k, that join the 
> samba pdc fine. I have tried to join others to this same
> samba pdc using the same accounts for authentication without
> success. The xp machine first says the user does not exist,
> I click ok and go back to the screen for the domain account
> authorized to join the domain and press ok (or next) again
> and this time the xp box says the user already exists.
> 
> I think something is having an issue with the machine$ 
> accounts in ldap. I added a '-t 5' in smb.conf to the
> smbadd-useradd command for adding a machine. I could
> tell a longer time before the first messages (missing user)
> is returned, but I still have the same final situation with
> the xp box not being a part of the samba pdc.

	Any chances that the "Sign or Seal" problem still exists?


> Any ideas?
> Mike

[...]
> ------------------------------------ /etc/samba/smb.conf
> 
> # Samba config file created using SWAT
> # from 10.1.2.43 (10.1.2.43)
> # Date: 2006/08/03 15:11:35
> 
> [global]
> 	security = USER
> 	client plaintext auth = Yes
> 	client lanman auth = Yes
> 	encrypt passwords = Yes
> 	lanman auth = No
> 	ntlm auth = Yes
> 	password level = 0
> 	guest account = nobody
> 	#admin users = manager, root, mikee, jrc, bdhein
> 	admin users = 
> 	hosts allow = 10.1.2., 10.1.3.
> 	cups options = raw
> 	wins support = yes
> 	usershare allow guests = yes
> 
> 	workgroup = PWI
> 	netbios aliases = loghost, mailhost, backuphost, ldaphost
> 	server string = Samba Server (%h)
> 	logon drive = P:
> 	logon home = \\%N\%U
> 	logon path = \\%N\%U\profile
> 	logon script = /etc/samba/login.bat
> 	ldap suffix = dc=company,dc=com
> 	ldap admin dn = cn=manager,dc=company,dc=com
> 	ldap user suffix = ou=people
> 	ldap group suffix = ou=groups
> 	ldap machine suffix = ou=machines
> 	ldap ssl = off
> 	ldapsam:trusted = Yes
> 	ldap timeout = 15
> 	utmp directory = /var/run
> 	wtmp directory = /var/log
> 	utmp = Yes
> 
> 	password server = ldaphost.company.com
> 	passdb backend = ldapsam:ldap://ldaphost.company.com
> 	ldap passwd sync = Yes
> 	#unix password sync = Yes
> 	#passwd program = /usr/sbin/smbldap-passwd %u
> 	#passwd chat = "Changing * password*for*\nNew password*" %n\n "*Retype new password*" %n\n"
> 	#passwd chat debug = Yes
> 
> 	os level = 66
> 	preferred master = Yes
> 	local master = Yes
> 	domain master = Yes
> 	domain logons = Yes
> 	allow trusted domains = Yes
> 	dns proxy = No
> 
> #	log level = 255
> #	log level = 4
> #	log level = 3 ldap:10 passdb:10 auth:10 winbind:10
> 	log level = 3
> 	log file = /var/log/samba/%m.log
> 	max log size = 500
> 
> 	socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536
> 
> 	#add user script = /usr/sbin/smbldap-useradd -m '%u'
> 	add user script = /usr/sbin/smbldap-useradd -a -A 1 -B 1 -s /bin/bash -c "%u" -d /home/%u -C "\\\\%h\\%u" -D 'H:' -M "%u at company.com" %u
> 	delete user script = /usr/sbin/smbldap-userdel %u
> 	add group script = /usr/sbin/smbldap-groupadd -p '%g'
> 	delete group script = /usr/sbin/smbldap-groupdel '%g'
> 	add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
> 	delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
> 	set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
> 	#add machine script = /usr/sbin/smbldap-useradd -w '%u'
> 	#add machine script = /usr/sbin/smbldap-useradd -w -A 0 -B 0 -s /bin/false -c "%u machine account" -d /dev/null %u
> 	add machine script = /usr/sbin/smbldap-useradd -w -i '%u' -t 5
> 
> [netlogon]
> 	path = /etc/samba/netlogon
> 	browseable = No
> 	writable = Yes
> 
> [homes]
> 	comment = Home Directories
> 	read only = No
> 	guest ok = No
> 	browseable = No
> 
> [printers]
> 	comment = All Printers
> 	path = /usr/spool/samba
> 	printable = Yes
> 	browseable = No
> 
> [company]
> 	comment = Company Corporate Files
> 	path = /opt/company
> 	create mask = 0765
> 	browseable = Yes
> 	printable = No
> 
> [Backups]
> 	comment = Backup files are stored here
> 	path = /opt/backups
> 	browseable = Yes
> 	printable = No
> 
> [Data]
> 	comment = Storage for support and other data.
> 	path = /opt/data
> 	browseable = Yes
> 	printable = No
> 
> [Cygwin]
> 	comment = Company Cygwin Repositiory
> 	path = /opt/cygwin
> 	browseable = Yes
> 	printable = No
> 	guest ok = Yes
> 	guest only = No
> 	writeable = No
> 	read only = Yes
> ------------------------------------ /etc/samba/smb.conf
> 

- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFD+6JCj65ZxU4gPQRAtFGAJ41tQuXbHjubugQ8f4p/U30A7l+dQCgwo8W
hCqQWgEaJ/puJ/9qFje2T0k=
=YM5+
-----END PGP SIGNATURE-----

More information about the samba mailing list