[Samba] pdc login issues with Vista

dnk d.k.emaillists at gmail.com
Mon Apr 23 19:59:56 GMT 2007

Hi there, I just setup a Centos 5 server running samba 3.0.23c (as provided
by upstream via YUM). And it is Vista Business edition. Now I am looking for
a little clarification on this setup.

I have been reading on google and the list archives, about NTLMv2 auth and
the fact you need to make an edit with the secpol.msc. I did complete that.
I also read that I would need to add (which I have made note can be removed
as of samba 3.0.25) "host msdfs = no" to my smb.conf - which i also did in
the global section.

Now I have added the machine to the domain, without issue (according to
Vista), but when I try to log in (with a domain user), I get the error (from

"There are currently no logon servers available to service the logon

I again searched google for this error with regards to Samba and found

Upon looking in the samba log files, I found nothing in my
/var/log/samba/*.logs of error like. It all seemed like pretty standard
start up diolog.

So as a test I logged into the vista box with a local user, and mapped a
drive. That seemed to work without issue. I threw on a few folders and text
files. Again no issues.

Here is my smb.conf for reference:
        ### GENERAL ##
        domain logons = yes
        domain master = Yes
        netbios name = JKA
        os level = 255
        preferred master = yes
        security = user
        wins support = no
        workgroup = JKA
        ## SECURITY ##
        # disable LM authentication
        lanman auth = no
        lm announce = no
        # increase the minimum protocol
        # This disables win9x to win me
        min protocol = NT1
        # Allow these IP Addresses to connect
        hosts allow =
        # Anything else not allowed is, by default, rejected
        hosts deny = ALL
        ## LOGGING ##
        debug timestamp = yes
        log file = /var/log/samba/%U-%m.log
        log level = 2
        max log size = 9216
 ## LOGON ##
        ##  DK   ##
        # a user logon script
        logon script = %U.bat
        # Logon path used to enable roaming profiles
        # Comment out the blank one and uncomment the other to enable
        #logon path = \\%L\profiles\%U
        logon path =
        logon drive = H:
        logon home = \\%L\home\%U
        ## FILE LOCKING ##
        ## DK           ##
        # See:
        # http://www.oreilly.com/catalog/samba/chapter/book/ch05_05.html
        veto oplock files = /*.doc/*.xls/*.mdb/
        ## VISTA HACKS ##
        ### DK         ##
        # Can be removed as of samba 3.0.25
        host msdfs = no

        comment = Network Logon Service
        path = /home/samba/netlogon
        locking = No

        ;comment = Profile Share
        ;path = /home/samba/profiles
        ;read only = No
        ;profile acls = Yes
        ;create mode = 0600
        ;directory mode = 0700
        ;browseable = No

        comment = Home Directories
        valid users = %S
        read only = no
        browseable = no
        create mode = 0600
        directory mode = 0700

        path = /home/shares/public
        read only = No
        comment = Public Folders
        public = yes
        writeable = yes

Can anyone see anything funny about my conf? Note that I add the machine to
the domain via the command line due to an error I get with the useradd and
usermod tools (unrelated to this, so will not go into details). But in case
my command has any relivance, it is:

useradd -d /dev/null -g workstation -s /sbin/nologin theworkstationname$
passwd -l theworkstationname$
smbpasswd -a -m theworkstationname$

Any ideas?

More information about the samba mailing list