[Samba] "Windows cannot obtain the domain controller name for your computer network" error on XP Pro SP2 clients for Samba 3.0.23d PDC

stephen mulcahy smulcahy at aplpi.com
Thu Feb 8 10:28:36 GMT 2007 

Hi,

Further debugging of this - I see that the logon.cmd is successfully
executed by the Windows XP client even as it logs the 1054 Event -- the
logon.cmd simply mounts some shares.

Looking at the samba logs (default log level) I can't see any errors.

Is this some browsing issue? Or a problem with name resolution? Any
suggestions on tools to diagnose this further would be appreciated.

Thanks,

-stephen

stephen mulcahy wrote:
> Hi,
> 
> I've recently reinstalled our Samba server with a view to getting it
> working as a PDC using the tdbsam backend. I've successfully connected a
> number of XP Pro SP2 clients to the domain and can login ok, but I'm
> have problems getting the clients to read/apply an NTConfig.POL file I
> created following the instructions at
> http://www.pcc-services.com/custom_poledit.html
> 
> I'm seeing the following error logged in the event log on the XP Pro SP2
> clients,
> 
> Event ID: 1054
> Source: Userenv
> Type: Error
> Description: Windows cannot obtain the domain controller name for your
> computer network. (The specified domain either does not exist or exist
> or could not be contacted). Group Policy processing aborted. Data:
> (unavailable)
> 
> Some Googling turns up the following
> 
> http://support.microsoft.com/kb/840669
> 
> and various other postings on this on the net. In response to those I've
> tried various combinations of the following,
> 
> 1. Change from using DHCP to static IP on client.
> 2. Applied various registry hacks including turning DHCP media sensing off.
> 3. Disabled various network card options such as media sensing.
> 4. Forced the card to 100Mbps/full duplex (rather than auto).
> 5. Upgraded to the latest network card drivers.
> 6. Downgraded to older network card drivers.
> 
> I'm getting the same error message on 3 XP Pro SP2 clients which I test
> this on, all of which have gigabit broadcom cards (various different
> chipsets). The knowledge base article suggests this is a problem which
> occurs with gigabit cards .. short of trying adding new network cards to
> the systems (some of which are laptops) - does anyone have any
> suggestions on what I could try? I assumes others are successfully
> running with a similar config or are PDCs with tdbsam rare (or is that
> totally unrelated to the problems I'm experiencing).
> 
> I've also tried using a Samba PDC config from the HOWTO rather than my
> own hand-crafted one (see below for both).
> 
> Samba version is 3.0.23d running on  2.6.17-2-686 Debian etch on Dell
> Poweredge 1600sc with an Intel Corporation 82540EM Gigabit Ethernet
> Controller (rev 02).
> 
> I have a djbdns dhcp server on the network serving which references the
> samba server as a wins server.
> 
> Thanks,
> 
> -stephen
> 
> Original PDC config
> 
> [global]
>    workgroup = XXXXX
>    netbios name = XXXX
>    server string = %h server (Samba %v)
>    log file = /var/log/samba/log.%m
>    max log size = 1000
>    syslog = 0
>    panic action = /usr/share/samba/panic-action %d
>    security = user
>    encrypt passwords = true
>    passdb backend = tdbsam
>    obey pam restrictions = yes
>    guest account = nobody
>    unix password sync = yes
>    passwd program = /usr/bin/passwd %u
>    pam password change = yes
>    domain logons = yes
>    os level = 40
>    logon path = \\%L\profiles\%U
>    logon drive = U:
>    logon home = \\%L\%U
>    logon script = logon.cmd
>    add machine script =  /usr/sbin/useradd -d /var/lib/nobody -g 1015 -s
> /bin/false  %u
>    load printers = yes
>    printing = cups
>    printcap name = cups
>    socket options = TCP_NODELAY
>    domain master = yes
>    preferred master = yes
>    wins support = yes
>    idmap uid = 10000-20000
>    idmap gid = 10000-20000
>    template shell = /bin/bash
>    smb ports = 445
> 
> [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes
>    create mask = 0700
>    directory mask = 0700
>    hide files = /desktop.ini/ntuser.ini/NTUSER.*/RECYCLER/
> 
> [printers]
>    comment = All Printers
>    browseable = no
>    path = /var/spool/samba
>    printable = yes
>    public = no
>    writable = no
>    create mode = 0700
> 
> 
> # Windows clients look for this share name as a source of downloadable
> # printer drivers
> [print$]
>    comment = Printer Drivers
>    path = /var/lib/samba/printers
>    write list = root, @ntadmin
>    printer admin = root, @ntadmin
> 
> [netlogon]
>    comment = Network Logon Service
>    path = /var/lib/samba/netlogon
>    guest ok = yes
>    writable = no
>    share modes = no
> 
> # For profiles to work, create a user directory under the path
> # shown. i.e., mkdir -p /var/lib/samba/profiles/maryo
> [profiles]
>    comment = Roaming Profile Share
>    path = /var/lib/samba/profiles
>    read only = No
>    profile acls = Yes
> 
> 
> PDC config from HOWTO
> 
> [global]
> workgroup = XXXX
> netbios name = XXXX
> passdb backend = tdbsam
> printcap name = cups
> add user script = /usr/sbin/useradd -m %u
> delete user script = /usr/sbin/userdel -r %u
> add group script = /usr/sbin/groupadd %g
> delete group script = /usr/sbin/groupdel %g
> add user to group script = /usr/sbin/groupmod -A %u %g
> delete user from group script = /usr/sbin/groupmod -R %u %g
> add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody %u
> # Note: The following specifies the default logon script.
> # Per user logon scripts can be specified in the user account using pdbedit
> logon script = scripts\logon.bat
> # This sets the default profile path. Set per user paths with pdbedit
> logon path = \\%L\Profiles\%U
> logon drive = H:
> logon home = \\%L\%U
> domain logons = Yes
> os level = 35
> preferred master = Yes
> domain master = Yes
> idmap uid = 15000-20000
> idmap gid = 15000-20000
> printing = cups
> wins support = yes
> 
> [homes]
> comment = Home Directories
> valid users = %S
> read only = No
> browseable = No
> 
> # Printing auto-share (makes printers available thru CUPS)
> [printers]
> comment = All Printers
> path = /var/spool/samba
> printer admin = root
> create mask = 0600
> guest ok = Yes
> printable = Yes
> browseable = No
> 
> [print$]
> comment = Printer Drivers Share
> path = /var/lib/samba/drivers
> write list = root
> printer admin = root
> 
> # Needed to support domain logons
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> admin users = root
> guest ok = Yes
> browseable = No
> 
> # For profiles to work, create a user directory under the path
> # shown. i.e., mkdir -p /var/lib/samba/profiles/maryo
> [Profiles]
> comment = Roaming Profile Share
> path = /var/lib/samba/profiles
> read only = No
> profile acls = Yes
> 
> 
> 

-- 
Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center,
   GMIT, Dublin Rd, Galway, Ireland.      mailto:smulcahy at aplpi.com
  mobile:+353.87.2930252  office:+353.91.751262  http://www.aplpi.com

More information about the samba mailing list