[Samba] Access denied-message when joining domain

Jason Baker jbaker at glastender.com
Fri Jul 13 17:44:05 GMT 2007


> I also want the users to be able to log
> in from any computer in the network.
This is called roaming profiles, and you will need a domain in order to 
do this, otherwise the user's desktop will not follow them to different 
computers.

*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>

-----BEGIN GEEK CODE BLOCK----- 
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- 
r+++ y+++
------END GEEK CODE BLOCK------



Huyth Jenssen wrote:
> Hello list.
>
> I have Samba working as a PDC, but when I try to join from a XP 
> computer I
> get the message: "Access denied". The message appears right after I 
> change
> the domain name in the XP network settings and the login window pops up.
> My smb.conf is:
>
> [global]
>        workgroup = DOMAIN.NAME
>        server string = %h server (Samba, Ubuntu)
>        obey pam restrictions = Yes
>        passdb backend = ldapsam:ldap://127.0.0.1
>        passwd program = /usr/bin/passwd %u
>        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
>        syslog = 0
>        log file = /var/log/samba/log.%m
>        max log size = 1000
>        logon script = logon.bat
>        logon path = \\%N\profiles
>        logon drive = H:
>        logon home = \\%N\%U\data
>        domain logons = Yes
>        dns proxy = No
>        wins support = Yes
>        ldap admin dn = cn=admin,dc=domain,dc=name
>        ldap group suffix = ou=groups
>        ldap machine suffix = ou=machines
>        ldap passwd sync = Yes
>        ldap suffix = dc=domain,dc=name
>        ldap user suffix = ou=users
>        panic action = /usr/share/samba/panic-action %d
>        invalid users = root
>
> [homes]
>        comment = Home Directories
>        path = /home/%S/data
>        valid users = %S
>        read only = No
>        create mask = 0600
>        directory mask = 0700
>        browseable = No
>
> [netlogon]
>        comment = Network Logon Service
>        path = /data/samba/netlogon
>        write list = @admins
>        guest ok = Yes
>        share modes = No
>
> [profiles]
>        comment = Users profiles
>        path = /home/%U/profiles
>        read only = No
>        create mask = 0600
>        directory mask = 0700
>        browseable = No
>
> [printers]
>        comment = All Printers
>        path = /var/spool/samba
>        create mask = 0700
>        printable = Yes
>        browseable = No
>
> [print$]
>        comment = Printer Drivers
>        path = /var/lib/samba/printers
>
>
>
> Also, I'm not quite sure if I need a domain. All I want to do is to 
> create
> different users with different rights, the data stored will be the 
> same for
> everybody, just different rights. Two printers will be shared and I want
> everybody to have access to them.  I also want the users to be able to 
> log
> in from any computer in the network. Do I need a domain or can this be
> solved in another way?
>
> Thankful for any responses.
>   Huyth


More information about the samba mailing list