[Samba] Notebook cannot open session when disconnected after samba
PDC upgrade
christophe Ancey
cancey at iia.fr
Fri Jul 27 15:13:17 GMT 2007
Hello,
I have a problem with my XP SP2 notebook user after a server upgrade.
I was running a samba 3.0.14a-3 on a debian server with PDC settings, I'd have
to change the server, and now I'm running a samba 3.0.24-ubuntu1.2 on a
ubuntu feisty server.
But now, when my notebook users are disconnected from the network and can't
reach the samba/PDC server, they can't open a session anymore. They got an
error message saying that the windows can't find the domain controller.
The server is not using any roaming profiles.
The strange bit is that it was working before the upgrade.
I'll explain below, but if you got any link or information that may help me
solve this issue, that would be great. I can't find the good google search
words to find revelant informations :( And, as the error seems to originate
from the windows XP SP2 clients, I don't think I'll get revelant errors
logs - no trolls intended ;)
The server is a simple PDC with no LDAP support.
WHat I did is the following :
I'd set up the new samba server on the new computer by copying the smb.conf.
I'd replicated all the linux user and group with GID and GID > 1000 from the
old server.
I'd imported the samba users using pdbedit.
I'd rsynced all the users directory.
i'd testparmed the old smb.conf, finding error only on "tdbsam guest"
parameters, on printer admin option and on a specific shared mapped for non
PDC users. Nothing that seems revelant with this login issue.
I've joined the domain with
net rpc join (which was successfull)
and I'd the SID from net rpc getsid
Finally I did set the new server as a BDC with
local master = no
domain master = no
preferred master=no
domain logons = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
I shutted down the PDC, switched the BDC to PDC and everything worked fine.
My users profiles didn't change, so I've assumed everything was ok.
But, now, I got this problem, and I don't know if I did something the wrong
way during my migration, or if there is an option in the smb.conf I didn't
set right. So, thank's in advance :)
Here is the smb.conf, in case it might help.
[global]
workgroup = domain.net
server string = %h
#%h server (Samba %v)
#### Debugging/Accounting ####
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
####### Authentication #######
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
guest account = guest
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
########## Printing ##########
printing = cups
printcap name = cups
######## File sharing ########
local master = yes
preferred master = yes
domain master = yes
domain logons = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
os level = 64
logon drive =
logon path =
logon script = logon.cmd
add machine script = /usr/sbin/useradd -d /dev/null -g
100 -s /bin/false -M %u
############ Misc ############
socket options = TCP_NODELAY
lock spin count = 10
lock spin time = 20
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
writable = yes
create mask = 0775
directory mask = 0775
locking = yes
[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
printer admin = root, @domadm
create mode = 0700
invalid users = morassuti
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
read only = yes
write list = root, @domadm
browsable = no
invalid users = morassuti
[publique]
comment = public shared directory
writable = yes
path = /home/samba/public_smb
public = yes
guest ok = no
nt acl support = true
invalid users = morassuti
locking = yes
create mask = 0777
directory mask = 0777
oplocks = yes
veto oplock files = /*.mdb/*.MDB/*.ldb/
#share modes = no
strict locking = yes
[Dossiers]
comment = Repertoire dossier
writable = yes
locking = no
path = /home/
public = yes
guest ok = no
nt acl support = true
hide files = /home/samba
[echange]
comment = public shared directory
writable = yes
locking = no
path = /home/guests
public = yes
guest ok = yes
guest only = yes
[print$]
comment = Printer Drivers
path = /home/samba/printer_drivers
browseable = yes
guest ok = no
read only = yes
write list = root, @domadm
invalid users = morassuti
More information about the samba
mailing list