[Samba] Can't login to domain from Windows 2K clients

David Lynum dlynum at youthuprising.org
Wed May 16 20:13:22 GMT 2007


I'm running Samba 3.01012 on Fedora Core 2.  A consultant setup the 
linux servers, including the one running samba.  The problem is that 
recently some w2k users, but not all, can no longer login to our 
domain.  They were able to login just fine before, but now can't.  Yes, 
they were already joined to the domain.  No changes were made to their 
user accounts.  The error message that comes from the Windows login 
screen is "The system is unable to login you in because the domain 
"joeblow" is not available".  One of the reasons that this is a major 
problem is because our user use roaming profiles.  What I've done as a 
work around is to create a local windows account for the users.  I then 
run "\\servername\share" from run and they're able to mount the folders 
they need from the server running samba.  So yes, the shares are still 
working.  We also are running ldap servers.  It appears as though one of 
the ldap servers is the pdc?  An additional problem is that when I goto 
My Network Places -> Entire Network -> double click on Microsoft Windows 
Network, I can see the domain name for the workgroup.  But when I double 
click on it I receive the error message "YouthUpRising is not 
accessible.  The network path was not found."  Also there are some w2k 
computers that are still a part of the "workgroup" workgroup.  I used to 
be able to see both the youthuprising domain and the "workgroup" 
workgroup when I went into my network places.  But now I can no longer 
see the "workgroup" workgroup.

I hope that my explanation is clear, at least clear than mud.  I need 
help on this asap.  The problem doesn't seem to be growing, but I need 
it resolved quickly.


Here's a copy of a port of smb.conf.
# Global parameters
   workgroup = YOUTHUPRISING
        server string = Youth Uprising %h

    passdb backend = ldapsam:ldap://auth1.inside.youthuprising.org
    username map = /etc/samba/smbusers
    log level = 1
    syslog = 0
    log file = /var/log/samba/%m
    max log size = 50
    smb ports = 139 445
    name resolve order = wins bcast hosts
    printcap name = CUPS
    show add printer wizard = No
    logon script = scripts\logon.bat
        logon path = \\file\profiles\%U
    logon drive = X:
    domain logons = No
    domain master = No
#    wins server = xx.xx.xx.xx
    ldap suffix = dc=inside,dc=youthuprising,dc=org
    ldap machine suffix = ou=People
    ldap user suffix = ou=People
    ldap group suffix = ou=Groups
    ldap idmap suffix = ou=Idmap
    ldap admin dn = cn=Manager,dc=inside,dc=youthuprising,dc=org
#       ldap port = 389
#       ldap server = auth0.youthuprising.org
    utmp = Yes
    idmap backend = ldap:ldap://auth1.inside.youthuprising.org
   idmap uid = 10000-20000
   idmap gid = 10000-20000
    printing = cups
    printer admin = Administrator, root
   security = user

More information about the samba mailing list