[Samba] Can't login to domain from Windows 2K clients

Ray Klassen rklassen at mccscs.com
Thu May 17 20:00:45 GMT 2007 

David Lynum wrote:
> List,
> 
> I'm running Samba 3.01012 on Fedora Core 2.  A consultant setup the 
> linux servers, including the one running samba.  The problem is that 
> recently some w2k users, but not all, can no longer login to our 
> domain.  They were able to login just fine before, but now can't.  Yes, 
> they were already joined to the domain.  No changes were made to their 
> user accounts.  The error message that comes from the Windows login 
> screen is "The system is unable to login you in because the domain 
> "joeblow" is not available".  One of the reasons that this is a major 
> problem is because our user use roaming profiles.  What I've done as a 
> work around is to create a local windows account for the users.  I then 
> run "\\servername\share" from run and they're able to mount the folders 
> they need from the server running samba.  So yes, the shares are still 
> working.  We also are running ldap servers.  It appears as though one of 
> the ldap servers is the pdc?  An additional problem is that when I goto 
> My Network Places -> Entire Network -> double click on Microsoft Windows 
> Network, I can see the domain name for the workgroup.  But when I double 
> click on it I receive the error message "YouthUpRising is not 
> accessible.  The network path was not found."  Also there are some w2k 
> computers that are still a part of the "workgroup" workgroup.  I used to 
> be able to see both the youthuprising domain and the "workgroup" 
> workgroup when I went into my network places.  But now I can no longer 
> see the "workgroup" workgroup.
> 
> I hope that my explanation is clear, at least clear than mud.  I need 
> help on this asap.  The problem doesn't seem to be growing, but I need 
> it resolved quickly.
> 
> Thanks
> 
> 
> Here's a copy of a port of smb.conf.
> # Global parameters
> [global]
>   workgroup = YOUTHUPRISING
>        server string = Youth Uprising %h
> 
>    passdb backend = ldapsam:ldap://auth1.inside.youthuprising.org
>    username map = /etc/samba/smbusers
>    log level = 1
>    syslog = 0
>    log file = /var/log/samba/%m
>    max log size = 50
>    smb ports = 139 445
>    name resolve order = wins bcast hosts
>    printcap name = CUPS
>    show add printer wizard = No
>    logon script = scripts\logon.bat
>        logon path = \\file\profiles\%U
>    logon drive = X:
>    domain logons = No
>    domain master = No
> #    wins server = xx.xx.xx.xx
>    ldap suffix = dc=inside,dc=youthuprising,dc=org
>    ldap machine suffix = ou=People
>    ldap user suffix = ou=People
>    ldap group suffix = ou=Groups
>    ldap idmap suffix = ou=Idmap
>    ldap admin dn = cn=Manager,dc=inside,dc=youthuprising,dc=org
> #       ldap port = 389
> #       ldap server = auth0.youthuprising.org
>    utmp = Yes
>    idmap backend = ldap:ldap://auth1.inside.youthuprising.org
>   idmap uid = 10000-20000
>   idmap gid = 10000-20000
>    printing = cups
>    printer admin = Administrator, root
>   security = user
> 


Just a thought. you might try enabling wins support = yes and pointing 
your windows boxes at your server as the wins server.


-- 
Ray Klassen
Computer SysAdmin
MCC Supportive Care Services

More information about the samba mailing list