[Samba] Windows Vista Woes PLZ help
James
james at nttmcl.com
Thu Sep 20 16:23:09 GMT 2007
Hi guys i asked about this a couple days ago but i'm guessing everyone
glanced over it.
So here's my problem.
I have a SambaPDC with LDAP
With WinXP i can join/login the domain fine.
With WinVista i can join the domain but can't login to it after i join
to the domain. It gives me an RPC failure. I noticed that it doesn't
seem to even find the PDC.
I don't even get any transaction in my Samba log after i've ramped up
the log level.
I also do a tcpdump and the first time i try to login i'll get some type
of transaction but if i try again it won't even attempt to send packets
to my PDC
I've already changed the ntlmv2 parameter in the vista machine.
Thanks in Advance
-James
Here's my Samba smb.conf:
[global]
workgroup = PDC-TEST
netbios name = vm00
server string = Samba %v
##### Domain Directives #####
os level = 65
preferred master = yes
domain master = yes
domain logons = yes
local master = yes
logon drive = Z:
#logon home = \\%L\%U
#logon path = \\%L\profiles\%U
name resolve order = wins lmhosts host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins support = yes
#interfaces = eth1
##### Generic Directives #####
hide dot files = yes
security = user
max log size = 1000
log level = 256
syslog = 1
username map = /etc/samba/smbusers
# Windows Vista Stuff
client lanman auth = no
client ntlmv2 auth = yes
#passdb backend = tdbsam
##### LDAP Directives #####
passdb backend = ldapsam:"ldap://ldap-master-test.example.com"
ldap suffix = dc=example,dc=com
ldap admin dn = cn=admin,dc=example,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=Hosts
ldap idmap suffix = ou=Idmap
idmap uid = 10000-20000
idmap gid = 10000-20000
add user script = /usr/sbin/smbldap-useradd -a -m "%u"
add machine script = /usr/sbin/smbldap-useradd -a -w "%u"
add group script = /usr/sbin/smbldap-groupadd -a -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
passwd program = /usr/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new
password*" %n\n"
###### Comment Out to Disable PASSWD Sync #####
ldap passwd sync = yes
encrypt passwords = true
[homes]
comment = Home Directories
browseable = no
writable = yes
create mask = 0700
directory mask = 0700
# valid users = %S
[netlogon]
path = /home/samba/netlogon
guest ok = yes
browseable = No
[profiles]
path = /home/samba/profiles/
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
#force user = %U
# next line allows administrator to access all profiles
#valid users = %U @"Domain Admins"
More information about the samba
mailing list