[Samba] INFO Request: Samba PDC, Windows NT4 Style, Failure to Add Trusted Machine

Adam Williams awilliam at mdah.state.ms.us
Fri Aug 1 19:27:01 GMT 2008


is the windows xp comptuer named winbox in my computer properties, 
computer name?  is the WINS SERVER ip address set to the IP of your 
samba server?

Jason A. Nunnelley wrote:
> Here's my document reference point:
> http://samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#machine-trust-accounts 
>
>
> I've had some moderate success setting up this Samba network.  But, 
> it's failing at adding a Windows XP Pro machine to the trusted machine 
> list, or it's disallowing it to log in.  This explanation is as 
> complete as I can make it, so it will be long.
>
> My config is at the bottom of the message
>
> Using:
>
> FreeBSD 7 Stable
> Samba 3.0.31_1,1
>
> Windows XP Professional, SP3
> Logging in as Administrator local
> Trying to add to domain by adding it through System => Computer Name, 
> etc.
>
> Presently, I'm using (in smb.conf):
>
> security = user
>
> The goals are to set up a PDC Samba machine, acting as the PDC, with
> local accounts for Samba, allowing a hand full of Windows XP
> Professional machines to log in via the domain and a domain user.
>
> I'm not using LDAP, am running Samba 3 (which is apparently
> syntactically different than 2.X in configs).
>
> 1) Added trusted machine according to documents.
>
> 2) Added user accounts, which log in fine remotely via the windows 
> network
> browser to view, upload, change files -- I can even map a device.  But, I
> can't log in as a member of the domain from the Windows XP Pro machine.
>
> 3) Trying to add the trusted machine to the domain.  That doesn't work
> from the Windows box.  It first tells me that the machine is not in the
> list of machines on the domain, and then says the user cannot be found
> when I key in the user/pass/domain details in the login box.
>
> I've added the machine account to the pw file in BSD.
>
> vipw reveals:
>
> winbox$:*:101:100::0:0:Windows winbox:/dev/null:/sbin/nologin
>
> I've added the group machines to the groups file.
>
> /etc/groups reveals:
>
> machines:*:100:
>
> I've added the machine via command line to the Samba user db.
>
> root# smbpasswd -a -m winbox
>
> So, I figured I can just log into the Windows machine as local 
> Administrator, go to Control Panel, System, Computer Name, Network ID 
> and walk through the wizard to add the computer to the domain.
>
> I get this error:
>
> Windows can not find an account for your computer on the MYDOMAIN domain.
>
>
> My config:
>
> [global]
> workgroup = WORKGROUP
> server string = Samba Server
> netbios name = SMBSERVER
> security = user
> hosts allow = 192.168.1. 192.168.2. 127. 10.10.10.
> log file = /var/log/samba/log.%m
> max log size = 50
> passdb backend = tdbsam
> local master = yes
> os level = 65
> domain master = yes
> preferred master = yes
> domain logons = yes
> wins support = yes
> hide unreadable = yes
> hide dot files = yes
> nt acl support = yes
> inherit acls = yes
> ;    map acl inherit = yes
> [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes
> [data]
> comment = Data Drive
> path = /home/sambashare
> ; force user = [some-username]
> force group = sambadata
> read only = No
> guest ok = No
>
>



More information about the samba mailing list