[Samba] Samba 3 PDC - client unable to join domain

William Hamilton william.hamilton at gmail.com
Tue May 20 22:28:36 GMT 2008 

I have a new domain setup (refer below for config) but when I try to add an
XP machine to the domain with root ID I get "access denied message".  At the
share level things work fine but keen to get this acting as the PDC and
running login scripts etc.
-Debian Lenny
-Samba Version 3.0.28a

I have looked at docs and cannot find the problem's solution keen for input.

<smb.conf extract>
[global]
	workgroup = <DOMAIN>
	netbios name = <SERVERNAME>
	server string = %h server Debian %a %v %L
	load printers = yes
	printing = cups
	printcap name = cups
	obey pam restrictions = Yes
        wins support = yes
	#socket options = 
	passdb backend = tdbsam
	passwd program = /usr/bin/passwd %u
	passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
	passwd chat debug = yes	
	unix password sync = yes
	time server = Yes
	
	#############################
	# Browser settings	
	#############################
	domain master = Yes
        preferred master = yes
	os level = 64
	preferred master = Yes
	
	#############################
	#PDC Settings and the like
	#############################
	domain logons = Yes
        logon script = %U.bat
	logon path = \\<SERVERNAME>\Profiles\%U
	logon drive = H:
	logon home = \\%N\%U
	add user script = /usr/sbin/useradd -m "%u"
	add group script = /usr/sbin/groupadd "%g"
	add user to group script = /usr/sbin/usermod -G "%g" "%u"
	delete user from group script = /usr/sbin/gpasswd -d "%u" "%g"
	set primary group script = /usr/sbin/usermod -g "%g" "%u"
	delete user script = /usr/sbin/userdel -r %u
	delete group script = /usr/sbin/groupdel "%g"
	#add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false && /bin/passwd -l %u
	add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false 
	
	#############################
	# Logging etc	
	#############################
	log level = 3	
	syslog = 0
	log file = /var/log/samba/log.%m
	max log size = 1000
	dns proxy = No
	panic action = /usr/share/samba/panic-action %d
	invalid users = root
        name resolve order = wins lmhosts bcast
        dns proxy = yes



	#############################
	# Shares etc	
	#############################
[netlogon]
	comment = Network Logon Service - LogOn for U-%U u-%u at m-%m N-%N
	path = /home/netlogon
	admin users = @sambaadmin
	browseable = No

[Profiles]
	comment = Roaming Profile Share
	path = /home/profiles
	read only = No
	profile acls = Yes


[homes]
	comment = Home Directories
	valid users = %S
	read only = No
	create mask = 0700
	directory mask = 0700
	browseable = No
</smb.conf extract>

net groupmap list
Domain Users (S-1-5-21-1908553111-1112605503-553197678-1003) -> users
Domain Admins (S-1-5-21-1908553111-1112605503-553197678-512) -> sambaadmin
Domain Guests (S-1-5-21-1908553111-1112605503-553197678-514) -> nogroup


/etc/samba/smbusers
root = Administrator

-- 
View this message in context: http://www.nabble.com/Samba-3-PDC---client-unable-to-join-domain-tp17309877p17309877.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list