[Samba] Domain logins not working

Gary Dale garydale at rogers.com
Sat Jan 3 21:55:06 GMT 2009

I'm trying to set up a new server to replace my previous domain
controller/file&print server on my home network. My old server was
running Debian/Etch on a 32bit sempron system with two HDs. The new one
is running an old 64bit single-core processor and 3 HDs configured into
multiple RAID  1 and 5 arrays (/boot as RAID 1 and /, /home, swap and a
/backup directory as RAID 5).  The new server is running Debian/Etch+1/2.

Samba was installed by default since I specified the new server as a
file & print server.  I rsync'ed the old /home to the new one to get the
files across. Then  I used SWAT to make my old server a member server
and the new one a domain controller. Since I only had a few accounts I
set them up manually on the new machine, taking care to ensure that the
new Unix ids matched the old ones.

File sharing is working well after I remapped the drives on a running
XP/Pro workstation. However, I can't get logins to work. I've set up
machine accounts for each XP/Pro workstation and used SWAT to create the
new Samba accounts and enable them (with the same password as before)
but XP/Pro refuses to allow the logins. I also tried mapping a share on
the old server to a directory on the new and I get the same problem -
it's having problems finding a DC.

Here's my smb.conf (minus most of the shares), if that helps (ps, I will
set the log level higher as part of my debugging so don't suggest I do
that. However, any suggestions on what may be going wrong are welcome.
:)  ):

# Samba config file created using SWAT
# from (
# Date: 2009/01/03 15:47:32

    workgroup = RAHIM-DALE
    server string = %h server
    obey pam restrictions = Yes
    passdb backend = tdbsam
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
    unix password sync = Yes
    syslog = 0
    log file = /var/log/samba/log.%m
    max log size = 1000
    add user script = /usr/sbin/useradd  -g users %u
    delete user script = /usr/sbin/userdel -r %u
    add group script = /usr/sbin/groupadd %g
    delete group script = /usr/sbin/groupdel %g
    add user to group script = /usr/sbin/usermod -G  %g %u
    add machine script = /usr/sbin/useradd -g machines -c Machine -d
/dev/null -s /bin/false %u\$
    logon script = scripts\logon.bat
    logon path = \\%L\profiles\%U
    logon drive = M:
    logon home = \\%L\%U
    domain logons = Yes
    preferred master = Yes
    domain master = Yes
    dns proxy = No
    wins support = Yes
    ldap ssl = no
    panic action = /usr/share/samba/panic-action %d
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    username = root = administrator
    invalid users = root
    admin users = garydale, root
    printer admin = garydale
    printing = cups
    print command =
    lpq command = %p
    lprm command =
    include = /etc/samba/dhcp.conf

    comment = Home Directories
    valid users = %S
    create mask = 0700
    directory mask = 0700
    browseable = No

    comment = All Printers
    path = /var/spool/samba
    create mask = 0700
    printable = Yes
    browseable = No

    comment = Printer Drivers
    path = /var/lib/samba/printers

    path = /home/samba/profiles
    read only = No

    path = /home/samba/netlogon
    read only = No

More information about the samba mailing list