[Samba] Domain logins not working
garydale at rogers.com
Tue Jan 6 05:45:39 GMT 2009
Jeremy Allison wrote:
> On Mon, Jan 05, 2009 at 11:56:07PM -0500, Gary Dale wrote:
>> Jeremy Allison wrote:
>>> On Mon, Jan 05, 2009 at 11:32:18PM -0500, Gary Dale wrote:
>>>> Samba wants the machines to have Unix accounts too! I don't recall
>>>> this behaviour previously, and I note my old server didn't have them
>>> Samba has *always* behaved this way.
>> Why? I can understand user accounts for the various mappings, but what
>> is the purpose of having Unix machine accounts? Since my old server
>> didn't have them (not listed in the /etc/passwd file), it doesn't appear
>> that they are necessary for Samba to operate.
> They are needed for machine accounts, a machine account is
> a principal just like a user account.
But a machine account only has significance within the context of a
Windows Domain, unlike a user account which exists in both Windows and
Unix environments. Moreover, a user account has a Unix password
associated with it while a machine account doesn't.
And again, the Unix machine account doesn't appear to be used once the
Windows machine account is set up. It seems like it's just there to
validate that the machine account really should be set up. And the error
message returned if the Unix account is missing is not very helpful.
Anyway, I'm just trying to get my home network running on a new Samba
server - something I've done many times over the years but this time it
isn't working. The SWAT wizards usually make it easy - set up the server
as a domain controller, add some users, machine accounts and shares and
things work. This time it's not and I'm still wondering why. The syslog
entries don't seem to be telling me very much. For example, I have an
XP/Pro workstation that is connected to shares on the server (logged in
as garydale when I had my old DC running) that is filling syslog with
Jan 6 00:27:08 whenim64 smbd: _net_auth2: creds_server_check
failed. Rejecting auth request from client HYPERZIP machine account
More information about the samba