[Samba] windows 7 samba domain
Ufficiotecnico Acknow Srl
ufficiotecnico at acknow.it
Mon Jul 5 02:14:47 MDT 2010
Hi,
I succesfuly joined five windows 7 client to a samba (version
3-3.2.15-40) domain with passdb backend = tdbsam, the client works
correctly, user domain, network share printers etc, after 2 weeks the
client does not access to domain, with this error: the trust
relationship between this workstation and the primary domain failed, to
resolve I remove the client from domain and join again, the problem
reappears after a few days.
I read in a forum that could be a cache password problem related with
nscd, now i disabled service ncsd and enable winbind.
i have also modified add machine script with /usr/sbin/useradd -g
machines -c"client pc" -s /bin/false -M %u && nscd -i passwd && sleep 2s
*My smb.conf* with samba samba3-3.2.15-40.suse101
workgroup = DOMAIN
netbios name = MASTERGS
obey pam restrictions = No
logon script = scripts\%U.bat
logon path = \\MASTERGS\profiles\%U
logon home = \\MASTERGS\%U
logon drive = Z:
domain logons = Yes
domain master = Yes
guest account = nobody
time server = Yes
preferred master = yes
wins support = yes
os level = 44
passdb backend = tdbsam
security = user
smb ports = 139 445
server string = %h server (Samba, Suse)
username map = /etc/samba/smbusers
name resolve order = wins bcast bind hosts
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
veto oplock files = /*.pdf/*.PST/*.odb/*.ott/*.ods/*.odt/*.sxw/*.doc/
veto files = /*.mp3/ /*.wav/ /*.mpeg/ /*.avi/ /*.nbu /*.tmp /*.TMP
host msdfs = No
show add printer wizard = yes
# Useradd scripts ###################
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -g machines -c"client pc" -s
/bin/false -M %u && nscd -i passwd && sleep 2s
####################################
idmap uid = 15000-20000
idmap gid = 15000-20000
####################################
passwd program = /usr/bin/passwd %u
passwd chat = *Inserisci\snuova\sUNIX\spassword:* %n\n
*Conferma\snuova\sUNIX\spassword:* %n\n .
passwd chat debug = yes
unix password sync = no
# set the loglevel
log level = 1
log file = /var/log/samba/%m.log
###################################
[homes]
comment = Directory Privata
path = /home/samba/private/%S
valid users = %S
read only = No
browseable = No
[netlogon]
comment = NLService
path = /home/samba/netlogon
guest ok = Yes
browseable = No
####################################################
[profiles]
comment = Roaming Profiles
path = /home/samba/profiles
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
force user = %U
valid users = %U "Domain Admins"
read only = No
profile acls = Yes
hide files = /DESKTOP.INI/desktop.ini/Desktop.ini
####################################################
*/etc/nsswitch.conf*
passwd: compat
group: compat
hosts: files dns
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files nis
publickey: files
bootparams: files
automount: files nis
aliases: files
*Windows 7 reg modification*
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters]
"DNSNameResolutionRequired"=dword:00000000
"DomainCompatibilityMode"=dword:00000001
*Error in client.log *
rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(555)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting
auth request from clientPCCLIENT machine account PCCLIENT$
Thanks
More information about the samba
mailing list