[Samba] Win7 client, Samba PDC
Bastien Semene
bsemene at cyanide-studio.com
Thu May 6 09:15:27 MDT 2010
Le 06/05/2010 17:13, Bastien Semene a écrit :
> The samba wiki tolds to only modify DomainCompatibilityMode and
> DNSNameResolutionRequired keys : http://wiki.samba.org/index.php/Windows7
>
> Le 06/05/2010 16:59, Steve Wolfe a écrit :
>> I'm trying to set up Samba as a PDC for some Win7 clients, and could use
>> some help. I can successfully join the domain, with the message
>> "Changing
>> the primary domain DNS name of this computer to "" failed.", but I am
>> still
>> told that it was successful.
>>
>> However, when I try to log in, I am told "The trust relationship
>> between
>> this workstation and the primary domain failed". Looking in
>> /var/log/samba/pi-69.log, I see:
>>
>> [2010/05/06 08:45:45, 0]
>> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
>> _netr_ServerAuthenticate3: netlogon_creds_server_check failed.
>> Rejecting
>> auth request from client PI-69 machine account PI-69$
>> [2010/05/06 08:45:45, 0]
>> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
>> _netr_ServerAuthenticate3: netlogon_creds_server_check failed.
>> Rejecting
>> auth request from client PI-69 machine account PI-69$
>>
>> Trying:
>>
>> smbpasswd -x pi-69$
>> userdel -r pi-69$
>> useradd pi-69$
>> smbpasswd -a -m pi-69$
>>
>> does no good.
>>
>> Client has :
>>
>> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
>>
>> “RequireSignOrSeal”=dword:00000000
>> “RequireStrongKey”=dword:00000000
>>
>> and
>>
>> [HKLM\System\CCS\Services\LanmanWorkstation\Parameters]
>> DWORD DomainCompatibilityMode = 1
>> DWORD DNSNameResolutionRequired = 0
>>
>> Config/specs:
>>
>> Samba version 3.4.7-58.fc12
>> Widows 7 64-bit professional clients
>>
>> smb.conf:
>> [global]
>> netbios name = PinnacleFS
>> workgroup = PinnacleDom
>> logon drive= P:
>> logon home = \\PinnacleFS\%u
>> locking = yes
>> server string = PDC
>> hosts allow=10.0.0.0/255.255.255.0
>> load printers = no
>> log file = /var/log/samba/%m.log
>> security=user
>> encrypt passwords=yes
>> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>> local master = yes
>> os level = 128
>> domain master = yes
>> prefered master = yes
>> domain logons = yes
>> logon script = login.bat
>> dns proxy = no
>>
>> idmap uid = 16777216-33554431
>> idmap gid = 16777216-33554431
>> template shell = /bin/false
>> winbind use default domain = no
>>
>> [homes]
>> comment = Home Directories
>> browseable = no
>> writable = yes
>> create mode = 0700
>> directory mode = 0700
>>
>> # Un-comment the following and create the netlogon directory for Domain
>> Logons
>> [netlogon]
>> comment = Network Logon Service
>> path = /home/netlogon
>> guest ok = yes
>> writable = no
>> share modes = no
>> [Profiles]
>> browseable = no
>> guest ok = yes
>> create mode = 0700
>> directory mode = 0700
>> default case = lower
>> case sensitive = no
>>
>> [Apps]
>> path=/home/apps
>> force user=apps
>> force group=apps
>
--
Bastien Semene
Administrateur Réseau& Système
Cyanide Studio - FRANCE
More information about the samba
mailing list