[Samba] Win7 client, Samba PDC

Bastien Semene bsemene at cyanide-studio.com
Thu May 6 09:15:27 MDT 2010 


Le 06/05/2010 17:13, Bastien Semene a écrit :
> The samba wiki tolds to only modify DomainCompatibilityMode and 
> DNSNameResolutionRequired keys : http://wiki.samba.org/index.php/Windows7
>
> Le 06/05/2010 16:59, Steve Wolfe a écrit :
>> I'm trying to set up Samba as a PDC for some Win7 clients, and could use
>> some help.  I can successfully join the domain, with the message 
>> "Changing
>> the primary domain DNS name of this computer to "" failed.", but I am 
>> still
>> told that it was successful.
>>
>> However, when I try to log in, I am told  "The trust relationship 
>> between
>> this workstation and the primary domain failed".  Looking in
>> /var/log/samba/pi-69.log, I see:
>>
>> [2010/05/06 08:45:45,  0]
>> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
>>    _netr_ServerAuthenticate3: netlogon_creds_server_check failed. 
>> Rejecting
>> auth request from client PI-69 machine account PI-69$
>> [2010/05/06 08:45:45,  0]
>> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
>>    _netr_ServerAuthenticate3: netlogon_creds_server_check failed. 
>> Rejecting
>> auth request from client PI-69 machine account PI-69$
>>
>> Trying:
>>
>> smbpasswd -x pi-69$
>> userdel -r pi-69$
>> useradd pi-69$
>> smbpasswd -a -m pi-69$
>>
>> does no good.
>>
>> Client has :
>>
>> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] 
>>
>> “RequireSignOrSeal”=dword:00000000
>> “RequireStrongKey”=dword:00000000
>>
>> and
>>
>> [HKLM\System\CCS\Services\LanmanWorkstation\Parameters]
>> DWORD DomainCompatibilityMode = 1
>> DWORD DNSNameResolutionRequired = 0
>>
>> Config/specs:
>>
>> Samba version 3.4.7-58.fc12
>> Widows 7 64-bit professional clients
>>
>> smb.conf:
>> [global]
>> netbios name = PinnacleFS
>> workgroup = PinnacleDom
>> logon drive= P:
>> logon home = \\PinnacleFS\%u
>> locking = yes
>> server string = PDC
>> hosts allow=10.0.0.0/255.255.255.0
>> load printers = no
>> log file = /var/log/samba/%m.log
>> security=user
>> encrypt passwords=yes
>> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>> local master = yes
>> os level = 128
>> domain master = yes
>> prefered master = yes
>> domain logons = yes
>> logon script = login.bat
>> dns proxy = no
>>
>>    idmap uid = 16777216-33554431
>>     idmap gid = 16777216-33554431
>>     template shell = /bin/false
>>     winbind use default domain = no
>>
>> [homes]
>>     comment = Home Directories
>>     browseable = no
>>     writable = yes
>>      create mode = 0700
>>      directory mode = 0700
>>
>> # Un-comment the following and create the netlogon directory for Domain
>> Logons
>>   [netlogon]
>>     comment = Network Logon Service
>>     path = /home/netlogon
>>     guest ok = yes
>>     writable = no
>>     share modes = no
>> [Profiles]
>>      browseable = no
>>      guest ok = yes
>>      create mode = 0700
>>      directory mode = 0700
>>      default case = lower
>>      case sensitive = no
>>
>> [Apps]
>>          path=/home/apps
>>          force user=apps
>>          force group=apps
>

-- 
Bastien Semene
Administrateur Réseau&  Système

Cyanide Studio - FRANCE

More information about the samba mailing list