[Samba] A device attached to the system is not functioning (smbd -V 3.5.x)

Todd E Thomas todd_dsm at ssiresults.com
Wed Nov 17 08:24:09 MST 2010 

I've tried everything I can think of to get your suggestion to work. I 
can only seem to get this done after the addition of the of the 
workstation to the domain with pdbedit. And, at that point I still get 
the error. I've created 2 additional test samba servers, 1 with tdb 
backend and another with ldap. Same thing.

Additionally, I was able to do some testing with an older Samba 3.0.33 
production box and the sambaAcctFlags: [W          ] are the same on 
that server without having to add workstation twice.

Is this a minor bug?




On 11/15/2010 01:17 AM, Daniel Müller wrote:
> I had a similar problem:
> Look at this sambaAcctFlags: [W          ]
> I had one workstation with this sambaAcctFlags: [W          ]
> All other workstations had [W].
> I changed it to [W] and it did the trick.
> Maybe you can solve this too.
> Good Luck
>
> -----------------------------------------------
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
>
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Todd E Thomas
> Gesendet: Montag, 15. November 2010 00:23
> An: Samba List; Todd E Thomas
> Betreff: [Samba] A device attached to the system is not functioning (smbd -V
> 3.5.x)
>
> Howdy,
>
> I'm having one last problem with my Samba PDC with an ldap backend. When I
> add a machine to the domain I get the error, on my Win7 test client, that
> says:
>
> The following error occurred attempting to join the domain "office":
> A device attached to the system is not functioning.
>
> Here are some particulars:
> # smbd -V
> Version 3.5.6 (configured sernet repo to install latest packages)
>
> I'm using OpenLDAP v2.4.23
>
> # cat /etc/redhat-release
> CentOS release 5.5 (Final)
>
> The Win7 client is a VM in VirtualBox. It does, in fact, have a device with
> no driver (sound card).
> ---
>
> After adding the client to the domain and entering UN/PW, these are logged
> entries:
>
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.344804,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[admingear]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345033,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[apps]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345199,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[docs]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345352,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[homes]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345543,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[netlogon]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345689,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[printers]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.346143,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[print$]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.431008,  1]
> param/loadparm.c:7605(lp_do_parameter)
> Nov 14 16:37:26 hostname smbd[18542]:   WARNING: The "printer admin"
> option is deprecated
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.498046,  2]
> param/loadparm.c:7859(do_section)
> Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[public]"
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.573629,  2]
> printing/print_cups.c:550(cups_async_callback)
> Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to
> read a new printer list
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.649941,  2]
> printing/print_cups.c:550(cups_async_callback)
> Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to
> read a new printer list
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.701745,  2]
> lib/interface.c:340(add_interface)
> Nov 14 16:37:26 hostname smbd[18542]:   added interface lo ip=127.0.0.1
> bcast=127.255.255.255 netmask=255.0.0.0
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.768676,  2]
> lib/interface.c:340(add_interface)
> Nov 14 16:37:26 hostname smbd[18542]:   added interface eth0 ip=10.0.0.4
> bcast=10.0.0.255 netmask=255.255.255.0
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.838027,  2]
> lib/access.c:406(check_access)
> Nov 14 16:37:26 hostname smbd[18542]:   Allowed connection from
> 10.0.0.203 (10.0.0.203)
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.912057,  2]
> smbd/reply.c:554(reply_special)
> Nov 14 16:37:26 hostname smbd[18542]:   netbios connect:
> name1=ZERVER         0x20 name2=7TEST1         0x0
> Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.978893,  2]
> smbd/reply.c:565(reply_special)
> Nov 14 16:37:27 hostname smbd[18542]:   netbios connect: local=zerver
> remote=7test1, name type = 0
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.575662,  2]
> smbd/sesssetup.c:1391(setup_new_vc_session)
> Nov 14 16:37:34 hostname smbd[18542]:   setup_new_vc_session: New VC ==
> 0, if NT4.x compatible we would close all old resources.
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.589383,  2]
> smbd/sesssetup.c:1391(setup_new_vc_session)
> Nov 14 16:37:34 hostname smbd[18542]:   setup_new_vc_session: New VC ==
> 0, if NT4.x compatible we would close all old resources.
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.590067,  2]
> lib/smbldap.c:950(smbldap_open_connection)
> Nov 14 16:37:34 hostname smbd[18542]:   smbldap_open_connection:
> connection opened
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.593216,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:34 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: root
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.597839,  2]
> passdb/pdb_ldap.c:2446(init_group_from_ldap)
> Nov 14 16:37:34 hostname smbd[18542]:   init_group_from_ldap: Entry
> found for group: 10002
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.604253,  2]
> auth/auth.c:304(check_ntlm_password)
> Nov 14 16:37:34 hostname smbd[18542]:   check_ntlm_password:
> authentication for user [admin] ->  [root] ->  [root] succeeded Nov 14
> 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.605279,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:34 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: root
> Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.649251,  2]
> lib/access.c:406(check_access)
> Nov 14 16:37:34 hostname smbd[18542]:   Allowed connection from
> 10.0.0.203 (10.0.0.203)
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.054891,  2]
> rpc_server/srv_samr_nt.c:4124(_samr_LookupDomain)
> Nov 14 16:37:38 hostname smbd[18542]:   Returning domain sid for domain
> OFFICE ->  S-1-5-21-341473964-3919201715-2767564749
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.406066,  2]
> lib/smbldap_util.c:277(smbldap_search_domain_info)
> Nov 14 16:37:38 hostname smbd[18542]:   smbldap_search_domain_info:
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=OFFICE))]
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.453986,  2]
> passdb/pdb_ldap.c:1200(init_ldap_from_sam)
> Nov 14 16:37:38 hostname smbd[18542]:   init_ldap_from_sam: Setting
> entry for user: 7TEST1$
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.574143,  2]
> passdb/pdb_ldap.c:2384(ldapsam_add_sam_account)
> Nov 14 16:37:38 hostname smbd[18542]:   ldapsam_add_sam_account: added:
> uid == 7TEST1$ in the LDAP database
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.602310,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:38 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.608293,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:38 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.634266,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:38 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.635898,  2]
> passdb/pdb_ldap.c:1200(init_ldap_from_sam)
> Nov 14 16:37:38 hostname smbd[18542]:   init_ldap_from_sam: Setting
> entry for user: 7TEST1$
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.678490,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:38 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.744535,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 16:37:38 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 16:37:45 hostname smbd[18286]: [2010/11/14 16:37:45.253240,  1]
> smbd/server.c:240(cleanup_timeout_fn)
> Nov 14 16:37:45 hostname smbd[18286]:   Cleaning up brl and lock
> database after unclean shutdown
>
> This is where the error occurs:
> The following error occurred attempting to join the domain "office":
> A device attached to the system is not functioning.
>
> But, I've verified the workstation account is resident in the ldap database
> at this point:
>
> # ldapsearch -x -H ldap://${FQDNAME} -b "${LDAPBASEDN}"
> "(&(uid=7TEST1$)(objectClass=sambaSamAccount))" -D cn=config -w
> ${LDAPPASSWD} # extended LDIF # # LDAPv3 # base<dc=domain,dc=tld>  with
> scope subtree # filter: (&(uid=7TEST1$)(objectClass=sambaSamAccount))
> # requesting: ALL
> #
>
> # 7TEST1$, machines, domain.tld
> dn: uid=7TEST1$,ou=machines,dc=domain,dc=tld
> uid: 7TEST1$
> sambaSID: S-1-5-21-341473964-3919201715-2767564749-1008
> displayName: Workstation (7test1$)
> objectClass: sambaSamAccount
> objectClass: account
> sambaAcctFlags: [W          ]
> sambaNTPassword: 3E27124ADFFC14F8F96B48C49808C43A
> sambaPwdLastSet: 1289775897
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
> It is also resident in /etc/passwd. I'm not sure how to make samba stop
> adding it here yet :)
>
> $ grep -i 7test1 /etc/passwd
> 7test1$:x:10016:100:Workstation (7test1$):/nohome:/sbin/nologin
>
> Does anyone know how to make samba only write workstation accounts to ldap
> and not /etc/passwd?
> ---
>
> If I were now to (on the Win7 client) click OK to the error and re-attempt
> to add the machine to the domain it would be joined without failure.
>
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.250056,  2]
> lib/smbldap.c:950(smbldap_open_connection)
> Nov 14 17:04:56 hostname smbd[18542]:   smbldap_open_connection:
> connection opened
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.535673,  2]
> rpc_server/srv_samr_nt.c:4124(_samr_LookupDomain)
> Nov 14 17:04:56 hostname smbd[18542]:   Returning domain sid for domain
> OFFICE ->  S-1-5-21-341473964-3919201715-2767564749
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.540337,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:04:56 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.554429,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:04:56 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.569368,  2]
> passdb/pdb_ldap.c:1200(init_ldap_from_sam)
> Nov 14 17:04:56 hostname smbd[18542]:   init_ldap_from_sam: Setting
> entry for user: 7TEST1$
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.599912,  2]
> passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)
> Nov 14 17:04:56 hostname smbd[18542]:   ldapsam_update_sam_account:
> successfully modified uid = 7TEST1$ in the LDAP database Nov 14 17:04:56
> hostname smbd[18542]: [2010/11/14 17:04:56.602703,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:04:56 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.604196,  2]
> passdb/pdb_ldap.c:1200(init_ldap_from_sam)
> Nov 14 17:04:56 hostname smbd[18542]:   init_ldap_from_sam: Setting
> entry for user: 7TEST1$
> Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.941592,  2]
> passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)
> Nov 14 17:04:56 hostname smbd[18542]:   ldapsam_update_sam_account:
> successfully modified uid = 7TEST1$ in the LDAP database Nov 14 17:04:57
> hostname smbd[18542]: [2010/11/14 17:04:57.031499,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:04:57 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.072269,  2]
> passdb/pdb_ldap.c:1200(init_ldap_from_sam)
> Nov 14 17:04:57 hostname smbd[18542]:   init_ldap_from_sam: Setting
> entry for user: 7TEST1$
> Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.199951,  2]
> passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)
> Nov 14 17:04:57 hostname smbd[18542]:   ldapsam_update_sam_account:
> successfully modified uid = 7TEST1$ in the LDAP database Nov 14 17:04:57
> hostname smbd[18542]: [2010/11/14 17:04:57.268142,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:04:57 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.313315,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:04:57 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.359135,  2]
> passdb/pdb_ldap.c:1200(init_ldap_from_sam)
> Nov 14 17:04:57 hostname smbd[18542]:   init_ldap_from_sam: Setting
> entry for user: 7TEST1$
> Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.491592,  2]
> passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)
> Nov 14 17:04:57 hostname smbd[18542]:   ldapsam_update_sam_account:
> successfully modified uid = 7TEST1$ in the LDAP database Nov 14 17:05:00
> hostname smbd[18542]: [2010/11/14 17:05:00.966683,  2]
> lib/access.c:406(check_access)
> Nov 14 17:05:00 hostname smbd[18542]:   Allowed connection from
> 10.0.0.203 (10.0.0.203)
> Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.979326,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:05:00 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.982879,  2]
> ../libcli/auth/credentials.c:307(netlogon_creds_server_check_internal)
> Nov 14 17:05:00 hostname smbd[18542]:   credentials check failed
> Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.982981,  0]
> rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3)
> Nov 14 17:05:00 hostname smbd[18542]:   _netr_ServerAuthenticate3:
> netlogon_creds_server_check failed. Rejecting auth request from client
> 7TEST1 machine account 7TEST1$
> Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.988057,  2]
> passdb/pdb_ldap.c:572(init_sam_from_ldap)
> Nov 14 17:05:00 hostname smbd[18542]:   init_sam_from_ldap: Entry found
> for user: 7TEST1$
> Nov 14 17:05:08 hostname smbd[18542]: [2010/11/14 17:05:08.502178,  2]
> auth/auth.c:314(check_ntlm_password)
> Nov 14 17:05:08 hostname smbd[18542]:   check_ntlm_password:
> Authentication for user [7TEST1] ->  [7TEST1] FAILED with error
> NT_STATUS_NO_SUCH_USER
>
> After this I get a message, on the Win7 client, that says: Welcome to the
> domain: OFFICE.
>
> The message: "Authentication for user [7TEST1] ->  [7TEST1] FAILED with error
> NT_STATUS_NO_SUCH_USER" is just confusing.
> ---
>
> I'm not really sure what I'm doing wrong here. I can say that the attached
> smb.conf file is from a samba 3.0x install with a few additions to make it
> work quickly within my test environment (ldap ssl = off, etc). Its performed
> without fail for quite a long time.
>
> If someone could shed some light on:
>     q1: why does this error occur? and
>     q2: how do I configure samba ignore it? or, maybe better
>     q3: is there a better, more 'correct', solution for this problem?
>
> that would be helpful. The lack of a sound card driver doesn't seem like a
> legitimate hold-up for adding a machine to the domain.
>
> --
> Thanks for the assist,
>
> Todd E Thomas
> "It's a frail music knits the world together."
> -Robert Dana
>
>
>
>

More information about the samba mailing list