[Samba] Windows 7 Samba 3.5.5 and IPC$

Vasiliy Ozerov fr33m2n at gmail.com
Wed Oct 6 05:00:50 MDT 2010 

Good day.

I have a problem with connecting Samba 3.5.5 and Windows 7. First of
all I have added DomainCompatibilityMode and DNSNameResolutionRequired
to windows registry. After that i tried to connect windows to samba
domain, but without any results. And some time ago I see, that I can't
access Samba shares with right login and password. Windows 7
diagnostik says that It can't find \\spider\IPC$.. Spider is netbios
name of my PDC. Here is smb.conf and log file:

smb.conf:

[global]
        dos charset = cp866
        unix charset = koi8-r
        display charset = koi8-r
        workgroup = TEACHERS
        server string = Documents
        password server = 192.168.1.250
        passdb backend = ldapsam:ldap://192.168.1.250/
        lanman auth = Yes
        client NTLMv2 auth = Yes
        log level = 3
        log file = /var/log/samba/log.%m
        max log size = 500
        max protocol = SMB2
        time server = Yes
        add user script = /usr/sbin/smbldap-useradd -m "%u"
        add group script = /usr/sbin/smbldap-groupadd -p "%g"
        add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
        delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
        set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
        add machine script = /usr/sbin/smbldap-useradd -w "%u"
        logon script = all.bat
        logon path = \\%L\Profiles\%U\%m\%a
        logon drive = Z:
        logon home = \\%L\Profiles\%U\%m\%a
        domain logons = Yes
        os level = 128
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins proxy = Yes
        wins support = Yes
        ldap admin dn = "cn=config"
        ldap delete dn = Yes
        ldap group suffix = ou=groups
        ldap machine suffix = ou=computers
        ldap passwd sync = yes
        ldap suffix = dc=spider,dc=teachers
        ldap ssl = no
        ldap user suffix = ou=people
        admin users = fr33man
        hosts allow = 192.168.1., 192.168.3., 127.

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[netlogon]
        comment = Network Logon Service
        path = /etc/samba/netlogon/
        guest ok = Yes
        browseable = No

[Profiles]
        path = /data/home
        read only = No
        create mask = 0600
        directory mask = 0700
        guest ok = Yes
        browseable = No

[data]
        comment = Dump of files
        path = /data/data
        invalid users = @Internet
        read list = @People, @wheel
        write list = @People, @wheel
        read only = No
        create mask = 0666
        directory mask = 0777
        guest ok = Yes
        vfs objects = full_audit
        full_audit:priority = notice
        full_audit:facility = local5
        full_audit:success = connect disconnect opendir mkdir rmdir
closedir open close read pread write pwrite sendfile rename unlink
chmod fchmod chown fchown chdir ftruncate lock symlink readlink link
mknod realpath
        full_audit:failure = none
        full_audit:prefix = %u|%I

[Progs]
        comment = Dump of files
        path = /data/tst
        invalid users = @Internet
        read list = @People, @wheel, admin
        write list = fr33man, slv, admin, ram_zes, allienzuzweit
        create mask = 0664
        directory mask = 0775
        guest ok = Yes

[IPC$]
        hosts allow = 192.168.1.0/24, 127.0.0.0/8
        available = No



log.cab-312-test1 (windows 7 machine):

[2010/10/06 14:52:15.293125,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.293145,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.293177,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.293213,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.293263,  3] smbd/service.c:1070(make_connection_snum)
  cab-312-test1 (::ffff:192.168.1.192) connect to service IPC$
initially as user fr33man (uid=0, gid=10001) (pid 27949)
[2010/10/06 14:52:15.293291,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.294862,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.294992,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 10001) : sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295016,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(14027) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.295036,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295070,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.295115,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 10001) : sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295139,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(14027) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.295158,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.295195,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.296934,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.674484,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.674599,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 10001) : sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.674624,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(14027) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.674644,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.674690,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.674748,  3] smbd/sec_ctx.c:210(push_sec_ctx)
  push_sec_ctx(0, 10001) : sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.674771,  3] smbd/uid.c:429(push_conn_ctx)
  push_conn_ctx(14027) : conn_ctx_stack_ndx = 0
[2010/10/06 14:52:15.674791,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/10/06 14:52:15.674825,  3] smbd/sec_ctx.c:418(pop_sec_ctx)
  pop_sec_ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:52:15.676548,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 10001) - sec_ctx_stack_ndx = 0
[2010/10/06 14:53:15.270241,  2] smbd/process.c:2216(deadtime_fn)
  Closing idle connection
[2010/10/06 14:53:15.270410,  3] smbd/server.c:146(msg_exit_server)
  got a SHUTDOWN message
[2010/10/06 14:53:15.270437,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/10/06 14:53:15.270476,  3] smbd/connection.c:31(yield_connection)
  Yielding connection to
[2010/10/06 14:53:15.270513,  3] smbd/connection.c:42(yield_connection)
  deleting connection record returned NT_STATUS_NOT_FOUND
[2010/10/06 14:53:15.270651,  3] smbd/server.c:902(exit_server_common)
  Server exit (normal exit)

There is option available In IPC$ section, nut I cant change value
"No" to value "Yes".

What can I do in this situation?

-- 
WBR, Ozerov Vasiliy aka fr33man.

More information about the samba mailing list