[Samba] Samba PDC

[TAKAHASHI Motonobu]

2011/1/13 Robert Fitzpatrick <lists at webtent.net>:
>> If your Samba's version is 3.3.2 - 3.3.4, then the additional settings
>> below are needed:
>>
>>        HKLM\System\CCS\Services\Netlogon\Parameters
>>            DWORD  RequireSignOrSeal = 0
>>            DWORD  RequireStrongKey = 0
>>
>
> I am using Samba 3.5.6 and the registry entries above are as you show
> currently.

As I mentioned,

-----
If your Samba's version is 3.3.5 - and the registries above are set,
remove them and try again.
-----

You must set these 2 entries below:

-----
        HKLM\System\CCS\Services\LanmanWorkstation\Parameters
            DWORD  DomainCompatibilityMode = 1
            DWORD  DNSNameResolutionRequired = 0
-----

You must not set these 2 entries below:

-----
            DWORD  RequireSignOrSeal = 0
            DWORD  RequireStrongKey = 0
-----

In my knowledge, your error messages:

[2011/01/13 09:24:48.031223,  0]
rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3)
 _netr_ServerAuthenticate3: netlogon_creds_server_check failed.
Rejecting auth request from client COLUMBUS-LAPTOP machine account
COLUMBUS-LAPTOP$

occurs if you do not correctly set these 4 entries.
If you still have problem, I recommend to examine with simple settings
(not to use LDAP) like:

-----
[global]
   workgroup = WEBTENT
  domain logons = yes
  add machine script = useradd %u

[homes]
  writeable = yes
  browseable = no
-----

If your Windows 7 can join to Samba domain with the settings above, at
least you could know that
Windows 7 registries are correctly set.
---
TAKAHASHI Motonobu <monyo at samba.gr.jp>