[Samba] win 7 join domain error

steve steve at steve-ss.com
Fri Nov 4 18:07:58 MDT 2011


i am trying to join a win 7 client to my samba pdc. Authentication is via ldap 
which is working fine.

I have added the two windows 7 registry items:

            DWORD  DomainCompatibilityMode = 1
            DWORD  DNSNameResolutionRequired = 0

I have a samba root passsword setup when I setup the samba PDC with Yast on 
opensuse 11.4. On the win 7 machine, I can see the home shares by typing e.g.


into windows explorer where hh1 is the domain name.

When I try to add the machine to the domain  get the win 7 error:

'The specified computer could not be found. Contact an administrator to verify 
if the account is in the domain. . .'

Root has a samba password which I specify when joining.

Could anyone help here?

My smb.conf is:

        workgroup = HH1
        map to guest = Bad User
        passdb backend = ldapsam:ldap://
        printcap name = cups
        add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody 
-s /bin/false %m$
        logon path = \\%L\profiles\.msprofile
        logon drive = P:
        logon home = \\%L\%U\.9xprofile
        domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        ldap admin dn = cn=admin,dc=com
        ldap group suffix = ou=group
        ldap idmap suffix = ou=Idmap
        ldap machine suffix = ou=Machines
        ldap passwd sync = yes
        ldap suffix = dc=com
        ldap ssl = no
        ldap timeout = 5
        ldap user suffix = ou=people
        usershare allow guests = Yes
        idmap backend = ldap:ldap://
        cups options = raw

        comment = Home Directories
        valid users = %S, %D%w%S
        read only = No
        inherit acls = Yes
        browseable = No

        comment = Network Profiles Service
        path = %H
        read only = No
        create mask = 0600
        directory mask = 0700
        store dos attributes = Yes

        comment = All users
        path = /home
        read only = No
        inherit acls = Yes
        veto files = /aquota.user/groups/shares/

        comment = All groups
        path = /home/groups
        read only = No
        inherit acls = Yes

        comment = All Printers
        path = /var/tmp
        create mask = 0600
        printable = Yes
        browseable = No

        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @ntadmin, root
        force group = ntadmin
        create mask = 0664
        directory mask = 0775

        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        write list = root

More information about the samba mailing list