[Samba] Problems connecting win7 client to new Samba PDC

Brandon bstepp at mindgrub.com
Thu Aug 9 08:37:02 MDT 2012 

 > did you make the appropriate registry changes on Win 7 as per
 > http://wiki.samba.org/index.php/Windows7

Yes, I've downloaded the 3.6.3 script and ran it on the client, as well 
as manually checked that the settings were only the two described in the 
wiki article

 > Have you tried adding a machine account for your CLIENTPC
 > i.e.  #> pdbedit -a -m -u CLIENTPC

Yes, I let the account be auto-generated when connecting to the domain. 
  I should have specified that there are other users I didn't include in 
the print out.  Here is the machine account from pdbedit (note that I 
changed the logon script in smb.conf from .cmd to .bat a few minutes 
ago, and the update can be seen here):

---------------
Unix username:        CLIENTPC$
NT username:
Account Flags:        [W          ]
User SID:             S-1-5-21-2762049607-2166809996-183419993-1001
Primary Group SID:    S-1-5-21-2762049607-2166809996-183419993-513
Full Name:            CLIENTPC$
Home Directory:
HomeDir Drive:
Logon Script:         logon.bat
Profile Path:
Domain:               MYWORKGROUP
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Wed, 06 Feb 2036 10:06:39 EST
Kickoff time:         Wed, 06 Feb 2036 10:06:39 EST
Password last set:    Wed, 08 Aug 2012 13:44:36 EDT
Password can change:  Wed, 08 Aug 2012 13:44:36 EDT
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
---------------

Also, I've got a bit more information from the log.CLIENTPC:

[2012/08/09 10:14:56.686577,  0] 
rpc_server/srv_pipe.c:500(pipe_schannel_auth_bind)
   pipe_schannel_auth_bind: Attempt to bind using schannel without 
successful serverauth2
[2012/08/09 10:14:56.794994,  0] 
rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3)
   _netr_ServerAuthenticate3: netlogon_creds_server_check failed. 
Rejecting auth request from client CLIENTPC machine account CLIENTPC$


There are also a number of windows events:

--- begin windows events paste ---
The winlogon notification subscriber <Profiles> failed a critical 
notification event.
Windows cannot copy file C:\Users\Default\NTUSER.DAT to location 
C:\Users\myadmin\NTUSER.DAT. This error may be caused by network 
problems or insufficient security rights.
Windows cannot copy file \\?\C:\Users\Default\Videos to location 
\\?\C:\Users\myadmin\Videos. This error may be caused by network 
problems or insufficient security rights.
Windows cannot copy file \\?\C:\Users\Default\Saved Games to location 
\\?\C:\Users\myadmin\Saved Games. This error may be caused by network 
problems or insufficient security rights.
<Note: To keep e-mail shorter I won't paste them all, but the last 
events repeat with a bunch of similar directories>
There are too many profile copy errors. Refer to the previous events for 
details. Windows will not log any additional copy errors for this copy 
process.
Windows cannot find the local profile and is logging you on with a 
temporary profile. Changes you make to this profile will be lost when 
you log off.
Windows cannot copy file C:\Users\Default\NTUSER.DAT to location 
C:\Users\TEMP.MYWORKGROUP\NTUSER.DAT. This error may be caused by 
network problems or insufficient security rights.
<Note: This last event again repeats with a number of similar directories>
There are too many profile copy errors. Refer to the previous events for 
details. Windows will not log any additional copy errors for this copy 
process.
Windows cannot log you on because your profile cannot be loaded. Check 
that you are connected to the network, and that your network is 
functioning correctly.
The winlogon notification subscriber <Sens> failed a notification event.
--- end windows events paste ---

More information about the samba mailing list