[Samba] Cached credentials issues and domain and server name being interchanged

Mat Enders mat.enders at gmail.com
Sun Jan 22 08:05:53 MST 2012

Hello all,

        I am having some difficulties after migrating the PDC from one
server to another cached credentials no longer work.  Users used to be
able to take their laptops home and then logon using their cached
domain credentials.  Now when this is attempted now they get the error
that the GAUACA domain is not available.  All of the group policy
settings are set to allow cached logons and this used to work with the
exact same machines with the exact same GP settings.

       Also the domain name and the servers netbios names are becoming
confused.  We use RDP fairly extensively and to use RDP you have to be
added to the machine as a remote user.  When I add the staff member to
the machine they show up as GAUACA\[username] and then after the first
time they logon to that machine their name changes to
ARDVARC\[username].  GAUACA is the domain name and ARDVARC is the
netbios name of the server.  All works correctly on site users can
login to the domain from any machine that has been joined and works as
expected except for cached credentials.

See smb.conf below

	smb passwd file = /etc/samba/passdb.tdb
	enable privileges = yes
	logon drive = H:
	domain master = yes
	encrypt passwords = true
	logon home = \\%L\%U
	netbios name = ARDVARC
	server string = Gaudior's PDC
	logon script = logon.bat
	local master = yes
	workgroup = GAUACA
	logon path = \\%L\%U\profile
	os level = 99
	security = user
	add machine script = /usr/sbin/useradd -s /bin/false \-d /dev/null %u
	preferred master = yes
	domain logons = yes
	hide files = /desktop.ini/$RECYCLE.BIN/profile/profile.V2/profile.old/profile.V2.old/
	guest account = nobody
	map to guest = bad user
	wins support = yes

	comment = staff share drive
	path = /home/staff/share
	read only = no

	comment = student share by level
	path = /home/student/share
	read only = no

	comment = Net Logon Service
	path = /home/netlogon
	read only = yes
	write list = root
	public = yes
	guest ok = yes
	browsable = no

	comment = Home
	valid users = %S
	read only = no
	browsable = no

Mathew E. Enders

"Where once Samba and Apache sold Linux to the world they are now just
part of the plumbing.  But that's OK, plumbers make good money."
--Jeremy Allison

More information about the samba mailing list