[Samba] From 3.0.11 to up-to-date versions protocol problem
Michal Hajek
Hajek67 at gmail.com
Sun Oct 13 03:27:25 MDT 2013
Hi.
We have been using samba 3.0.11 for years and now we need to add some win7
machines to our domain.
So I test up-to-date Samba versions (3.6.19, 4.1.0 compiled, and Centos
today "native" binary package 3.6.something) and with all of them I run
into the same problem.
I get stuck with protocols when checking XP machines (which works like a
charm in 3.0.11 domain)
When max protocol is NT1 (as in 3.0.11), I can add XP into domain, but can
not do domain logon nor "net view /DOMAIN:NIS7" -> the domain is not longer
available. "Net view /DOMAIN:NIS" works good - NIS is 3.0.11 samba domain.
When I set protocol to LANMAN2, "net view" shows my SAMBA7 server, I can
log into domain from already-in-domain XP, but I can not add the XP into
domain, when it was removed from it - with "incorrect parameter" message.
(The XP is in LDAP and can join the domain with max protocol NT1, as I
said).
I have tried many combinations of options, but with no luck. I suppose NT1
should be used as max protocol, is it right? Where can be the problem with
logging into domain and "net view" command then? I did wiresharking,
tcpdumping, log reading, googling for days...
Thanks,
Michal
This is my global section right now.
[global]
dos charset = CP852
unix charset = ISO8859-2
workgroup = NIS7
server string =
passdb backend = ldapsam:ldap://10.200.11.11
lanman auth = Yes
syslog = 0
log file = /var/log/samba/%m.log
max log size = 50
max protocol = LANMAN2
name resolve order = host bcast
server signing = auto
socket options = TCP_NODELAY,SO_KEEPALIVE
add user script = /usr/sbin/useradd -d /dev/null -g users -s
/bin/false -M %u
add machine script = /usr/local/bin/AM %u
logon script = smbprofile.bat
logon path = \\%h\home\profiles\%U
logon drive = S:
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
dns proxy = No
ldap admin dn = cn=Manager,dc=nspuh,dc=cz
ldap group suffix = ou=groups
ldap machine suffix = ou=machines
ldap suffix = dc=nspuh,dc=cz
ldap ssl = no
ldap user suffix = ou=people
allow insecure wide links = Yes
panic action = /usr/share/samba/panic-action %d
template homedir = /profiles/DEFAULT
idmap config * : range =
idmap config * : backend = tdb
admin users = root
root preexec = /usr/local/bin/RPE '%u' 'GLOBALS' >>
/var/log/RPE.log 2>&1
wide links = Yes
More information about the samba
mailing list