[Samba] session setup failed: NT_STATUS_LOGON_FAILURE
Rowland Penny
rowlandpenny241155 at gmail.com
Wed Nov 4 14:55:00 UTC 2015
On 04/11/15 14:34, Roger Wu wrote:
>
>
>
>
> Doh! now you have raised more questions :-D
>
> First, the more users that you have, the harder it gets to
> maintain them in a workgroup, about 8 users is the maximum from my
> experience. Some of them will never use more than one machine, but
> most will move from one machine to another and so they will have
> to have login details on *all* machines they will log into. This
> is where a domain comes in, you create the user in one place and
> the user can then login everywhere.
>
>
> I don't really get it. Maybe I misinterpret what you said.
> If our samba server works, users only want to access samba service
> using their own PC,
> that's what they need, they are not allowed to use others' PCs but
> their own.
>
> And yes, users can move from one machine to another, that's how a
> domain works,
> but we don't need to provide samba service between Workstation,
> only one way access from PCs to Workstations is needed for users.
>
> I am not worried about users limitation, it's just as I said that not
> so many users need this service.
> If so, I'll figure it out.
>
>
> Now we come to the new questions, will the Unix machines need to
> be part of the domain ?
>
>
> What do you mean "to be part of the domain"?
> We have unix/linux machines in each NIS domain, they are a part of
> their domain.
> Could you define your question more precisely?
>
> You mention that they are in different domains, do you mean
> domains or do you mean workgroups?
>
> What I mean is NIS domain. We have three different domains, so I plan
> to start up one samba server for each domain separately
> As for workgroup, we only have one workgroup for windows, so it won't
> be an issue.
>
> Are any machines in a windows domain already?
>
> No.
>
> Finally, if you cannot set up a new domain, do your users need to
> own files on your samba server or do they just need to read &
> store files on the samba server.
>
> Rowland
>
> They just need to read & store files on the samba server.
>
> Regards,
> Roger
>
OK, from what you have posted, you have Unix & windows workstations and
they are in groups. You will probably be better of creating a new AD
domain with a number of sites, you can use the DCs to authenticate all
the users & groups and if push comes to shove, use the DCs as
fileservers. Your users would log into their workstation (either windows
or Unix) and have all their data to hand, the windows users would use
the standard AD capabilities and the Unix users would use the RFC2307
attributes that are built into a Samba AD as standard.
This will give you is centralisation of user & group maintenance, your
users info will exist in just one place, you only need to add a user
once, you can do it without leaving your chair, unlike a WORKGROUP,
where you will have to visit *every* workstation or server that a user
will connect to. I have been there, done that and my workgroup was
scattered over three counties! It isn't easy.
Rowland
More information about the samba
mailing list