[Samba] XP auto enrollment error; TEMP profile
Achim Gottinger
achim at ag-web.biz
Sun Oct 1 22:06:41 UTC 2017
Seems to be an old problem
http://www.eventid.net/display-eventid-15-source-AutoEnrollment-eventno-1397-phase-1.htm
Am 30.09.2017 um 03:27 schrieb ToddAndMargo via samba:
> Dear list,
>
> Help!
>
> I just upgrade a samba server.
>
> Server:
> Fedora 26
> samba-4.6.8-0.fc26.x86_64
>
> Workstations (5 of them):
> XP Pro SP3
>
> The old server was set up as a Domain controller. I copied the
> smb.conf over to the new server.
>
> The XP workstations can see and mount everything.
>
> On the workstations, I removed myself from the old domain and rebooted,
> powered off the old server, reattached to the domain.
>
> Problem: when I log into the domain, I get the following in my error
> log and I get a stinking TEMP directory/profile.
>
> Event Type: Error
> Event Source: AutoEnrollment
> Event Category: None
> Event ID: 15
> Date: 9/29/2017
> Time: 4:33:10 PM
> User: N/A
> Computer: CURTIS-SCREW
> Description:
> Automatic certificate enrollment for local system failed to contact
> the active directory (0x8007054b). The specified domain either does
> not exist or could not be contacted.
> Enrollment will not be performed.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
> Removing the temp profile for the registry and erasing the
> TEMP director from Doc and Setting and rebooting does not help.
>
> What am I doing wrong?
>
> -T
>
> my smb.conf:
>
> [global]
> workgroup = xxxxx
> server string = Fedora Samba Server
> volume = Fedora Core, %v
> comment = Samba (NetBIOS) Server on FedoraServer.xxxx.com
> netbios name = FedoraServer
> dns forwarder = 192.168.255.12
> allow dns updates = nonsecure
> interfaces = eno1 127.0.0.1
> hosts deny = ALL
> hosts allow = 192.168.255. 127.0.0.
> lanman auth = yes
> ntlm auth = yes
> printcap name = /etc/printcap
> show add printer wizard = No
> load printers = yes
> printing = BSD
> guest account = pcguest
> log file = /var/log/samba/samba-log.%m
> log level = 4 passdb:10 auth:10
> follow symlinks = yes
> wide links = no
> locking = yes
> strict locking = no
> security = user
> smb passwd file = /etc/samba/smbpasswd
> unix password sync = Yes
> passwd program = /usr/bin/passwd %u
> passdb backend = smbpasswd
> username map = /etc/samba/smbusers
> os level = 64
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> idmap config * : backend = tdb
> idmap config * : range = 1000000-1999999
> add user script = /usr/sbin/useradd -m -G users '%u'
> delete user script = /usr/sbin/userdel -r '%u'
> add group script = /usr/sbin/groupadd '%g'
> delete group script = /usr/sbin/groupdel '%g'
> add user to group script = /usr/sbin/usermod -A '%g' '%u'
> add machine script = /usr/sbin/useradd -s /bin/false -d
> /var/lib/nobody '%u'
> logon script = scripts/logon.bat
> logon path = /exports/netlogon
> logon drive = X:
> wins support = yes
> name resolve order = host
> dns proxy = yes
> deadtime = 20160
> force create mode = 0000
> create mode = 0777
> force directory mode = 0000
> directory mode = 0777
> map archive = yes
> map system = yes
> map hidden = yes
>
> [profiles]
> # https://www.ccs.uky.edu/docs/samba.htm
> # create mode = 0600
> # directory mode = 0700
> create mode = 0777
> directory mode = 0777
> path = /exports/profiles/
> profile acls = yes
> read only = no
> writable = yes
>
> [public]
> comment = Public on xxxxx FedoraServer -- Mount as F:
> path = /exports/public
> valid users = @users
> write list = @users
> force group = users
> force user = public
> locking = yes
> oplocks = no
> fake oplocks = no
> level2 oplocks = no
> strict locking = no
> blocking locks = no
> public = no
> writable = yes
> printable = no
> browseable = yes
> create mode = 0777
> force directory mode = 0000
> directory mode = 0777
> map archive = yes
> map system = yes
> map hidden = yes
>
> [homes]
> comment = %u.%G' Home/Documents Directory -- Typically mount as G:
> (UH)
> path=/home/%u/Documents
> valid users = @users
> write list = @users
> read only = no
> create mode = 0750
> public = no
> writable = yes
> printable = no
> browseable = no
>
> create mode = 0777
> force directory mode = 0000
> directory mode = 0777
> map archive = yes
> map system = yes
> map hidden = yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = no
> public = yes
> guest ok = no
> writeable = no
> printable = yes
>
> [netlogon]
> comment = Network Logon Service (X:)
> path = /exports/netlogon
> public = no
> writeable = no
> # set browable to "no" if you don't want everyone to be able to
> browse the scripts
> browsable = yes
>
>
>
>
>
>
>
More information about the samba
mailing list