[Samba] Samba 4.2.6 PDC+Ldap Upgrade Reject Windows XP Boxes

Periko Support pheriko.support at gmail.com
Fri Apr 13 05:06:28 UTC 2018 

This log took my attention in smbd.log:

[2018/04/12 22:04:50.021325,  3] ../source3/lib/util_procid.c:54(pid_to_procid)
  pid_to_procid: messaging_dgm_get_unique failed: No such file or directory
[2018/04/12 22:04:53.832454,  3] ../lib/util/access.c:361(allow_access)
  Allowed connection from 192.168.1.102 (192.168.1.102)
[2018/04/12 22:05:02.461101,  3] ../lib/util/access.c:361(allow_access)
  Allowed connection from 192.168.1.116 (192.168.1.116)
[2018/04/12 22:05:02.517512,  3] ../source3/lib/util_procid.c:54(pid_to_procid)
  pid_to_procid: messaging_dgm_get_unique failed: No such file or directory

This is one of the xp machines.

On Thu, Apr 12, 2018 at 9:57 PM, Periko Support
<pheriko.support at gmail.com> wrote:
> Hi guys.
>
> I finally upgrade my old centos 6 as PDC with samba 3.6.x+LDAP 2.3.X
> to centos 7 with Samba 4.6.2 and ldap 2.4
>
> All my windows 7,8,10, Winserver 2012 R2 are working no issue, users
> can login and see share folders and share printers.
>
> But I still have 2 machines running windows xp pro(this month will be
> the end finally) that can login into the domain but they cannot see
> share folders and printers.
>
> Every time they try to access any machine or share folders on servers,
> the system request to input the username+password.
>
> I had check my settings but don't detect which parameter affect this OS.
>
> My smb.conf is this one:
>
> [global]
>         workgroup = MYDOMAIN
>         server string = PDC Domain Controller
>         netbios name = PDC-SRV
>         hosts allow = 192.168.1. 192.168.2. 127.
>         interfaces = enp3s0 lo0
>         bind interfaces only = Yes
>         hosts deny = 0.0.0.0
>         smb ports = 139 445
>         remote announce = 192.168.1.255
>         lanman auth = Yes
>         client lanman auth = Yes
>         security=USER
>         server max protocol=NT1
>         server min protocol=CORE
>         allow trusted domains = Yes
>         socket options = IPTOS_LOWDELAY TCP_NODELAY
> # passwd backend
>         encrypt passwords = yes
>         passdb backend = ldapsam:ldap://127.0.0.1/
>         pam password change= Yes
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*UNIX*password* %nn
> *ReType*new*UNIX*password* %nn *
> passwd:*all*authentication*tokens*updated*successfully*
>         unix password sync = Yes
>
> # Log options
>         log level = 3
>         log file = /var/log/samba/%m.log
>         max log size = 2048
> #        syslog = 1
>
> # Name resolution
>         name resolve order = wins bcast hosts lmhost
>
> # misc
>         time server = No
> #        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         use sendfile = yes
> # Dos-Attribute
>         map hidden = No
>         map system = No
>         map archive = No
>         map read only = No
>         store dos attributes = Yes
>         Map to Guest = Bad User
>
> # printers - configured to use CUPS and automatically load them
>         load printers = No
>         printcap name =
> # printing =
>         cups options =
>         show add printer wizard = No
>         add user script = /usr/sbin/smbldap-useradd -m %u
>         delete user script = /usr/sbin/smbldap-userdel %u
>         add group script = /usr/sbin/smbldap-groupadd -p %g
>         delete group script = /usr/sbin/smbldap-groupdel %g
>         add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
>         delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
>         set primary group script = /usr/sbin/smbldap-usermod -g %g %u
>         add machine script = /usr/sbin/smbldap-useradd -w %u
>
> # LDAP-iConfiguration
> #ldap delete dn = Yes
>         ldap ssl = off
>         ldap passwd sync = Yes
>         ldap suffix = dc=MYDOMAIN,dc=com
>         ldap machine suffix = ou=Computers
>         ldap user suffix = ou=Users
>         ldap group suffix = ou=Groups
>         ldap idmap suffix = ou=Idmap
>         ldap admin dn = cn=root,dc=MYDOMAIN,dc=com
>
> # setting up as domain controller
>         username map = /etc/samba/usermap
>         preferred master = Yes
>         wins support = Yes
>         winbind nested groups = Yes
>         ea support = Yes
>         domain logons = Yes
>         domain master = Yes
>         local master = Yes
>         map acl inherit = Yes
>         unix charset = UTF8
>         case sensitive = No
>
> [netlogon]
>         comment = Network Logon Service
>         path = /home/samba/netlogon
>         Locking = no
>
> [homes]
>         comment = Home Directories
>         valid users = %S
>         read only = No
>         browseable = No
>
> Any recommendation will be appreciated, thanks.

More information about the samba mailing list