[Samba] Samba 4.2.6 PDC+Ldap Upgrade Reject Windows XP Boxes
Periko Support
pheriko.support at gmail.com
Fri Apr 13 05:06:28 UTC 2018
This log took my attention in smbd.log:
[2018/04/12 22:04:50.021325, 3] ../source3/lib/util_procid.c:54(pid_to_procid)
pid_to_procid: messaging_dgm_get_unique failed: No such file or directory
[2018/04/12 22:04:53.832454, 3] ../lib/util/access.c:361(allow_access)
Allowed connection from 192.168.1.102 (192.168.1.102)
[2018/04/12 22:05:02.461101, 3] ../lib/util/access.c:361(allow_access)
Allowed connection from 192.168.1.116 (192.168.1.116)
[2018/04/12 22:05:02.517512, 3] ../source3/lib/util_procid.c:54(pid_to_procid)
pid_to_procid: messaging_dgm_get_unique failed: No such file or directory
This is one of the xp machines.
On Thu, Apr 12, 2018 at 9:57 PM, Periko Support
<pheriko.support at gmail.com> wrote:
> Hi guys.
>
> I finally upgrade my old centos 6 as PDC with samba 3.6.x+LDAP 2.3.X
> to centos 7 with Samba 4.6.2 and ldap 2.4
>
> All my windows 7,8,10, Winserver 2012 R2 are working no issue, users
> can login and see share folders and share printers.
>
> But I still have 2 machines running windows xp pro(this month will be
> the end finally) that can login into the domain but they cannot see
> share folders and printers.
>
> Every time they try to access any machine or share folders on servers,
> the system request to input the username+password.
>
> I had check my settings but don't detect which parameter affect this OS.
>
> My smb.conf is this one:
>
> [global]
> workgroup = MYDOMAIN
> server string = PDC Domain Controller
> netbios name = PDC-SRV
> hosts allow = 192.168.1. 192.168.2. 127.
> interfaces = enp3s0 lo0
> bind interfaces only = Yes
> hosts deny = 0.0.0.0
> smb ports = 139 445
> remote announce = 192.168.1.255
> lanman auth = Yes
> client lanman auth = Yes
> security=USER
> server max protocol=NT1
> server min protocol=CORE
> allow trusted domains = Yes
> socket options = IPTOS_LOWDELAY TCP_NODELAY
> # passwd backend
> encrypt passwords = yes
> passdb backend = ldapsam:ldap://127.0.0.1/
> pam password change= Yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *New*UNIX*password* %nn
> *ReType*new*UNIX*password* %nn *
> passwd:*all*authentication*tokens*updated*successfully*
> unix password sync = Yes
>
> # Log options
> log level = 3
> log file = /var/log/samba/%m.log
> max log size = 2048
> # syslog = 1
>
> # Name resolution
> name resolve order = wins bcast hosts lmhost
>
> # misc
> time server = No
> # socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> use sendfile = yes
> # Dos-Attribute
> map hidden = No
> map system = No
> map archive = No
> map read only = No
> store dos attributes = Yes
> Map to Guest = Bad User
>
> # printers - configured to use CUPS and automatically load them
> load printers = No
> printcap name =
> # printing =
> cups options =
> show add printer wizard = No
> add user script = /usr/sbin/smbldap-useradd -m %u
> delete user script = /usr/sbin/smbldap-userdel %u
> add group script = /usr/sbin/smbldap-groupadd -p %g
> delete group script = /usr/sbin/smbldap-groupdel %g
> add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
> delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
> set primary group script = /usr/sbin/smbldap-usermod -g %g %u
> add machine script = /usr/sbin/smbldap-useradd -w %u
>
> # LDAP-iConfiguration
> #ldap delete dn = Yes
> ldap ssl = off
> ldap passwd sync = Yes
> ldap suffix = dc=MYDOMAIN,dc=com
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=Users
> ldap group suffix = ou=Groups
> ldap idmap suffix = ou=Idmap
> ldap admin dn = cn=root,dc=MYDOMAIN,dc=com
>
> # setting up as domain controller
> username map = /etc/samba/usermap
> preferred master = Yes
> wins support = Yes
> winbind nested groups = Yes
> ea support = Yes
> domain logons = Yes
> domain master = Yes
> local master = Yes
> map acl inherit = Yes
> unix charset = UTF8
> case sensitive = No
>
> [netlogon]
> comment = Network Logon Service
> path = /home/samba/netlogon
> Locking = no
>
> [homes]
> comment = Home Directories
> valid users = %S
> read only = No
> browseable = No
>
> Any recommendation will be appreciated, thanks.
More information about the samba
mailing list