Chris Herrmann
2001-Jan-23 23:57 UTC
let me say it really loud!!RE: can't login in mornings
Chris Herrmann asks: and I replied:> > if you don't use server authentication, but try and log into a samba boxin> it's own right how does it go?**you mean not have it go thru the NT pDC? or what ? please elaborate...thanks I mean, backup your smb.conf file, and then change password = server to password = user. Add a user: smbpasswd -a someuser where this user already exists in unix, and give them a password. Try connecting to yourself from the samba server: smbclient //sambaserver/share -U username where the aforementioned user has permission to use the share. You'll need to check this in two places - in the shares section of smb.conf, and on the disk : ls -la will tell you who can do what. If you can connect, then you've just done most of what isn't working for you elsewhere, from the machine. You should probably also try this before changing smb.conf to see what kind of errors you get, but using a username from the domain.> > A couple of things that have made logins slow/problematic for us in the > past:**here I have answered these questions:> > - Novell / IPX** we are using novell netware on the wire too...!!! I know. That's why I mentioned it. Unfortunately my solution was to get rid of Novell.> - Default protocol order - you don't want a client to try and find thesamba> server first by ipx and then by ip, as it will time out before the server > responds** default protocol order, in what ? the samba server? or the win9x boxes? we do not use NT workstation here at this company.... In Windows 9x/NT you can set a protocol to be the default protocol. Open up TCP/IP and tell it to be the default protocol.> - Does the samba server announce itself?** remote announce? yes it does, in this way: remote announce 192.168.0.255/discflo what is discflo? I'm not sure if you can use an acl for this. The IP address looks right though. We don't use it because it's the only smb server, but our relevant section looks like: ; remote browse sync = 192.168.3.25 192.168.5.255 ; remote announce = 192.168.1.255 192.168.2.44 local master = yes os level = 33 domain master = yes preferred master = yes domain logons = yes domain admin group = ntdomadm logon script = login.bat Note that we're a PDC here - you don't want to copy our PDC settings into the smb.conf file that is trying to talk to the NT PDC - they'll have a fight with each other. A couple of other thoughts - Have you added the samba machine to the domain - there's a process you have to go through to actually add the samba server to the domain. Not sure where the doco is for it though...> - Can you do a reverse lookup on clients - samba tries to do this, and ifit> doesn't find the name fast enough the client will miss the response.** I am a little insure what you mean by a reverse lookup, there are something I am still learning the terms to... I can ping by netbios name though.... When you ping a netbios name, what returns? Ideally you should get either an IP, or a fully qualified address. If not, samba may be telling workstations to go away because it can't verify who they are. There have been several posts earlier today on ways to get around this - browse through them for ideas. You'll> see lots of broken pipe/connection messages in machine.log** have looked for machine.log, can't find it. looking for samba logs..... where machine name == name_of_computer should be in /var/log/samba and will either be: log.machinename or machinename.log The samba log is: /var/log/samba/smb.log or possibly log.smb and well as nmb.log in the same place.
Chris Herrmann asks: and I replied:> > if you don't use server authentication, but try and log into a samba box in > it's own right how does it go?**you mean not have it go thru the NT pDC? or what ? please elaborate...thanks> > A couple of things that have made logins slow/problematic for us in the > past:**here I have answered these questions:> > - Novell / IPX** we are using novell netware on the wire too...!!!> - Default protocol order - you don't want a client to try and find the samba > server first by ipx and then by ip, as it will time out before the server > responds** default protocol order, in what ? the samba server? or the win9x boxes? we do not use NT workstation here at this company....> - is samba using the wins server, and have you disabled it's internal wins > server?yes it is usiing the WINS server, and no it is not acting as a WINS server....> - Are clients using the wins server?yes they are.....> - Does the samba server announce itself?** remote announce? yes it does, in this way: remote announce 192.168.0.255/discflo> - Can you do a reverse lookup on clients - samba tries to do this, and if it > doesn't find the name fast enough the client will miss the response.** I am a little insure what you mean by a reverse lookup, there are something I am still learning the terms to... I can ping by netbios name though.... You'll> see lots of broken pipe/connection messages in machine.log** have looked for machine.log, can't find it. looking for samba logs.....> > -----Original Message----- > From: samba-admin@lists.samba.org [mailto:samba-admin@lists.samba.org]On > Behalf Of Larry Clark > Sent: Wednesday, 24 January 2001 10:16 > To: samba@lists.samba.org > Subject: let me say it really loud!!RE: can't login in mornings > > What is the use of having samba as a server if every morning I have to > go around to everyones computer and re map the dirves they need? not > much good in a production setting is it? well I have sent this letter to > the whole samba team, maybe they will get a clue and work on > it......hummmmm???? > > Larry Clark wrote: > > > > I am trying this one again, I have a 10/100 mg switched network, NT and > > novell also run on it. I have two(2) samba servers on the network. in > > the mornings, when people come in and try to logon, they can logon to > > the NT and novell servers, yet the logon to the samba servers are slow, > > and most of the time they cannot connect and ask if next time they want > > to try to connect, obviuosly they say yes, but this time after the whole > > weekend, they all came in and cannot lo in. even if I go into the > > windows explorer and click on the red x'ed out share, they sometimes > > still don't connect. we have a WINS server on the wire for name > > resolution, and there is a PDC which the samba server has an account. > > for the life of me, I can't map a drive and consistently have it connect > > after the night. mornings are a night mare and noone can connect, any > > one else have this problem? thanks....