Hey there Listmembers
Im writing this because i havnt been able to solve my problem.
Im trying to set up a samba server as PDC and im using samba 2.2.3a
from debian "woody". ive attached my smb.conf file.
The problem :
When i try to join a win2k box to the domain i get this error :
"The specified network passwords is not correct" Ofcourse ive
doublecheck if the password im using is ok and it is.
Here is the output from log.smb :
Requested protocol [Windows for Workgroups 3.1a]
negprot index=5
smb_flg=136
smb_bcc=13
size=184
smb_mid=64
smt_wct=13
sesssetupX:name=[root]
Home server: nas
smb_password_ok: Checking SMB password for user root
smb_password_ok: challenge received
smb_password_ok: Checking NT MD4 password
smb_password_ok: NT MD4 password check succeeded
smb_pam_start: PAM: Init user: root
smb_pam_start: PAM: setting rhost to: mads
smb_pam_start: PAM: setting tty
smb_pam_start: PAM: Init passed for user: root
smb_pam_account: PAM: Account Management for User: root
smb_pam_account: PAM: Account OK for User: root
smb_pam_end: PAM: PAM_END OK.
user token sid S-1-5-11
Clearing default real name
User name: root Real name: root
smb_pam_start: PAM: Init user: root
smb_pam_start: PAM: setting tty
smb_pam_start: PAM: Init passed for user: root
smb_pam_end: PAM: PAM_END OK.
Chained message
size=184
smb_mid=64
smt_wct=4
smb_bcc=18
Got device type ?????
authorise_login: ACCEPTED: guest account and guest ok (nobody)
get_current_groups: user is in 1 groups: 65534
get_current_groups: user is in 1 groups: 65534
get_share_security: using default secdesc for IPC$
se_access_check: also S-1-5-11
Initialising default vfs hooks
Can't become connected user!
Yielding connection to IPC$
error string = No such file or directory
size=83
smb_flg=136
smb_mid=64
smt_wct=3
smb_bcc=36
Transaction 3 of length 43
smb_pam_start: PAM: Init user: root
smb_pam_start: PAM: setting tty
smb_pam_start: PAM: Init passed for user: root
smb_pam_end: PAM: PAM_END OK.
smb_flg=136
receive_smb error (Success) exiting
Closing connections
Yielding connection to
Server exit (normal exit)
I dont really know what this means? If anyone could help it would be
really cool. Please mail me for additional information or higher
loglevel output (this is 4 i think?)
smb.conf :
[global]
# Change this for the workgroup/NT-domain name your Samba server will part of
netbios name = NAS
workgroup = TEST
os level = 64
preferred master = yes
domain master = yes
local master = yes
interfaces = 192.168.10.73/24
domain logons = yes
add user script = /usr/sbin/useradd -d /dev/null -s /bin/false -g 900 %u
domain admin group = root
# where to store user profiles?
logon path = \\$N\$U\.profile
; where is a user's home directory and where should it be mounted at?
logon drive = H:
logon home = \\%N\%U
# server string is the equivalent of the NT Description field
server string = %h server (Samba %v)
invalid users = root
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Debug level
log level = 5
# Put a capping on the size of the log files (in Kb).
max log size = 1000
# If you want Samba to log though syslog only then set the following
# parameter to 'yes'. Please note that logging through syslog in
# Samba is still experimental.
; syslog only = no
# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smb,nmb} instead. If you want to log
# through syslog you should set the following parameter to something higher.
syslog = 0
# "security = user" is always a good idea. This will require a Unix
account
# in this server for every user accessing the server. See
# security_level.txt for details.
; security = user
# You may wish to use password encryption. Please read ENCRYPTION.txt,
# Win95.txt and WinNT.txt in the Samba documentation. Do not enable this
# option unless you have read those documents
encrypt passwords = yes
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /home/samba/etc/smb.conf.%m
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY
# --- Browser Control Options ---
# Please _read_ BROWSING.txt and set the next four parameters according
# to your network setup. The defaults are specified below (commented
# out.) It's important that you read BROWSING.txt so you don't break
# browsing in your network!
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = yes
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 20
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = auto
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = auto
# --- End of Browser Control Options ---
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS
Server
; wins support = no
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no
# What naming service and in what order should we use to resolve host names
# to IP addresses
name resolve order = lmhosts host wins bcast
# Name mangling options
; preserve case = yes
; short preserve case = yes
# This boolean parameter controlls whether Samba attempts to sync. the Unix
# password with the SMB password when the encrypted SMB password in the
# /etc/samba/smbpasswd file is changed.
; unix password sync = false
# For Unix password sync. to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Augustin Luton <aluton@hybrigenics.fr>
for
# sending the correct chat script for the passwd program in Debian Potato).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
; pam password change = no
# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f"
"%m" %s; rm %s' &
obey pam restrictions = yes
# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
; winbind uid = 10000-20000
; winbind gid = 10000-20000
; template shell = /bin/bash
#======================= Share Definitions ======================
[homes]
comment = Home Directories
browseable = no
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
writable = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0700
# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
[netlogon]
comment = Network Logon Service
path = /raid/filserver/netlogon
guest ok = yes
writable = no
share modes = no
read only = yes
write list = ntadmin,root,administrator
#[profiles]
# path = /raid/samba/ntprofile
# read only = no
# create mask = 0600
# directory mask = 0700
--
Venlig hilsen/Kind regards
Thomas Kirk
ARKENA
thomas(at)arkena(dot)com
Http://www.arkena.com
BOFH excuse #331:
those damn racoons!