Samba 3.0.2a-Debian
I have a somewhat working PDC server, but have some difficulties adding
more users. I managed to create a user, anna, a couple of days ago, it
she works fine from my wireless laptop.
To sort out some problems I have with the logon.bat script [see
sambalist "Netlogon script executes randomly"], I am also including my
desktop computer to the domain.
I've run the following commands on the server:
useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s
/bin/false frode
and
smbpasswd -a frode
and
net groupmap modify ntgroup="Domain Users" unixgroup=users
When I switch the XP computer from workgroup to domain I get a popup box
for username/password for the domain. Here I write username frode, and
the password I set with smbpasswd.
XP responds with a "Access denied" message.
The samba logfile says:
[2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [frode] -> [frode] ->
[frode] succeeded
[2004/03/26 10:16:03, 2]
rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461)
Returning domain sid for domain ISENGARD ->
S-1-5-21-2641962930-4089608471-2571597100
[2004/03/26 10:16:03, 2]
rpc_server/srv_samr_nt.c:access_check_samr_object(93)
_samr_open_domain: ACCESS DENIED (requested: 0x00000211)
[2004/03/26 10:16:03, 2]
rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461)
Returning domain sid for domain ISENGARD ->
S-1-5-21-2641962930-4089608471-2571597100
[2004/03/26 10:16:03, 2]
rpc_server/srv_samr_nt.c:access_check_samr_function(115)
_samr_create_user: ACCESS DENIED (granted: 0x00000201; required:
0x00000010)
[2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558)
Closing connections
My smb.conf:
# Setting up Samba 3.0 as a Primary Domain Controller
[global]
# Server settings
netbios name = sauroman
workgroup = ISENGARD
server string = Testing PDC
security = user
# guest account = smbguest
encrypt passwords = yes
# PDC settings
domain logons = yes
logon script = newlog.bat
# Browser and WINS settings
domain master = yes
local master = yes
preferred master = yes
os level = 255
wins support = yes
# Other services
time server = yes
# Debugging and Logging
log level = 2
log file = /tmp/samba_%m.log
max log size = 1000 #1MB
debug timestamp = yes
syslog = 1
[netlogon]
path = /var/lib/samba/netlogon
browseable = yes
writable = yes # set this to no again!
[homes]
comment = Home for %u
writeable = yes
browseable = no
; map archive = yes ;?
Radio Gong 2000 GmbH & Co. KG [Technik]
2004-Mar-26 09:29 UTC
[Samba] XP gives Access denied for domain logon
Did you apply the SIGN-OR-SEAL-Patch for the registry? Am Freitag, 26. M?rz 2004 10:21 schrieb Frode Lillerud:> Samba 3.0.2a-Debian > > I have a somewhat working PDC server, but have some difficulties adding > more users. I managed to create a user, anna, a couple of days ago, it > she works fine from my wireless laptop. > > To sort out some problems I have with the logon.bat script [see > sambalist "Netlogon script executes randomly"], I am also including my > desktop computer to the domain. > > I've run the following commands on the server: > useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s > /bin/false frode > and > smbpasswd -a frode > and > net groupmap modify ntgroup="Domain Users" unixgroup=users > > When I switch the XP computer from workgroup to domain I get a popup box > for username/password for the domain. Here I write username frode, and > the password I set with smbpasswd. > > XP responds with a "Access denied" message. > > The samba logfile says: > [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) > check_ntlm_password: authentication for user [frode] -> [frode] -> > [frode] succeeded > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_object(93) > _samr_open_domain: ACCESS DENIED (requested: 0x00000211) > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_function(115) > _samr_create_user: ACCESS DENIED (granted: 0x00000201; required: > 0x00000010) > [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) > Closing connections > > My smb.conf: > # Setting up Samba 3.0 as a Primary Domain Controller > > [global] > # Server settings > netbios name = sauroman > workgroup = ISENGARD > server string = Testing PDC > security = user > # guest account = smbguest > encrypt passwords = yes > > # PDC settings > domain logons = yes > logon script = newlog.bat > > # Browser and WINS settings > domain master = yes > local master = yes > preferred master = yes > os level = 255 > wins support = yes > > # Other services > time server = yes > > # Debugging and Logging > log level = 2 > log file = /tmp/samba_%m.log > max log size = 1000 #1MB > debug timestamp = yes > syslog = 1 > > [netlogon] > path = /var/lib/samba/netlogon > browseable = yes > writable = yes # set this to no again! > > [homes] > comment = Home for %u > writeable = yes > browseable = no > ; map archive = yes ;?-- Mit freundlichen Gr?ssen Sascha Bieler _______________________________________________ Radio Gong 2000 GmbH & Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 M?nchen Tel.: +49 89 38 166 181 Fax.: +49 89 38 166 180
hello as I know right regpatch XP for samba >3 not needed, but did you set up the machine account and did you make the machine known with an sambaadmin account ? sambaadmin account must be user id 0 and group id 0 if I do not fail ;) mit freundlichen Grüssen Björn "Frode Lillerud" <frode@lillerud.no> schrieb im Newsbeitrag news:000101c41313$b69b3d70$0300000a@Frodo...> Samba 3.0.2a-Debian > > I have a somewhat working PDC server, but have some difficulties adding > more users. I managed to create a user, anna, a couple of days ago, it > she works fine from my wireless laptop. > > To sort out some problems I have with the logon.bat script [see > sambalist "Netlogon script executes randomly"], I am also including my > desktop computer to the domain. > > I've run the following commands on the server: > useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s > /bin/false frode > and > smbpasswd -a frode > and > net groupmap modify ntgroup="Domain Users" unixgroup=users > > When I switch the XP computer from workgroup to domain I get a popup box > for username/password for the domain. Here I write username frode, and > the password I set with smbpasswd. > > XP responds with a "Access denied" message. > > The samba logfile says: > [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) > check_ntlm_password: authentication for user [frode] -> [frode] -> > [frode] succeeded > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_object(93) > _samr_open_domain: ACCESS DENIED (requested: 0x00000211) > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_function(115) > _samr_create_user: ACCESS DENIED (granted: 0x00000201; required: > 0x00000010) > [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) > Closing connections > > My smb.conf: > # Setting up Samba 3.0 as a Primary Domain Controller > > [global] > # Server settings > netbios name = sauroman > workgroup = ISENGARD > server string = Testing PDC > security = user > # guest account = smbguest > encrypt passwords = yes > > # PDC settings > domain logons = yes > logon script = newlog.bat > > # Browser and WINS settings > domain master = yes > local master = yes > preferred master = yes > os level = 255 > wins support = yes > > # Other services > time server = yes > > # Debugging and Logging > log level = 2 > log file = /tmp/samba_%m.log > max log size = 1000 #1MB > debug timestamp = yes > syslog = 1 > > [netlogon] > path = /var/lib/samba/netlogon > browseable = yes > writable = yes # set this to no again! > > [homes] > comment = Home for %u > writeable = yes > browseable = no > ; map archive = yes ;? > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Possibly Parallel Threads
- "A device attached to the system is not functioning"
- XP gives Access denied for domain logon - solved, but with new problem
- Netlogon script executes randomly
- Getting stats for logged in domain users?
- Problem connecting XP to domain: "...specified domain either does not exist..."