samba - Jul 2004 - new user cannot logon

hi all,

I've set up a samba3.0.3 as pdc for my w2k-domain with ldapsam-backend
(cyrus-sasl, heimdal) on suse9.0.
everything worked fine. but yesterday the /dev/sda1 (/homes; xfs file
system) crashed, when I created a new user with smbldap-useradd. I could
repair the xfs file system and everything seemed fine.
to test the system I've created a new user. but the new user cannot logon.
	"error: The system could not log you on..."

(well, I hope this is correct. in german it's: Das System konnte sie nicht
anmelden...)

I have no logon problems with old users, I've created before the
"crash".
I've also tried the following:
	stop samba
	delete secrets.tdb
	# ./net getlocalsid and edit the smbldap.conf
	# ./smbpasswd ?w <secret>
	start samba
	rejoin the domain with my w2k machine
... but to no avail.

in the log file I found:
[2004/07/08 13:08:15, 3] auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  Checking password for unmapped user []\[]@[ZS1W110]
with the new password interface
[2004/07/08 13:08:15, 3] auth/auth.c:check_ntlm_password(222)
  check_ntlm_password:  mapped user is: [VERBUND]\[]@[ZS1W110]

does this mean, samba cannot find the user?
when I do a "pdbedit -Lv" everything seems o.k. and the user can also
logon
directly on the linux system.

Any help would be greatly appreciated.


marian

I am setting up a Samba server and am uncertain as to which filesystem to
choose.  

The consensus seems to be XFS but I'm not sure how proven this filesystem is
(I know SGI have used it since Irix 6.5 but that's a different OS).

I want the filesystem to be available via both CIFS and NFS.

I need quotas and would like acls, but most of all want a fast reliable
system.

Reports indicate that ext2/3 is particularly slow, especially for long file
listings and many people complain have corruption issues with reiser (nut
maybe that's RedHat only).  Recently, someone even suggested using VFAT!

I'd like to hear your thoughts and experiences with the various filesystems,
especially with regard to using them with Samba and/or NFS.

P.s. The filesystem will be on hardware RAID5, with a hardware RAID1 root
filesystem.  I've heard that it makes sense to place the log file on the
RAID1 partition - I carried out some simple tests but couldn't detect any
difference in performance with XFS no matter where the log file is.

-- 
  Simon Oliver

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

| I've set up a samba3.0.3 as pdc for my w2k-domain with ldapsam-backend
...
| in the log file I found:
| [2004/07/08 13:08:15, 3] auth/auth.c:check_ntlm_password(219)
|   check_ntlm_password:  Checking password for unmapped user
[]\[]@[ZS1W110]
| with the new password interface
| [2004/07/08 13:08:15, 3] auth/auth.c:check_ntlm_password(222)
|   check_ntlm_password:  mapped user is: [VERBUND]\[]@[ZS1W110]
| does this mean, samba cannot find the user?
| when I do a "pdbedit -Lv" everything seems o.k. and the user can
also
logon
| directly on the linux system.

No it probably means that user VERBUND was found and not re-mapped to a
Unix account in /etc/smbusers, so there must be a different problem.

One thing I noticed was that the smbldap-passwd scripts *DO NOT* set the
users windows passwords when you use "smbldap-useradd -a -P" where
"-P"
sets only the unix password.  smbldap-passwd on the other hand sets both.

Ans: Try re-setting the users password with smbldap-passwd.


Jim C.
- --

- -----------------------------------------------------------------
| I can be reached on the following Instant Messenger services: |
|---------------------------------------------------------------|
| MSN: j_c_llings@hotmail.com  AIM: WyteLi0n  ICQ: 123291844 	|
|---------------------------------------------------------------|
| Y!: j_c_llings               Jabber: jcllings@njs.netlab.cz	|
- -----------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFA7ZM757L0B7uXm9oRAq9JAJwN4vtA9u9rMNJri46tLfkeq+GE8QCfWXgp
U0YPivrpD8QLC7WfODFI5l4=NByd
-----END PGP SIGNATURE-----