List,
I'm running Samba 3.01012 on Fedora Core 2. A consultant setup the
linux servers, including the one running samba. The problem is that
recently some w2k users, but not all, can no longer login to our
domain. They were able to login just fine before, but now can't. Yes,
they were already joined to the domain. No changes were made to their
user accounts. The error message that comes from the Windows login
screen is "The system is unable to login you in because the domain
"joeblow" is not available". One of the reasons that this is a
major
problem is because our user use roaming profiles. What I've done as a
work around is to create a local windows account for the users. I then
run "\\servername\share" from run and they're able to mount the
folders
they need from the server running samba. So yes, the shares are still
working. We also are running ldap servers. It appears as though one of
the ldap servers is the pdc? An additional problem is that when I goto
My Network Places -> Entire Network -> double click on Microsoft Windows
Network, I can see the domain name for the workgroup. But when I double
click on it I receive the error message "YouthUpRising is not
accessible. The network path was not found." Also there are some w2k
computers that are still a part of the "workgroup" workgroup. I used
to
be able to see both the youthuprising domain and the "workgroup"
workgroup when I went into my network places. But now I can no longer
see the "workgroup" workgroup.
I hope that my explanation is clear, at least clear than mud. I need
help on this asap. The problem doesn't seem to be growing, but I need
it resolved quickly.
Thanks
Here's a copy of a port of smb.conf.
# Global parameters
[global]
workgroup = YOUTHUPRISING
server string = Youth Uprising %h
passdb backend = ldapsam:ldap://auth1.inside.youthuprising.org
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
printcap name = CUPS
show add printer wizard = No
logon script = scripts\logon.bat
logon path = \\file\profiles\%U
logon drive = X:
domain logons = No
domain master = No
# wins server = xx.xx.xx.xx
ldap suffix = dc=inside,dc=youthuprising,dc=org
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=inside,dc=youthuprising,dc=org
# ldap port = 389
# ldap server = auth0.youthuprising.org
utmp = Yes
idmap backend = ldap:ldap://auth1.inside.youthuprising.org
idmap uid = 10000-20000
idmap gid = 10000-20000
printing = cups
printer admin = Administrator, root
security = user
David Lynum wrote:> List, > > I'm running Samba 3.01012 on Fedora Core 2. A consultant setup the > linux servers, including the one running samba. The problem is that > recently some w2k users, but not all, can no longer login to our > domain. They were able to login just fine before, but now can't. Yes, > they were already joined to the domain. No changes were made to their > user accounts. The error message that comes from the Windows login > screen is "The system is unable to login you in because the domain > "joeblow" is not available". One of the reasons that this is a major > problem is because our user use roaming profiles. What I've done as a > work around is to create a local windows account for the users. I then > run "\\servername\share" from run and they're able to mount the folders > they need from the server running samba. So yes, the shares are still > working. We also are running ldap servers. It appears as though one of > the ldap servers is the pdc? An additional problem is that when I goto > My Network Places -> Entire Network -> double click on Microsoft Windows > Network, I can see the domain name for the workgroup. But when I double > click on it I receive the error message "YouthUpRising is not > accessible. The network path was not found." Also there are some w2k > computers that are still a part of the "workgroup" workgroup. I used to > be able to see both the youthuprising domain and the "workgroup" > workgroup when I went into my network places. But now I can no longer > see the "workgroup" workgroup. > > I hope that my explanation is clear, at least clear than mud. I need > help on this asap. The problem doesn't seem to be growing, but I need > it resolved quickly. > > Thanks > > > Here's a copy of a port of smb.conf. > # Global parameters > [global] > workgroup = YOUTHUPRISING > server string = Youth Uprising %h > > passdb backend = ldapsam:ldap://auth1.inside.youthuprising.org > username map = /etc/samba/smbusers > log level = 1 > syslog = 0 > log file = /var/log/samba/%m > max log size = 50 > smb ports = 139 445 > name resolve order = wins bcast hosts > printcap name = CUPS > show add printer wizard = No > logon script = scripts\logon.bat > logon path = \\file\profiles\%U > logon drive = X: > domain logons = No > domain master = No > # wins server = xx.xx.xx.xx > ldap suffix = dc=inside,dc=youthuprising,dc=org > ldap machine suffix = ou=People > ldap user suffix = ou=People > ldap group suffix = ou=Groups > ldap idmap suffix = ou=Idmap > ldap admin dn = cn=Manager,dc=inside,dc=youthuprising,dc=org > # ldap port = 389 > # ldap server = auth0.youthuprising.org > utmp = Yes > idmap backend = ldap:ldap://auth1.inside.youthuprising.org > idmap uid = 10000-20000 > idmap gid = 10000-20000 > printing = cups > printer admin = Administrator, root > security = user >Just a thought. you might try enabling wins support = yes and pointing your windows boxes at your server as the wins server. -- Ray Klassen Computer SysAdmin MCC Supportive Care Services