Dear all, I have 2 domains: JUPITER.COM (Samba 3.0.23c - Centos5) and WIN.COM (Windows 2000 Adv Srv). I join a windows XP SP1 (MOON), first to Windows domain and then to Samba's. The problem is when I join the XP to Samba's and then try to logon to WIN.COM, the XP is instead logon to Samba, thus the username is not found. The DNS is not a problem, I set the DNS of the XP to Windows' DNS. Here's what the Samba log says: Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] smbd/reply.c:reply_special(496) Oct 21 15:36:06 centos5 smbd[7680]: netbios connect: name1=CENTOS5 name2=MOON Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] smbd/reply.c:reply_special(503) Oct 21 15:36:06 centos5 smbd[7680]: netbios connect: local=centos5 remote=moon, name type = 0 Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] smbd/sesssetup.c:setup_new_vc_session(799) Oct 21 15:36:06 centos5 smbd[7680]: setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] smbd/sesssetup.c:setup_new_vc_session(799) Oct 21 15:36:06 centos5 smbd[7680]: setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] lib/smbldap.c:smbldap_open_connection(788) Oct 21 15:36:06 centos5 smbd[7680]: smbldap_open_connection: connection opened Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] smbd/reply.c:reply_tcon_and_X(711) Oct 21 15:36:06 centos5 smbd[7680]: Serving IPC$ as a Dfs root Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 0] auth/auth_util.c:smb_create_user(55) Oct 21 15:36:07 centos5 smbd[7680]: smb_create_user: Running the command `/usr/sbin/useradd test2' gave 126 Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 0] libsmb/samlogon_cache.c:netsamlogon_cache_store(124) Oct 21 15:36:07 centos5 smbd[7680]: netsamlogon_cache_store: cannot open netsamlogon_cache.tdb for write! Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 2] auth/auth.c:check_ntlm_password(319) Oct 21 15:36:07 centos5 smbd[7680]: check_ntlm_password: Authentication for user [test2] -> [test2] FAILED with error NT_STATUS_NO_SUCH_USER Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 2] smbd/reply.c:reply_tcon_and_X(711) Oct 21 15:36:07 centos5 smbd[7680]: Serving IPC$ as a Dfs root Why does Samba still handle the logon request? One more info, if I then join the XP back to Windows' and then try to logon both to Samba and Windows, the logon process is OK. Any insight and comments are very welcome. -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 08:20:32 up 13 min, 2.6.20-16-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20071022/1d611037/attachment.bin
On Monday 22 October 2007 08:31:46 Fajar Priyanto wrote:> Dear all, > I have 2 domains: JUPITER.COM (Samba 3.0.23c - Centos5) and WIN.COM > (Windows 2000 Adv Srv). I join a windows XP SP1 (MOON), first to Windows > domain and then to Samba's. > > The problem is when I join the XP to Samba's and then try to logon to > WIN.COM, the XP is instead logon to Samba, thus the username is not found. > The DNS is not a problem, I set the DNS of the XP to Windows' DNS.> Why does Samba still handle the logon request? > One more info, if I then join the XP back to Windows' and then try to logon > both to Samba and Windows, the logon process is OK. > > Any insight and comments are very welcome.From google I found this: http://www.5starsupport.com/xp-faq/1-102.htm Problem: In Windows XP Pro, is it possible to have multiple domains to login to? Currently, I only have a single domain option. I would like be able to choose from a list of domains when I login. Answer: In one word, no. A computer can only be part of a single domain. However, multiple users from other trusted domains may have permissions to access certain domains while still being logged in to their own domain. This is all part of an Active Directory process. Is that true? -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 11:19:09 up 1:23, 2.6.20-16-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20071022/af941d23/attachment.bin
On Monday 22 October 2007 12:35:23 Michael Heydon wrote:> It sounds like you want a trust relationship. > > If you have DomainA and DomainB and a two way trust between them then > users from DomainA can log on to computers in DomainB and vice versa. If > you had something like ADMT you could do your migration in one shot > quite quickly, that way you wouldn't have to worry so much about legacy > users, etc. > > Does anyone know if ADMT can migrate to Samba? I know it can migrate > from NT4 so I suspect from Samba should be ok. I'm not so sure about > going to it though. > > Either way, a trust is a prerequisite for using ADMT.Hello Michael, Yes. I have setup inter-domain trust between the samba and w2k. So, with interdomain trust working, it makes changing domain membership in wxp becomes unnecessary, right? -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 13:28:48 up 3:33, 2.6.20-16-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20071022/57ffe422/attachment.bin
It sounds like you want a trust relationship. If you have DomainA and DomainB and a two way trust between them then users from DomainA can log on to computers in DomainB and vice versa. If you had something like ADMT you could do your migration in one shot quite quickly, that way you wouldn't have to worry so much about legacy users, etc. Does anyone know if ADMT can migrate to Samba? I know it can migrate from NT4 so I suspect from Samba should be ok. I'm not so sure about going to it though. Either way, a trust is a prerequisite for using ADMT. * Michael Heydon - IT Administration / Support * michaelh@jaswin.com.au <mailto:michaelh@jaswin.com.au> TEL: (08) 9351 3400 Direct: (08) 9351 3473 FAX: (08) 9351 3410 http://www.jaswin.com.au 1 McDowell Street Welshpool WA 6106 ******Disclaimer****** Jason Windows Pty Ltd This email is private and confidential. If you are not the intended recipient, please immediately advise us by return email, and delete this email and any attachments without using or disclosing the contents in any way. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of Jason Windows Pty Ltd. Fajar Priyanto wrote:> Dear all, > I have 2 domains: JUPITER.COM (Samba 3.0.23c - Centos5) and WIN.COM (Windows > 2000 Adv Srv). I join a windows XP SP1 (MOON), first to Windows domain and > then to Samba's. > > The problem is when I join the XP to Samba's and then try to logon to WIN.COM, > the XP is instead logon to Samba, thus the username is not found. The DNS is > not a problem, I set the DNS of the XP to Windows' DNS. > > Here's what the Samba log says: > Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] > smbd/reply.c:reply_special(496) > Oct 21 15:36:06 centos5 smbd[7680]: netbios connect: name1=CENTOS5 > name2=MOON > Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] > smbd/reply.c:reply_special(503) > Oct 21 15:36:06 centos5 smbd[7680]: netbios connect: local=centos5 > remote=moon, name type = 0 > Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] > smbd/sesssetup.c:setup_new_vc_session(799) > Oct 21 15:36:06 centos5 smbd[7680]: setup_new_vc_session: New VC == 0, if > NT4.x compatible we would close all old resources. > Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] > smbd/sesssetup.c:setup_new_vc_session(799) > Oct 21 15:36:06 centos5 smbd[7680]: setup_new_vc_session: New VC == 0, if > NT4.x compatible we would close all old resources. > Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] > lib/smbldap.c:smbldap_open_connection(788) > Oct 21 15:36:06 centos5 smbd[7680]: smbldap_open_connection: connection > opened > Oct 21 15:36:06 centos5 smbd[7680]: [2007/10/21 15:36:06, 2] > smbd/reply.c:reply_tcon_and_X(711) > Oct 21 15:36:06 centos5 smbd[7680]: Serving IPC$ as a Dfs root > Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 0] > auth/auth_util.c:smb_create_user(55) > Oct 21 15:36:07 centos5 smbd[7680]: smb_create_user: Running the command > `/usr/sbin/useradd test2' gave 126 > Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 0] > libsmb/samlogon_cache.c:netsamlogon_cache_store(124) > Oct 21 15:36:07 centos5 smbd[7680]: netsamlogon_cache_store: cannot open > netsamlogon_cache.tdb for write! > Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 2] > auth/auth.c:check_ntlm_password(319) > Oct 21 15:36:07 centos5 smbd[7680]: check_ntlm_password: Authentication for > user [test2] -> [test2] FAILED with error NT_STATUS_NO_SUCH_USER > Oct 21 15:36:07 centos5 smbd[7680]: [2007/10/21 15:36:07, 2] > smbd/reply.c:reply_tcon_and_X(711) > Oct 21 15:36:07 centos5 smbd[7680]: Serving IPC$ as a Dfs root > > Why does Samba still handle the logon request? > One more info, if I then join the XP back to Windows' and then try to logon > both to Samba and Windows, the logon process is OK. > > Any insight and comments are very welcome. >