tms3 at tms3.com
2011-Jan-03 14:32 UTC
[Samba] A device attached to the system is not functioning -When adding a computer to the domain
On Monday 03/01/2011 at 4:58 am, Chris Beach wrote:> I wanted to send this out a 2nd (and last) time.. I got suggestions > not to > use BLAH.COM and to use BLAH instead for my domain name, however I > don't > think that's causing my problem as it's been this way for 6 years?Then you have done no research regarding NetBIOS names. NetBIOS Restictions Characters Unicode characters, numbers, white space, symbols: ! @ # $ % ^ & ' ) ( . - _ { } ~ See chart top of page: http://technet.microsoft.com/en-us/library/cc959336.aspx Machine trusts MUST be able to resolve NetBIOS names. The preferred method is via WINS. Misconfigured NetBIOS names will make this, shall we say, difficult.> > Any way I > still can't add machines to my domain and am fairly panicked (this is > production, 140~ users). > > Any other suggestions? > > Thank you. > > On Thu, Dec 30, 2010 at 1:35 PM, Chris Beach <chrisb at pintys.com> > wrote: > >> >> Hi all, >> >> I just setup a Samba 3.3.14, with an ldap back-end. >> >> I migrated the ldap back end and samba shares from my old samba >> server. >> I've found when adding a machine (WinXP) to the domain, I get the >> following >> error on XP: >> >> The following error occurred attempting to join the domain "Blah.com": >> A device attached to the system is not functioning. >> >> in my /var/log/messages I have: >> >> Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0] >> passdb/pdb_get_set.cdb_get_group_sid(210) >> Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find >> Unix >> account for OAKRND02$ >> >> repeated about 6 times. >> >> My smb.conf looks like this for the scripts to run: >> >> * add machine script = /usr/sbin/smbldap-useradd -w "%u" >> add user script = /usr/sbin/smbldap-useradd -m -a "%u" >> delete user script = /usr/sbin/smbldap-userdel -r "%u" >> add group script = /usr/sbin/smbldap-groupadd -p "%g" >> delete group script = /usr/sbin/smbldap-groupdel "%g" >> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" >> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" >> "%g" >> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" >> >> ldap passwd sync = yes >> passwd program = /usr/sbin/smbldap-passwd %u >> passwd chat = "Changing password for*\nNew password*" %n\n "*Retype >> new >> password*" %n\n"* >> >> When I do an LDAP search, I see there is an entry in LDAP for it the >> machine, so some of the add machine script must have worked: >> >> ldapsearch -b "dc=mydomain,dc=com" -x "(uid=oakrnd01$)" >> >> # OAKRND01$, Computers, mydomain, com >> dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com >> uid: OAKRND01$ >> sambaSID: S-1-5-21-3318375643-2463009161-752822222-41448 >> sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-752822222-515 >> sambaAcctFlags: [W ] >> objectClass: sambaSamAccount >> objectClass: account >> objectClass: top >> objectClass: inetOrgPerson >> objectClass: posixAccount >> sambaPwdCanChange: 1291378566 >> sambaPwdMustChange: 1299154566 >> sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313 >> sambaPwdLastSet: 1291378566 >> >> Also, I get results in pdbedit: >> >> [root at happiness ~]# pdbedit -v oakrnd01$ >> Unix username: OAKRND01$ >> NT username: OAKRND01$ >> Account Flags: [W ] >> User SID: S-1-5-21-3318375643-2463009161-752822222-41448 >> *pdb_get_group_sid: Failed to find Unix account for OAKRND01$* >> *Primary Group SID: (NULL SID)* >> Full Name: >> Home Directory: >> HomeDir Drive: >> Logon Script: logon.exe >> Profile Path: >> Domain: MYDOMAIN.COM >> Account desc: >> Workstations: >> Munged dial: >> Logon time: 0 >> Logoff time: never >> Kickoff time: never >> Password last set: Fri, 03 Dec 2010 06:16:06 CST >> Password can change: Fri, 03 Dec 2010 06:16:06 CST >> Password must change: Thu, 03 Mar 2011 06:16:06 CST >> Last bad password : 0 >> Bad password count : 0 >> Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF >> >> Also: >> >> /usr/sbin/smbldap-useradd -w OAKRND02 >> failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm >> line >> 616. >> >> And then my slapd dies out (crashes)... this same behaviour happens >> when >> trying to use USRMGR.exe to add a new user (but doing it manually via >> smbldap DOES work for adding a new user). >> >> What's most annoying is I tested joining a Windows 7 machine to the >> domain >> before I went live with this server, and it was successful, so I've no >> clue >> why this isn't working now >> >> Any help I can get it REALLY APPRECIATED, right now I've got a PC I >> can't >> get on the domain, so a user how can't work. >> >> > > > -- > Chris Beach > IT Analyst > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Chris Beach
2011-Jan-03 14:41 UTC
[Samba] A device attached to the system is not functioning -When adding a computer to the domain
Thank you, I'll give it a read and do some more research on it.. To be honest my predecessor set up Samba before I got here (6-7 years ago), so that's what I was left with (BLAH.COM), and not knowing any better, have used it ever since. Just FYI, my Domain name (workgroup in smb.conf) is BLAH.COM ... the netbios name of the actual samba server is HAPPINESS On Mon, Jan 3, 2011 at 9:32 AM, <tms3 at tms3.com> wrote:> > > > On Monday 03/01/2011 at 4:58 am, Chris Beach wrote: > > I wanted to send this out a 2nd (and last) time.. I got suggestions not to > use BLAH.COM and to use BLAH instead for my domain name, however I don't > think that's causing my problem as it's been this way for 6 years? > > Then you have done no research regarding NetBIOS names. > > NetBIOS > Restictions > Characters > Unicode characters, numbers, white space, symbols: ! @ # $ % ^ & ' ) ( . - > _ { } ~ > > See chart top of page: > > http://technet.microsoft.com/en-us/library/cc959336.aspx > > Machine trusts MUST be able to resolve NetBIOS names. The preferred method > is via WINS. Misconfigured NetBIOS names will make this, shall we say, > difficult. > > Any way I > still can't add machines to my domain and am fairly panicked (this is > production, 140~ users). > > Any other suggestions? > > Thank you. > > On Thu, Dec 30, 2010 at 1:35 PM, Chris Beach <chrisb at pintys.com> wrote: > > Hi all, > > I just setup a Samba 3.3.14, with an ldap back-end. > > I migrated the ldap back end and samba shares from my old samba server. > I've found when adding a machine (WinXP) to the domain, I get the following > error on XP: > > The following error occurred attempting to join the domain "Blah.com": > A device attached to the system is not functioning. > > in my /var/log/messages I have: > > Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0] > passdb/pdb_get_set.cdb_get_group_sid(210) > Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find Unix > account for OAKRND02$ > > repeated about 6 times. > > My smb.conf looks like this for the scripts to run: > > * add machine script = /usr/sbin/smbldap-useradd -w "%u" > add user script = /usr/sbin/smbldap-useradd -m -a "%u" > delete user script = /usr/sbin/smbldap-userdel -r "%u" > add group script = /usr/sbin/smbldap-groupadd -p "%g" > delete group script = /usr/sbin/smbldap-groupdel "%g" > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > > ldap passwd sync = yes > passwd program = /usr/sbin/smbldap-passwd %u > passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new > password*" %n\n"* > > When I do an LDAP search, I see there is an entry in LDAP for it the > machine, so some of the add machine script must have worked: > > ldapsearch -b "dc=mydomain,dc=com" -x "(uid=oakrnd01$)" > > # OAKRND01$, Computers, mydomain, com > dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com > uid: OAKRND01$ > sambaSID: S-1-5-21-3318375643-2463009161-752822222-41448 > sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-752822222-515 > sambaAcctFlags: [W ] > objectClass: sambaSamAccount > objectClass: account > objectClass: top > objectClass: inetOrgPerson > objectClass: posixAccount > sambaPwdCanChange: 1291378566 > sambaPwdMustChange: 1299154566 > sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313 > sambaPwdLastSet: 1291378566 > > Also, I get results in pdbedit: > > [root at happiness ~]# pdbedit -v oakrnd01$ > Unix username: OAKRND01$ > NT username: OAKRND01$ > Account Flags: [W ] > User SID: S-1-5-21-3318375643-2463009161-752822222-41448 > *pdb_get_group_sid: Failed to find Unix account for OAKRND01$* > *Primary Group SID: (NULL SID)* > Full Name: > Home Directory: > HomeDir Drive: > Logon Script: logon.exe > Profile Path: > Domain: MYDOMAIN.COM > Account desc: > Workstations: > Munged dial: > Logon time: 0 > Logoff time: never > Kickoff time: never > Password last set: Fri, 03 Dec 2010 06:16:06 CST > Password can change: Fri, 03 Dec 2010 06:16:06 CST > Password must change: Thu, 03 Mar 2011 06:16:06 CST > Last bad password : 0 > Bad password count : 0 > Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > Also: > > /usr/sbin/smbldap-useradd -w OAKRND02 > failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm line > 616. > > And then my slapd dies out (crashes)... this same behaviour happens when > trying to use USRMGR.exe to add a new user (but doing it manually via > smbldap DOES work for adding a new user). > > What's most annoying is I tested joining a Windows 7 machine to the domain > before I went live with this server, and it was successful, so I've no clue > why this isn't working now > > Any help I can get it REALLY APPRECIATED, right now I've got a PC I can't > get on the domain, so a user how can't work. > > > > > -- > Chris Beach > IT Analyst > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > >-- Chris Beach IT Analyst