sebastien@cirquedigital.com
2002-Apr-24 04:52 UTC
[Samba] logon script does not get executed
Hi,
I just migrated my samba PDC from Samba 2.2.1a on HP-UX to Samba 2.2.3a on
RH7.2 (using the rawhide rpms). My clients are Win2kSP2, and there are no
BDC's on the network. The server should do PDC, homes, profiles and logon
script.
The idea was initially just to move the the Samba service to the linux box,
but i ended up upgrading it because of profile problems (needed the 'nt acl
support = no' share option, even though the server is a PDC). Note that i
used to have these on HP-UX too but just stumbled on a solution to it
(README.Win2kSP2) while installing samba on the linux box.
However, i now have a new problem. My clients can login to the domain (login
accepted, profile loaded and saved correctly on logout), but my 'logon
script' does not get executed (automatically) anymore.
I copied the configuration script from my initial server and made some minor
changes to it (mostly the paths). I still have my [netlogon] share, the path
exists, the logon script exists and is readable by any unix user, etc...
After a login i can access the [netlogon] share from the client just fine.
Actually, i can just do a
Start->Run->"\\circus\netlogon\cdlogon.bat" and
everything works fine.
So i assume there must be something going wrong when the client tries to
figure out if there is a logon script to run. I'm not a samba expert, but i
can see in the log files that the [netlogon] share is never mapped, file
'cdlogon.bat' never accessed, whereas this used to happen on the HP-UX
samba
server. It looks like the client is asking the server to resolve
\\MAILSLOT\NET\NETLOGON, the server finds out this ' logon svr' should
be
\\CIRCUS, but then the client starts all over again. (see log excerpt
below). I've been playing with WINS to see what is registered and though i
don't know the exact meaning of each Type, it looks like the linux server
registers the same (local and domain) names/types as the HP-UX one.
Also, i still have my HP-UX server on the side. If i stop the linux one,
startup the old HP-UX one again, and reboot the clients, they still work
fine -- with login script.
Of course, there might be some non-smb.conf issues, things i forgot to
transfer from the old server to the new one. I copied the smbpasswd, passwd
and group entries, MACHINE.SID etc... but maybe i forgot something else?
Or is this a problem related to 2.2.3a nmbd?
One more remark: the clients i tested are on the same subnet as the new
linux server, and the HP-UX box is on another subnet. Might this make a
difference...
Any advice would be greatly appreciated,
tia,
-seb.
=======
Some output:
a) my smb.conf file:
# Global parameters
[global]
workgroup = CIRQUEDIGITAL
netbios name = CIRCUS
encrypt passwords = Yes
smb passwd file = /etc/smbpasswd
log file = /var/log/samba/%m.log
max log size = 50
log level = 7
domain admin group = @adm
; add user script = /usr/sbin/useradd -g 1003 -s /usr/bin/false -c
; delete user script = /usr/sbin/userdel -r %u
logon script = cdlogon.bat
logon path = \\%N\profiles\%u
logon drive = H:
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
guest account = nobody
lock dir = /var/lock/samba
[netlogon]
comment = Network Logon Service
path = /volume1/cd/settings/win-ix86/netlogon
guest ok = yes
writable = no
share modes = no
browseable = no
blocking locks = No
[homes]
path = /volume1/cd/homes/%u
read only = No
blocking locks = No
[allhomes]
path = /volume1/cd/homes
read only = No
blocking locks = No
[tmp]
path = /volume1/cd/tmp
read only = No
blocking locks = No
[data]
path = /volume1/cd
read only = No
blocking locks = No
[profiles]
path = /volume1/cd/homes/profiles
read only = No
blocking locks = No
oplocks = No
nt acl support = No
b) some nmbd.log output:
process_dgram: datagram from CDWW-2<00> to CIRQUEDIGITAL<1c> IP
10.231.101.102 for \MAILSLOT\NET\NETLOGON of type 18 l
en=100
[2002/04/24 11:34:55, 1] nmbd/nmbd_processlogon.c:process_logon_packet(69)
process_logon_packet: Logon from 10.231.101.102: code = 0x12
[2002/04/24 11:34:55, 3] nmbd/nmbd_processlogon.c:process_logon_packet(210)
process_logon_packet: SAMLOGON sidsize 24, len = 100
[2002/04/24 11:34:55, 3] nmbd/nmbd_processlogon.c:process_logon_packet(217)
process_logon_packet: len = 100 PTR_DIFF(q, buf) = 92
[2002/04/24 11:34:55, 3] nmbd/nmbd_processlogon.c:process_logon_packet(237)
process_logon_packet: SAMLOGON sidsize 24 ntv 11
[2002/04/24 11:34:55, 3] nmbd/nmbd_processlogon.c:process_logon_packet(246)
process_logon_packet: SAMLOGON user CDWW-2$
[2002/04/24 11:34:55, 3] nmbd/nmbd_processlogon.c:process_logon_packet(251)
process_logon_packet: SAMLOGON request from CDWW-2(10.231.101.102) for
CDWW-2$, returning logon svr \\CIRCUS domain CIRQUEDIGITAL code 13
token=ffff
[2002/04/24 11:34:55, 4] lib/util.c:dump_data(1484)
[000] 13 00 5C 00 5C 00 43 00 49 00 52 00 43 00 55 00 ..\.\.C. I.R.C.U.
[2002/04/24 11:34:55, 4] lib/util.c:dump_data(1492)
[010] 53 00 00 00 43 00 44 00 57 00 57 00 2D 00 32 00 S...C.D. W.W.-.2.
[2002/04/24 11:34:55, 4] lib/util.c:dump_data(1492)
[020] 24 00 00 00 43 00 49 00 52 00 51 00 55 00 45 00 $...C.I. R.Q.U.E.
[2002/04/24 11:34:55, 4] lib/util.c:dump_data(1492)
[030] 44 00 49 00 47 00 49 00 54 00 41 00 4C 00 00 00 D.I.G.I. T.A.L...
[2002/04/24 11:34:55, 4] lib/util.c:dump_data(1492)
[040] 01 00 00 00 FF FF FF FF ........
[2002/04/24 11:34:55, 4] nmbd/nmbd_packets.c:send_mailslot(1961)
send_mailslot: Sending to mailslot \MAILSLOT\NET\GETDC042 from CIRCUS<00>
IP 10.231.101.1 to CDWW-2<00> IP 10.231.101.
102
[2002/04/24 11:34:55, 4] nmbd/nmbd_packets.c:debug_browse_data(101)
debug_browse_data():
0 char ..\.\.C.I.R.C.U. hex 13 00 5c 00 5c 00 43 00 49 00 52 00 43 00 55
00
10 char S...C.D.W.W.-.2. hex 53 00 00 00 43 00 44 00 57 00 57 00 2d 00 32
00
20 char $...C.I.R.Q.U.E. hex 24 00 00 00 43 00 49 00 52 00 51 00 55 00 45
00
30 char D.I.G.I.T.A.L... hex 44 00 49 00 47 00 49 00 54 00 41 00 4c 00 00
00
40 char ........ hex 01 00 00 00 ff ff ff ff
[2002/04/24 11:34:55, 5] libsmb/nmblib.c:send_udp(741)
Sending a packet of len 246 to (10.231.101.102) on port 138
[2002/04/24 11:34:55, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(161)
find_workgroup_on_subnet: workgroup search for CIRQUEDIGITAL on subnet
10.231.101.1: found.
[2002/04/24 11:34:55, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(161)
find_workgroup_on_subnet: workgroup search for CIRQUEDIGITAL on subnet
UNICAST_SUBNET: found.
[2002/04/24 11:34:55, 4]
nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(161)
find_workgroup_on_subnet: workgroup search for CIRQUEDIGITAL on subnet
UNICAST_SUBNET: found.
[2002/04/24 11:34:55, 5] libsmb/nmblib.c:read_packet(719)
Received a packet of len 274 from (10.231.101.102) port 138
[...]