samba - Jun 2003 - Samba 2.2.7 as PDC causing BSOD on 2K domain logon

Hello,

Have wrestled this one for about a week, now, getting frustrated ;-)

Running samba as PDC for my domain (cf. smb.conf further down)
When logging in on my 2K Pro machine, I first get a "can't find roaming
profile, attempting local profile"-error, but logon using my user's smb
account accepts only the correct password and so the identification part 
works well.

Next, the screen on my 2K plays the chimes, displays the background for a 
little while, and then the Blue Screen Of Death with the brief text "... 
the windows logon process terminated unexpectedly ..." and subsequent 
automatic reboot.

I'd appreciate any help.

I have some thoughts of what could be wrong, but I'm at road's end
trying
to do something about it, not even knowing if it's the true problem.

Oh, and btw, I've tried two different 2K machines, same result.

Possible errors:

* the user anders-l exists only on the PDC and not locally on the 2K 
machine, hence it could die trying to find a local profile.

* the owner structure on the PDC /home/%U stuff could be messed up (see 
below) (not sure how this would cause the BSOD though)

* the //dl280/profile share doesn't show when listing the shares (see 
below), should it? (also unsure how this would cause the BSOD)

* I've made a darn stupid hum-dinger of a rookie error (and really, what 
better way to expose your ignorance than to post to a list - right?)

Follows some helpful(?) stats:

*********************

$ smbclient -L //dl380 -U anders-l
added interface ip=192.168.0.191 bcast=192.168.0.255 nmask=255.255.255.0
Password:
Domain=[PN-TRADING] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]

        Sharename      Type      Comment
        ---------      ----      -------
        netlogon       Disk      Network Logon Service (Samba)
        IPC$           IPC       IPC Service (PDC on dl380 (Linux with samba
version: -hidden-)
        ADMIN$         Disk      IPC Service (PDC on dl380 (Linux with samba
version: -hidden-)
        anders-l       Disk      Home Directories

        Server               Comment
        ---------            -------
        DL380                PDC on dl380 (Linux with samba version: 
-hidden-

        Workgroup            Master
        ---------            -------
        PN-TRADING           DL380

************************

<a trimmed smb.conf, for brevity. The complete one posted on 
http://www.dsv.su.se/~anders-l/samba/smb.conf> (full of crap comments, 
work notes etc, just in case you'll need to see it.) This one is the same, 
just with all comments grep -v:ed

[global]
   workgroup = pn-trading
   server string = PDC on %L (Linux with samba version: -hidden-)
   hosts allow = 192.168.0. 127.
   printing = cups
   log file = /var/log/samba/%m.log
   max log size = 1024
   security = user
   encrypt passwords = yes
   smb passwd file = /etc/samba/smbpasswd
   pam password change = yes
   username map = /etc/samba/smbusers
   obey pam restrictions = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   local master = yes
   os level = 65
   domain master = yes
   preferred master = yes
   domain logons = yes
   logon home = \\%L\%U
   logon path = \\%L\profiles\%U
   dns proxy = no
   status = yes
   domain admin group = @ntadmin
   add user script = /usr/sbin/adduser -n -g machines -c Machine -d 
/dev/null -s /sbin/nologin %m\$
   share modes=yes

[homes]
   comment = Home Directories
   path = /home/%U
   browseable = no
   writable = yes
   valid users = %S
   create mode = 0664
   directory mode = 0775
   guest ok = no
   read only = no
   create mask = 0700
   directory mask = 0700
   oplocks = false
   locking = yes

[netlogon]
    comment = Network Logon Service (Samba)
    path = /home/samba/netlogon
    read only = yes
    share modes = no
    write list = ntadmin

[profiles]
    comment = The roaming profile share.
    path = //home/nt-profiles/%U
    read only = no
    create mask = 0600
    directory mask = 0700
    browseable = no

[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes

****************

the log file /var/log/samba/ibm.log (the 2K's netbios name)
contains these very cryptic messages, that aren'r generated from a 
pattern I can discern (i.e. not every time I get the BSOD, for instance, 
but could nonetheless be a result thereof. I include them for reference.

[2003/06/10 10:09:30, 0] lib/util_sock.c:read_data(436)
  read_data: read failure for 4. Error = Connection reset by peer
[2003/06/10 10:10:57, 0] lib/util_sock.c:read_data(436)
  read_data: read failure for 4. Error = Connection reset by peer
[2003/06/10 10:27:28, 0] lib/util_sock.c:read_data(436)
  read_data: read failure for 4. Error = Connection reset by peer
[2003/06/10 10:47:37, 0] smbd/service.c:make_connection(252)
  ibm (192.168.0.190) couldn't find service 
::{2227a280-3aea-1069-a2de-08002b30309d}
[2003/06/10 11:18:45, 0] lib/util_sock.c:read_data(436)
  read_data: read failure for 4. Error = Connection reset by peer

****************
the dir tree for /home/ with the permissions I mentioned looks like this

I know it's messy, I know anders-l:ntusers shouldn't own /home, I've
just
been messing with it to see if I could get a different result - not so 
however.

anders-l is in group ntusers and root is in ntadmins.

./anders-l:
total 24
drwx------    2 anders-l ntusers      4096 Jun 10 15:33 .
drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
-rw-r--r--    1 anders-l ntusers        24 Jun  6 12:53 .bash_logout
-rw-r--r--    1 anders-l ntusers       191 Jun  6 12:53 .bash_profile
-rw-r--r--    1 anders-l ntusers       259 Jun  6 12:53 .bashrc
-rw-r--r--    1 anders-l ntusers       120 Jun  6 12:53 .gtkrc
./nt-admin:
total 24
drwx------    2 nt-admin root         4096 Jun  6 17:05 .
drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
-rw-r--r--    1 nt-admin root           24 Jun  6 17:05 .bash_logout
-rw-r--r--    1 nt-admin root          191 Jun  6 17:05 .bash_profile
-rw-r--r--    1 nt-admin root          259 Jun  6 17:05 .bashrc
-rw-r--r--    1 nt-admin root          120 Jun  6 17:05 .gtkrc
./samba:
total 12
drwxr-xr-x    3 root     ntadmins     4096 Jun 10 11:23 .
drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
drwxrwxr-x    2 root     ntadmins     4096 Jun 10 09:32 netlogon
./samba/netlogon:
total 8
drwxrwxr-x    2 root     ntadmins     4096 Jun 10 09:32 .
drwxr-xr-x    3 root     ntadmins     4096 Jun 10 11:23 ..

******************

Well, that should do it.
Appreciate yall's input.

Sincerely,

Anders

On Tue, 10 Jun 2003 16:30:11 +0200 (CEST), Anders wrote
> Hello,
> 
> Have wrestled this one for about a week, now, getting frustrated ;-)
> 
> Running samba as PDC for my domain (cf. smb.conf further down)
> When logging in on my 2K Pro machine, I first get a "can't find 
> roaming profile, attempting local profile"-error, but logon using my 
> user's smb account accepts only the correct password and so the 
> identification part works well.
> 
> Next, the screen on my 2K plays the chimes, displays the background 
> for a little while, and then the Blue Screen Of Death with the brief 
> text "... the windows logon process terminated unexpectedly ..."
and
> subsequent automatic reboot.
> 
> I'd appreciate any help.
> 
> I have some thoughts of what could be wrong, but I'm at road's end 
> trying to do something about it, not even knowing if it's the true
problem.
> 
> Oh, and btw, I've tried two different 2K machines, same result.
> 
> Possible errors:
> 
> * the user anders-l exists only on the PDC and not locally on the 2K 
> machine, hence it could die trying to find a local profile.
> 
> * the owner structure on the PDC /home/%U stuff could be messed up 
> (see below) (not sure how this would cause the BSOD though)
> 
> * the //dl280/profile share doesn't show when listing the shares 
> (see below), should it? (also unsure how this would cause the BSOD)
> 
> * I've made a darn stupid hum-dinger of a rookie error (and really,
>  what better way to expose your ignorance than to post to a list - 
> right?)
> 
> Follows some helpful(?) stats:
> 
> *********************
> 
> $ smbclient -L //dl380 -U anders-l
> added interface ip=192.168.0.191 bcast=192.168.0.255 nmask=255.255.255.0
> Password:
> Domain=[PN-TRADING] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]
> 
>         Sharename      Type      Comment
>         ---------      ----      -------
>         netlogon       Disk      Network Logon Service (Samba)
>         IPC$           IPC       IPC Service (PDC on dl380 (Linux 
> with samba version: -hidden-)        ADMIN$         Disk      IPC 
> Service (PDC on dl380 (Linux with samba version: -hidden-)       
>  anders-l       Disk      Home Directories
> 
>         Server               Comment
>         ---------            -------
>         DL380                PDC on dl380 (Linux with samba version: 
> -hidden-
> 
>         Workgroup            Master
>         ---------            -------
>         PN-TRADING           DL380
> 
> ************************
> 
> <a trimmed smb.conf, for brevity. The complete one posted on 
> http://www.dsv.su.se/~anders-l/samba/smb.conf> (full of crap 
> comments, work notes etc, just in case you'll need to see it.) This 
> one is the same, just with all comments grep -v:ed
> 
> [global]
>    workgroup = pn-trading
>    server string = PDC on %L (Linux with samba version: -hidden-)
>    hosts allow = 192.168.0. 127.
>    printing = cups
>    log file = /var/log/samba/%m.log
>    max log size = 1024
>    security = user
>    encrypt passwords = yes
>    smb passwd file = /etc/samba/smbpasswd
>    pam password change = yes
>    username map = /etc/samba/smbusers
>    obey pam restrictions = yes
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>    local master = yes
>    os level = 65
>    domain master = yes
>    preferred master = yes
>    domain logons = yes
>    logon home = \\%L\%U
>    logon path = \\%L\profiles\%U
>    dns proxy = no
>    status = yes
>    domain admin group = @ntadmin
>    add user script = /usr/sbin/adduser -n -g machines -c Machine -d 
> /dev/null -s /sbin/nologin %m\$
>    share modes=yes
> 
> [homes]
>    comment = Home Directories
>    path = /home/%U
>    browseable = no
>    writable = yes
>    valid users = %S
>    create mode = 0664
>    directory mode = 0775
>    guest ok = no
>    read only = no
>    create mask = 0700
>    directory mask = 0700
>    oplocks = false
>    locking = yes
> 
> [netlogon]
>     comment = Network Logon Service (Samba)
>     path = /home/samba/netlogon
>     read only = yes
>     share modes = no
>     write list = ntadmin
> 
> [profiles]
>     comment = The roaming profile share.
>     path = //home/nt-profiles/%U
>     read only = no
>     create mask = 0600
>     directory mask = 0700
>     browseable = no
> 
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    browseable = no
>    guest ok = no
>    writable = no
>    printable = yes
> 
> ****************
> 
> the log file /var/log/samba/ibm.log (the 2K's netbios name)
> contains these very cryptic messages, that aren'r generated from a 
> pattern I can discern (i.e. not every time I get the BSOD, for 
> instance, but could nonetheless be a result thereof. I include them 
> for reference.
> 
> [2003/06/10 10:09:30, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:10:57, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:27:28, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> [2003/06/10 10:47:37, 0] smbd/service.c:make_connection(252)
>   ibm (192.168.0.190) couldn't find service 
> ::{2227a280-3aea-1069-a2de-08002b30309d}
> [2003/06/10 11:18:45, 0] lib/util_sock.c:read_data(436)
>   read_data: read failure for 4. Error = Connection reset by peer
> 
> ****************
> the dir tree for /home/ with the permissions I mentioned looks like this
> 
> I know it's messy, I know anders-l:ntusers shouldn't own /home,
I've
> just been messing with it to see if I could get a different result - 
> not so however.
> 
> anders-l is in group ntusers and root is in ntadmins.
> 
> ./anders-l:
> total 24
> drwx------    2 anders-l ntusers      4096 Jun 10 15:33 .
> drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
> -rw-r--r--    1 anders-l ntusers        24 Jun  6 12:53 .bash_logout
> -rw-r--r--    1 anders-l ntusers       191 Jun  6 12:53 .bash_profile
> -rw-r--r--    1 anders-l ntusers       259 Jun  6 12:53 .bashrc
> -rw-r--r--    1 anders-l ntusers       120 Jun  6 12:53 .gtkrc
> ./nt-admin:
> total 24
> drwx------    2 nt-admin root         4096 Jun  6 17:05 .
> drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
> -rw-r--r--    1 nt-admin root           24 Jun  6 17:05 .bash_logout
> -rw-r--r--    1 nt-admin root          191 Jun  6 17:05 .bash_profile
> -rw-r--r--    1 nt-admin root          259 Jun  6 17:05 .bashrc
> -rw-r--r--    1 nt-admin root          120 Jun  6 17:05 .gtkrc
> ./samba:
> total 12
> drwxr-xr-x    3 root     ntadmins     4096 Jun 10 11:23 .
> drwxr-xr-x    6 anders-l ntusers      4096 Jun 10 15:33 ..
> drwxrwxr-x    2 root     ntadmins     4096 Jun 10 09:32 netlogon
> ./samba/netlogon:
> total 8
> drwxrwxr-x    2 root     ntadmins     4096 Jun 10 09:32 .
> drwxr-xr-x    3 root     ntadmins     4096 Jun 10 11:23 ..
> 
> ******************
> 
> Well, that should do it.
> Appreciate yall's input.
> 
> Sincerely,
> 
> Anders
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
I would think it is a problem on the Winblows machine. I run 2k XP and 98 on 
my samba domains. My 2k machine right after login started rebooting itself. 
Come to find out it was the tape driver that caused this. So what I am saying 
is look at the rest of the software that loads on this machine. It may not be 
the network stuff at all. BTW (sound files have caused this too.)

Tom
--
Internet Service Provided By Abyss Communications
Internet Service only $10 a month
1-866-842-2977