Martin Thomas
2003-Aug-19 00:19 UTC
[Samba] logon script won't start anymore after update 2.2.3a
>Message: 26 >Date: Mon, 18 Aug 2003 10:18:24 +0200 >From: Carsten Springenberg <springenberg@bwv-zk.de> >Subject: [Samba] logon script won't start anymore after update 2.2.3a >-> 2.2.8.a >To: samba@lists.samba.org >Message-ID: <3F408BD0.50607@bwv.net> >Content-Type: text/plain; charset=us-ascii; format=flowed>Dear list, > >last friday I had a frustrating experience during the update of my samba >server. I've been running samba since 1998, now there are 50 users with >win2k-boxes attached - the samba server acting as PDC. Becauce of a swap >of the old server I finally decided to update to 2.2.8a. What I did (in >general):>- installed the new server with suse 8.2 prof >- Installed the suse-rpms for 2.2.8a on the new server. >- shut down smdb/nmdb on the old server and changed ip and name >- copied smb.conf, smbpasswd, secrets.tdb to the new server >- added all the unix users >- changed ip and name on the new server to the values of the old server >- started smdb/nmdb on the new server > >Everything seemed to work. I could logon and got my samba-shares - but >as I found out I got my samba-shares because they have been mapped >previously and not because of my logon script. Further experiments >brought up that the logon scripts didn't run at all at logon-time. > >I tried a lot concerning "logon script" (%u instead %U, changed it to a >f. e. to "logon.bat") but without success. The logon script just sets >the time and maps the shars. The [netlogon]-share doesn't seem to be the >problem either. I read all in the archives concerning this point (and >also googled) but couldn't find something usefull. > >I am not that new to samba but am at a loss anyway. > >So I reversed the changes and fired up my old samba server and am >looking for ideas now.>...It seems that you forgot the transfer the Machine and Domain SID to the new configuration. The domain logon does not work correctly if the Server SID is not the one that is cached in the clients registry during domain join. There are several possibilities: * use smbpasswd to get the SIDs from a running Domain controller, see the documentation of smbpasswd, the options where added in 2.2.8 (or 2.2.7). Although this is the recommended method it did not work for me, I could transfer the Domain SID with smbpasswd but somehow the Machine-SID seems to be importat to but did not transfer correctly * get the SID from the file MACHINE.SID (only available in older Samba versions, I think your 2.2.3a used this file) on your old server, transfer the SID to the new server and import the SID using smbpasswd. * since you used an "old" Samba the SID should be in the file MACHINE.SID, copy this file to your new box in the directory where secrets.tbd is located, stop Samba, move the file secrets.tdb away (backup), restart Samba. On startup Samba can not find secrets.tbd which you moved away and should look for the file MACHINE.SID, import its contents (the SID) into a newly created secrets.tdb and delete MACHINE.SID (I'm not shure but you can grep the Samba source code for MACHINE.SID and see how this is implemented) * The method that worked me, since I already had a secrets.tdb on the old server: - copy the file secrets.tdb on your new server to another directory - stop Samba - replace the file secrets.tdb on your new machine with the file secrets.tdb from your old server (the SIDs are in this file) - start Samba Another reason for your problem might be that the the startup scripts are not accessable for the user that logs in. Hope this helps, good luck Martin --- Martin THOMAS University of Kaiserslautern, Institute of Environmental Engineering, Kaiserslautern (ZIP 67663), Germany
Seemingly Similar Threads
- logon script won't start anymore after update 2.2.3a -> 2.2.8.a
- installing Samba as non-root user at work - please help.
- samba not seen from wins server
- "Secret is bad" -- Winbind with Samba 2.2.2 and Windows 2000 (native mode)
- WINS name resolution doesn't work