Samba 3.0.2a-Debian I have a somewhat working PDC server, but have some difficulties adding more users. I managed to create a user, anna, a couple of days ago, it she works fine from my wireless laptop. To sort out some problems I have with the logon.bat script [see sambalist "Netlogon script executes randomly"], I am also including my desktop computer to the domain. I've run the following commands on the server: useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s /bin/false frode and smbpasswd -a frode and net groupmap modify ntgroup="Domain Users" unixgroup=users When I switch the XP computer from workgroup to domain I get a popup box for username/password for the domain. Here I write username frode, and the password I set with smbpasswd. XP responds with a "Access denied" message. The samba logfile says: [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [frode] -> [frode] -> [frode] succeeded [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD -> S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x00000211) [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD -> S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x00000201; required: 0x00000010) [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) Closing connections My smb.conf: # Setting up Samba 3.0 as a Primary Domain Controller [global] # Server settings netbios name = sauroman workgroup = ISENGARD server string = Testing PDC security = user # guest account = smbguest encrypt passwords = yes # PDC settings domain logons = yes logon script = newlog.bat # Browser and WINS settings domain master = yes local master = yes preferred master = yes os level = 255 wins support = yes # Other services time server = yes # Debugging and Logging log level = 2 log file = /tmp/samba_%m.log max log size = 1000 #1MB debug timestamp = yes syslog = 1 [netlogon] path = /var/lib/samba/netlogon browseable = yes writable = yes # set this to no again! [homes] comment = Home for %u writeable = yes browseable = no ; map archive = yes ;?
Radio Gong 2000 GmbH & Co. KG [Technik]
2004-Mar-26 09:29 UTC
[Samba] XP gives Access denied for domain logon
Did you apply the SIGN-OR-SEAL-Patch for the registry? Am Freitag, 26. M?rz 2004 10:21 schrieb Frode Lillerud:> Samba 3.0.2a-Debian > > I have a somewhat working PDC server, but have some difficulties adding > more users. I managed to create a user, anna, a couple of days ago, it > she works fine from my wireless laptop. > > To sort out some problems I have with the logon.bat script [see > sambalist "Netlogon script executes randomly"], I am also including my > desktop computer to the domain. > > I've run the following commands on the server: > useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s > /bin/false frode > and > smbpasswd -a frode > and > net groupmap modify ntgroup="Domain Users" unixgroup=users > > When I switch the XP computer from workgroup to domain I get a popup box > for username/password for the domain. Here I write username frode, and > the password I set with smbpasswd. > > XP responds with a "Access denied" message. > > The samba logfile says: > [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) > check_ntlm_password: authentication for user [frode] -> [frode] -> > [frode] succeeded > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_object(93) > _samr_open_domain: ACCESS DENIED (requested: 0x00000211) > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_function(115) > _samr_create_user: ACCESS DENIED (granted: 0x00000201; required: > 0x00000010) > [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) > Closing connections > > My smb.conf: > # Setting up Samba 3.0 as a Primary Domain Controller > > [global] > # Server settings > netbios name = sauroman > workgroup = ISENGARD > server string = Testing PDC > security = user > # guest account = smbguest > encrypt passwords = yes > > # PDC settings > domain logons = yes > logon script = newlog.bat > > # Browser and WINS settings > domain master = yes > local master = yes > preferred master = yes > os level = 255 > wins support = yes > > # Other services > time server = yes > > # Debugging and Logging > log level = 2 > log file = /tmp/samba_%m.log > max log size = 1000 #1MB > debug timestamp = yes > syslog = 1 > > [netlogon] > path = /var/lib/samba/netlogon > browseable = yes > writable = yes # set this to no again! > > [homes] > comment = Home for %u > writeable = yes > browseable = no > ; map archive = yes ;?-- Mit freundlichen Gr?ssen Sascha Bieler _______________________________________________ Radio Gong 2000 GmbH & Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 M?nchen Tel.: +49 89 38 166 181 Fax.: +49 89 38 166 180
hello as I know right regpatch XP for samba >3 not needed, but did you set up the machine account and did you make the machine known with an sambaadmin account ? sambaadmin account must be user id 0 and group id 0 if I do not fail ;) mit freundlichen Grüssen Björn "Frode Lillerud" <frode@lillerud.no> schrieb im Newsbeitrag news:000101c41313$b69b3d70$0300000a@Frodo...> Samba 3.0.2a-Debian > > I have a somewhat working PDC server, but have some difficulties adding > more users. I managed to create a user, anna, a couple of days ago, it > she works fine from my wireless laptop. > > To sort out some problems I have with the logon.bat script [see > sambalist "Netlogon script executes randomly"], I am also including my > desktop computer to the domain. > > I've run the following commands on the server: > useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s > /bin/false frode > and > smbpasswd -a frode > and > net groupmap modify ntgroup="Domain Users" unixgroup=users > > When I switch the XP computer from workgroup to domain I get a popup box > for username/password for the domain. Here I write username frode, and > the password I set with smbpasswd. > > XP responds with a "Access denied" message. > > The samba logfile says: > [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) > check_ntlm_password: authentication for user [frode] -> [frode] -> > [frode] succeeded > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_object(93) > _samr_open_domain: ACCESS DENIED (requested: 0x00000211) > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) > Returning domain sid for domain ISENGARD -> > S-1-5-21-2641962930-4089608471-2571597100 > [2004/03/26 10:16:03, 2] > rpc_server/srv_samr_nt.c:access_check_samr_function(115) > _samr_create_user: ACCESS DENIED (granted: 0x00000201; required: > 0x00000010) > [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) > Closing connections > > My smb.conf: > # Setting up Samba 3.0 as a Primary Domain Controller > > [global] > # Server settings > netbios name = sauroman > workgroup = ISENGARD > server string = Testing PDC > security = user > # guest account = smbguest > encrypt passwords = yes > > # PDC settings > domain logons = yes > logon script = newlog.bat > > # Browser and WINS settings > domain master = yes > local master = yes > preferred master = yes > os level = 255 > wins support = yes > > # Other services > time server = yes > > # Debugging and Logging > log level = 2 > log file = /tmp/samba_%m.log > max log size = 1000 #1MB > debug timestamp = yes > syslog = 1 > > [netlogon] > path = /var/lib/samba/netlogon > browseable = yes > writable = yes # set this to no again! > > [homes] > comment = Home for %u > writeable = yes > browseable = no > ; map archive = yes ;? > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Apparently Analagous Threads
- "A device attached to the system is not functioning"
- XP gives Access denied for domain logon - solved, but with new problem
- Netlogon script executes randomly
- Getting stats for logged in domain users?
- Problem connecting XP to domain: "...specified domain either does not exist..."