Sebastian Rodriguez Guevara
2005-Apr-29 20:06 UTC
[Samba] Can't login samba domain from xp/2k
Hello everybody. I am having troubles to log on a samba domain from winxp and win 2000 workstations. I patched the registry with the requiresignorseal=0, changed the local and group policies (following various comments found on the web), and added the machine account for samba (obviously, /etc/passwd too). I tried with samba 3.0.7, 3.0.10 and 3.0.13, Winxp with and without sp2, and win200 sp4. The computers join the domain without problems, but users can't log in. Win9x works fine. I put the log level on the high value (10), but i didn't find any difference in log files when I try to login from Win9x (the workin one) or winxp/2k (non working). I can see the domain from "my network places" when I am working in a workgroup. Tanks you all This is the error: "The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect" This is my smb.conf [global] workgroup = DOMINIO netbios name = DOMAINSERVER server string = Samba Server %v printcap name = cups load printers = yes printing = cups printer admin = @adm log file = /var/log/samba3/log.%m max log size = 500 log level = 10 hosts allow = 192.168. 127. map to guest = bad user security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd unix password sync = no pam password change = yes passwd program = /usr/bin/passwd %u socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon script = logon.bat add user script = /usr/sbin/useradd -s /bin/false '%u' delete user script = /usr/sbin/userdel '%s' add user to group script = /usr/bin/gpasswd -a '%u' '%g' delete user from group script = /usr/bin/gpasswd -d '%u' '%g' set primary group script = /usr/sbin/usermod -g '%g' '%u' add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}' delete group script = /usr/sbin/groupdel '%g' add machine script = /usr/sbin/useradd -d /dev/null -g smbmaq -c 'Machine Account' -s /bin/false -M %u"$" passdb backend = smbpasswd guest name resolve order = wins lmhosts bcast wins support = yes wins proxy = no dns proxy = no preserve case = yes short preserve case = yes case sensitive = no valid users = +smbuser,root force group = +smbuser #============================ Share Definitions =============================[homes] comment = Carpeta Personal de %U path = /smbshare/homes/share/%S browseable = no writable = yes create mask = 0700 directory mask = 0700 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = yes guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr-cups -P %p -o raw %s -r [Common] comment = Recurso publico path = /smbshare/std/share valid users = +smbuser public = no writable = yes printable = no create mask = 0770 force create mode = 0770 directory mode = 0770 force directory mode = 0770 force group = smbuser hide unreadable = yes -- *Sebasti?n Rodr?guez Guevara* Soporte T?cnico Blitz Information Technologies www.blitzIT.com.ar (011) 4583-3334 Int.33
Sebastian Rodriguez Guevara
2005-May-03 12:22 UTC
[Samba] Can't login samba domain from xp/2k
Hello everybody. I am having troubles to log on a samba domain from winxp and win 2000 workstations. I patched the registry with the requiresignorseal=0, changed the local and group policies (following various comments found on the web), and added the machine account for samba (obviously, /etc/passwd too). I tried with samba 3.0.7, 3.0.10 and 3.0.13, Winxp with and without sp2, and win200 sp4. The computers join the domain without problems, but users can't log in. Win9x works fine. I put the log level on the high value (10), but i didn't find any difference in log files when I try to login from Win9x (the workin one) or winxp/2k (non working). I can see the domain from "my network places" when I am working in a workgroup. Tanks you all This is the error: "The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect" This is my smb.conf [global] workgroup = DOMINIO netbios name = DOMAINSERVER server string = Samba Server %v printcap name = cups load printers = yes printing = cups printer admin = @adm log file = /var/log/samba3/log.%m max log size = 500 log level = 10 hosts allow = 192.168. 127. map to guest = bad user security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd unix password sync = no pam password change = yes passwd program = /usr/bin/passwd %u socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon script = logon.bat add user script = /usr/sbin/useradd -s /bin/false '%u' delete user script = /usr/sbin/userdel '%s' add user to group script = /usr/bin/gpasswd -a '%u' '%g' delete user from group script = /usr/bin/gpasswd -d '%u' '%g' set primary group script = /usr/sbin/usermod -g '%g' '%u' add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}' delete group script = /usr/sbin/groupdel '%g' add machine script = /usr/sbin/useradd -d /dev/null -g smbmaq -c 'Machine Account' -s /bin/false -M %u"$" passdb backend = smbpasswd guest name resolve order = wins lmhosts bcast wins support = yes wins proxy = no dns proxy = no preserve case = yes short preserve case = yes case sensitive = no valid users = +smbuser,root force group = +smbuser #============================ Share Definitions =============================[homes] comment = Carpeta Personal de %U path = /smbshare/homes/share/%S browseable = no writable = yes create mask = 0700 directory mask = 0700 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no [printers] comment = All Printers path = /var/spool/samba browseable = yes guest ok = yes writable = no printable = yes create mode = 0700 print command = lpr-cups -P %p -o raw %s -r [Common] comment = Recurso publico path = /smbshare/std/share valid users = +smbuser public = no writable = yes printable = no create mask = 0770 force create mode = 0770 directory mode = 0770 force directory mode = 0770 force group = smbuser hide unreadable = yes -- *Sebasti?n Rodr?guez Guevara* Soporte T?cnico Blitz Information Technologies www.blitzIT.com.ar (011) 4583-3334 Int.33