I currently have samba setup as a file/login server. A variety of clients running Windows 2000 and XP 32-bit authenticate normally without any issues. I just brought up a Windows XP 64-bit box made the standard group policy changes and joined the domain without any issues. When attempting to login against the domain Windows returns "A remote procedure call (RPC) protocol error occurred". The samba log for the client appears to indicate that the credentials were correct. I have tried both versions 3.0.14a and 3.0.20pre1-SVN-build-766 with the exact same results. The output from testparm: Load smb config files from /usr/local/etc/smb.conf Processing section "[homes]" Processing section "[netlogon]" Processing section "[mp3s]" Processing section "[world]" Processing section "[wwwroot]" Processing section "[apps]" Processing section "[mame]" Processing section "[media]" Processing section "[backup]" Server's Role (logon server) NOT ADVISED with domain-level security Loaded services file OK. Server role: ROLE_DOMAIN_BDC Press enter to see a dump of your service definitions [global] workgroup = HOME interfaces = xl0 security = DOMAIN log file = /var/log/samba/log.%m time server = Yes logon script = logon.bat logon drive = u: logon home = \\panther\%U domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes invalid users = bin, daemon, sys, man, mail, ftp, alias, qmaill, qmaild, qmailp, qmailq, qmailr, qmails, sshd, bind, uucp admin users = @wheel [homes] read only = No create mask = 0600 directory mask = 0700 [netlogon] path = /export/home/samba/netlogon admin users = brian browseable = No [world] comment = Misc Share path = /world valid users = @samba read only = No [apps] comment = Applications path = /storage01/apps valid users = @samba read only = No [media] comment = Media Share path = /storage01/media valid users = @samba read only = No [backup] comment = PC Backups path = /storage01/pc.backup valid users = @staff read only = No It's interesting that the box can join the domain and successfully connect to network shares - it just fails to authenticate. I'm probably missing something obvious but a search of the list archives and the web didn't produce any solutions. Thanks, Brian
It probably has nothing to do with the 64 bit processer. It sounds like there is somthing in the windows registry that not right, You migh try messing with the different setting in HKLM\System\CurrnetControlSet\Services\Netlogon\Parameters\ Things like sealsecurechannel or signsecurechannel my need to be changed to a 0, also I know it should not make a difference you might also want to change requiresignalorseal . Good Luck On 6/17/05, Brian Ruth <brian@bigkitty.org> wrote:> I currently have samba setup as a file/login server. A variety of > clients running Windows 2000 and XP 32-bit authenticate normally without > any issues. I just brought up a Windows XP 64-bit box made the standard > group policy changes and joined the domain without any issues. When > attempting to login against the domain Windows returns "A remote > procedure call (RPC) protocol error occurred". > > The samba log for the client appears to indicate that the credentials > were correct. I have tried both versions 3.0.14a and > 3.0.20pre1-SVN-build-766 with the exact same results. > > The output from testparm: > Load smb config files from /usr/local/etc/smb.conf > Processing section "[homes]" > Processing section "[netlogon]" > Processing section "[mp3s]" > Processing section "[world]" > Processing section "[wwwroot]" > Processing section "[apps]" > Processing section "[mame]" > Processing section "[media]" > Processing section "[backup]" > Server's Role (logon server) NOT ADVISED with domain-level security > Loaded services file OK. > Server role: ROLE_DOMAIN_BDC > Press enter to see a dump of your service definitions > [global] > workgroup = HOME > interfaces = xl0 > security = DOMAIN > log file = /var/log/samba/log.%m > time server = Yes > logon script = logon.bat > logon drive = u: > logon home = \\panther\%U > domain logons = Yes > os level = 65 > preferred master = Yes > domain master = Yes > wins support = Yes > invalid users = bin, daemon, sys, man, mail, ftp, alias, qmaill, > qmaild, qmailp, qmailq, qmailr, qmails, sshd, bind, uucp > admin users = @wheel > > [homes] > read only = No > create mask = 0600 > directory mask = 0700 > > [netlogon] > path = /export/home/samba/netlogon > admin users = brian > browseable = No > > [world] > comment = Misc Share > path = /world > valid users = @samba > read only = No > > [apps] > comment = Applications > path = /storage01/apps > valid users = @samba > read only = No > > [media] > comment = Media Share > path = /storage01/media > valid users = @samba > read only = No > > [backup] > comment = PC Backups > path = /storage01/pc.backup > valid users = @staff > read only = No > > It's interesting that the box can join the domain and successfully > connect to network shares - it just fails to authenticate. I'm probably > missing something obvious but a search of the list archives and the web > didn't produce any solutions. > > Thanks, > Brian > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >
On Fri, Jun 17, 2005 at 05:38:17PM -0400, Brian Ruth wrote:> I currently have samba setup as a file/login server. A variety of > clients running Windows 2000 and XP 32-bit authenticate normally without > any issues. I just brought up a Windows XP 64-bit box made the standard > group policy changes and joined the domain without any issues. When > attempting to login against the domain Windows returns "A remote > procedure call (RPC) protocol error occurred".I've been looking into this with the help of Bj?rn JACKE <bj@SerNet.DE>. So far I've discovered that an XP-64 box seems to do an schannel RPC NETLOGON bind with packet integrety selected (5), but an XP-32 box does the same call with packet privacy (6) selected. This may just be a difference between the registry settings on the 64-bit client test machine (I don't have one here) and my 32-bit vmware XP test machine. It's the reply to the NetrLogonSamLogon request that the 64-bit client doesn't seem to like - after that it shuts down the connection and doesn't talk more. The 32-bit client seems happy with the same reply... I'm still investigating, but without a 64-bit client box to test with it's slow going... Jeremy.