Hi all, We have an old 3.0.7 samba running as PDC. As we have problems with XP64 clients accessing the domain, I compiled a 3.0.23c and copied the smb.conf. Some of the client work well with the new Samba, but most of them do not. Was there any relevant change in the smb.conf part between the two versions? Thanks Bgs
I tried an older 3.0.14a as well, but it doesn't authenticate either... It has to be some change between 3.0.7 and 3.0.14... Dale Schroeder wrote:> > Release Notes for Samba 3.0.23c > <http://us4.samba.org/samba/history/samba-3.0.23c.html> > > Bgs wrote: >> >> Hi all, >> >> >> We have an old 3.0.7 samba running as PDC. As we have problems with >> XP64 clients accessing the domain, I compiled a 3.0.23c and copied the >> smb.conf. Some of the client work well with the new Samba, but most of >> them do not. Was there any relevant change in the smb.conf part >> between the two versions? >> >> Thanks >> Bgs >>
John Drescher
2006-Nov-07 19:14 UTC
Fwd: [Spam] [Samba] smb.conf 3.0.7 -> 3.0.23c domain master problem
---------- Forwarded message ---------- From: John Drescher <drescherjm@gmail.com> Date: Nov 7, 2006 2:13 PM Subject: Re: [Spam] [Samba] smb.conf 3.0.7 -> 3.0.23c domain master problem To: Bgs <bgs@szemelyes.info> On 11/7/06, Bgs <bgs@szemelyes.info> wrote:> > > I tried an older 3.0.14a as well, but it doesn't authenticate either... > It has to be some change between 3.0.7 and 3.0.14... > > > Dale Schroeder wrote: > > > > Release Notes for Samba 3.0.23c > > < http://us4.samba.org/samba/history/samba-3.0.23c.html> > > > > Bgs wrote: > >> > >> Hi all, > >> > >> > >> We have an old 3.0.7 samba running as PDC. As we have problems with > >> XP64 clients accessing the domain, I compiled a 3.0.23c and copied the > >> smb.conf. Some of the client work well with the new Samba, but most of > >> them do not. Was there any relevant change in the smb.conf part > >> between the two versions? > >> > >> Thanks > >> Bgs > >> > -- >I'm confused... Are you saying that this worked in 3.0.7 as I have had no success with connecting XP64 to the domain (well actually only user administrator can login on one box). I have tried many versions of samba but nothing as old as 3.0.7. My temp solution is I had created local accounts on the XP64 machines for the users to login that were the same as there network username and thus bypass the domain login for the few users with the xp64 machines. John -- John M. Drescher
Ok let me clarify, it seems I was not clear about my problem. There
are two thing involved. The first is that we want to connect xp64
machines to the domain, this is why we started the whole upgrade
process. but where I'm stuck now is that if I start the newer version
(3.0.23c, I just wanted to try and older version too, that's why I had
3.0.14a too) then _none_ of the machines can authenticate.
So I don't know if xp64 works or not as there seems to be some other
problem involved. I always get "session setup failed:
NT_STATUS_LOGON_FAILURE" errors with smbclient with the clients that
work fine with 3.0.7 (all normal XP nodes).
As a first step I did a plain copy on the smb.conf and tried that.
Since then I tried a lot of config tweaks but to no avail.
I hope I managed to lift the fog from the issue :)
I attach the main smb.conf config part as it is right now and also
excerpts from the smbd.log debug info as best as I could extract
relevant info.
Regards
Bgs
smb.conf
[global]
workgroup = MYDOMAIN
server string = MYSAMBA
min protocol = NT1
acl compatibility = Auto
socket options = TCP_NODELAY SO_SNDBUF=8576 SO_RCVBUF=8576
add user script = /usr/sbin/adduser -n -g machines -c Machine
-d /dev/null -s /bin/false %u$
logon script = logon.bat
logon path domain logons = Yes
os level = 100
preferred master = Yes
domain master = Yes
wins support = yes
ldap ssl = no
admin users = bgs, @sambaadmin
hosts allow = 192.168.3.
wins hook = /usr/local/bin/named-add
security = user
log level = 10 passdb:10 auth:10 winbind:10
syslog = 3
and the logs:
[2006/11/09 10:16:38, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(488)
check_ntlm_password: Checking password for unmapped user
[MYDOMAIN]\[bgs]@[BGS] with the new password interface
getsmbfilepwent: returning passwd entry for user viktor, uid 624
[2006/11/09 10:16:38, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(488)
getsampwnam (smbpasswd): search by name: bgs
getsmbfilepwent: returning passwd entry for user poj, uid 634
[2006/11/09 10:16:38, 10] passdb/pdb_smbpasswd.c:startsmbfilepwent(184)
startsmbfilepwent_internal: opening file
/usr/local/samba/private/smbpasswd
.
(checks all entries in /usr/local/samba/private/smbpasswd)
.
[2006/11/09 10:16:38, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(488)
getsmbfilepwent: returning passwd entry for user bgs, uid 613
[2006/11/09 10:16:38, 7] passdb/pdb_smbpasswd.c:endsmbfilepwent(301)
endsmbfilepwent_internal: closed password file.
[2006/11/09 10:16:38, 10] passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1335)
getsampwnam (smbpasswd): found by name: bgs
[2006/11/09 10:16:38, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user bgs
[2006/11/09 10:16:38, 5] lib/username.c:Get_Pwnam_internals(75)
[2006/11/09 10:16:38, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
Trying _Get_Pwnam(), username as lowercase is bgs
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/11/09 10:16:38, 10] passdb/lookup_sid.c:gid_to_sid(1137)
gid_to_sid: local 508 -> S-1-22-2-508
[2006/11/09 10:16:38, 5] lib/username.c:Get_Pwnam_internals(108)
push_sec_ctx(99, 99) : sec_ctx_stack_ndx = 1
Get_Pwnam_internals did find user [bgs]!
[2006/11/09 10:16:38, 10] passdb/pdb_get_set.c:pdb_set_username(534)
push_conn_ctx(101) : conn_ctx_stack_ndx = 0
pdb_set_username: setting username bgs, was
[2006/11/09 10:16:38, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/11/09 10:16:38, 10] passdb/pdb_get_set.c:pdb_set_fullname(603)
pdb_set_full_name: setting full name Bgs, was
[2006/11/09 10:16:38, 4] lib/substitute.c:automount_server(407)
pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0
Home server: mysamba
[2006/11/09 10:16:38, 10] passdb/pdb_get_set.c:pdb_set_homedir(696)
pdb_set_homedir: setting home dir \\mysamba\bgs, was
[2006/11/09 10:16:38, 7] rpc_parse/parse_prs.c:prs_debug(84)
pdb_set_username: setting username bgs, was
000004 smb_io_chal
[2006/11/09 10:16:38, 5] rpc_parse/parse_prs.c:prs_uint8s(851)
pdb_set_domain: setting domain MYDOMAIN, was
0004 data: dd fa 58 b0 8f cc 3c b5
[2006/11/09 10:16:38, 10] passdb/pdb_get_set.c:pdb_set_fullname(603)
00000c smb_io_utime
pdb_set_full_name: setting full name Bgs, was
[2006/11/09 10:16:38, 4] lib/substitute.c:automount_server(407)
000c time: 4552f755
Home server: mysamba
[2006/11/09 10:16:38, 5] rpc_parse/parse_prs.c:prs_uint16(675)
0010 switch_value: 0003
[2006/11/09 10:16:38, 10] passdb/pdb_get_set.c:pdb_set_homedir(696)
[2006/11/09 10:16:38, 6] rpc_parse/parse_prs.c:prs_debug(84)
pdb_set_homedir: setting home dir \\mysamba\bgs, was
000014 net_io_user_info3
[2006/11/09 10:16:38, 10] passdb/pdb_get_set.c:pdb_set_dir_drive(672)
[2006/11/09 10:16:38, 5] rpc_parse/parse_prs.c:prs_uint32(704)
pdb_set_dir_drive: setting dir drive , was NULL
0014 ptr_user_info : 00000001
Dale Schroeder wrote:> Here's an old bug
>
<http://lists.samba.org/archive/samba-technical/2005-June/041399.html>
> from 3.0.14, but it should have been fixed. So, your best bet is to
> post your smb.conf and any log files that have errors listed. Then one
> of the Samba gurus might be able to help.
>
> Good luck,
>
> Dale
>
>
> Bgs wrote:
>>
>> I tried an older 3.0.14a as well, but it doesn't authenticate
>> either... It has to be some change between 3.0.7 and 3.0.14...
>>
>>
>> Dale Schroeder wrote:
>>>
>>> Release Notes for Samba 3.0.23c
>>> <http://us4.samba.org/samba/history/samba-3.0.23c.html>
>>>
>>> Bgs wrote:
>>>>
>>>> Hi all,
>>>>
>>>>
>>>> We have an old 3.0.7 samba running as PDC. As we have problems
with
>>>> XP64 clients accessing the domain, I compiled a 3.0.23c and
copied
>>>> the smb.conf. Some of the client work well with the new Samba,
but
>>>> most of them do not. Was there any relevant change in the
smb.conf
>>>> part between the two versions?
>>>>
>>>> Thanks
>>>> Bgs
>>>>