Chris Smith
2007-May-17 16:06 UTC
[Samba] "net sam set workstations ..." prevents users from using domain resources from non-domain member systems
Running into a serious problem here with 3.0.24 + patches. The shop has a mix of domain member computers and privately owned non-domain member computers. I'm trying to use "net sam set workstations" to limit the workstations domain users can log onto. This limitation works as expected. And domain member workstations all work properly. But once the workstation limit is put in place the users on their own workstations (non-domain member boxes) can no longer access domain resources such as mapped drives which they could previously do after supplying the proper credentials. Now even with proper credentials Windows returns "unexpected network error" when these users try to use the domain resources. If I remove the workstation logon limitation all works again as expected. Is there a fix for this? Thank you, Chris
Gerald (Jerry) Carter
2007-May-18 15:42 UTC
[Samba] "net sam set workstations ..." prevents users from using domain resources from non-domain member systems
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chris,> Running into a serious problem here with 3.0.24 + patches. > The shop has a mix of domain member computers and privately owned non-domain > member computers. I'm trying to use "net sam set workstations" to limit the > workstations domain users can log onto. This limitation works as expected. > And domain member workstations all work properly. > > But once the workstation limit is put in place the users on their own > workstations (non-domain member boxes) can no longer access domain resources > such as mapped drives which they could previously do after supplying the > proper credentials. Now even with proper credentials Windows > returns "unexpected network error" when these users try to use the domain > resources. If I remove the workstation logon limitation all works again as > expected.My suggestion is to start looking at the level 10 debug logs from the failed connections and see what is going on. cheers, jerry ====================================================================Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGTclOIR7qMdg1EfYRAhKkAKDKcYDSkYimNzZOmEyVuekgoprh8ACfcFHE eC4nCOtlBsOxO6dC2s/ihB4=n2Ij -----END PGP SIGNATURE-----
Reasonably Related Threads
- problem with net sam set workstations
- prevent "delete user script" to delete special Samba user
- Samba + LDAP cannot get account from NT4
- DO NOT REPLY [Bug 4402] New: Incorrect time logged with glibc 2.5
- problem with samba 3.0.23c and windows NT4 workstation