Kevin DeGraaf
2008-Jul-31 14:28 UTC
[Samba] PDC cannot become master browser; cannot change passwords
I am having two problems, possibly related, while performing pre-deployment testing of a Samba/OpenLDAP PDC with data that was vampired from an NT4 PDC. The Samba server fails to become a local master browser, and password change attempts (from a Windows client) fail. I followed Samba-Guide/ntmigration.html (taking some liberties with various items of configuration), ending with step #19. No problems were encountered. I isolated the server and a client on a separate network, promoted Samba to a PDC (step #21), and started the Samba daemons. On the closed network are the following machines: Software: Debian Etch, Samba 3.0.24 NetBIOS: SPACETIME Address: 192.168.1.2 Netmask: 255.255.255.0 Gateway: none Software: Windows XP Professional NetBIOS: ICE-LT021 Address: 192.168.1.50 Netmask: 255.255.255.0 Gateway: none DNS: 192.168.1.2 WINS: 192.168.1.2 Here are my config files and logs: http://kdegraaf.net/samba-wtf/smb.conf http://kdegraaf.net/samba-wtf/slapd.conf http://kdegraaf.net/samba-wtf/log.smbd http://kdegraaf.net/samba-wtf/log.nmbd http://kdegraaf.net/samba-wtf/log.192.168.1.50 http://kdegraaf.net/samba-wtf/log.ice-lt021 The server is running dnscache on 192.168.1.2 and tinydns on 127.0.0.1. The client can ping the server by hostname, indicating that DNS and basic TCP/IP are in working order. The client can successfully join the domain and log in. Problem #1: register_name_response: server at IP 192.168.1.50 rejected our name registration of INTERCLEAN<1d> IP 192.168.1.2 with error code 6. become_local_master_fail2: failed to register name INTERCLEAN<1d> on subnet 192.168.1.2. Failed to become a local master browser. unbecome_local_master_browser: unbecoming local master for workgroup INTERCLEAN on subnet 192.168.1.2 Seriously? Clients can tell servers to stop being servers? Imagine: Internet Explorer: Please stop being a Web server. Apache: I'm sorry, my bad. *unbinds from port 80 and shuts down* Problem #2: I attempted to change my password from the Windows workstation. The request hung for 35 seconds and then I received an error: "The system cannot change your password now because the domain INTERCLEAN is not available." This happened immediately after logging into the domain (and that workstation's cached credential count is set to zero). Per my Google search results, I ensured that the server was resolvable and pingable, and that the client's WINS server address was configured correctly, and that 'nbtstat -c' didn't show any incorrect cached entries. Any help will be appreciated. -- Kevin DeGraaf
Bruno La Torre
2008-Jul-31 16:43 UTC
[Samba] PDC cannot become master browser; cannot change passwords
Kevin DeGraaf ha scritto:> I am having two problems, possibly related, while performing > pre-deployment testing of a Samba/OpenLDAP PDC with data that was > vampired from an NT4 PDC. The Samba server fails to become a local > master browser, and password change attempts (from a Windows client) > fail. > > I followed Samba-Guide/ntmigration.html (taking some liberties with > various items of configuration), ending with step #19. No problems > were encountered. > > I isolated the server and a client on a separate network, promoted > Samba to a PDC (step #21), and started the Samba daemons. > > On the closed network are the following machines: > > Software: Debian Etch, Samba 3.0.24 > NetBIOS: SPACETIME > Address: 192.168.1.2 > Netmask: 255.255.255.0 > Gateway: none > > Software: Windows XP Professional > NetBIOS: ICE-LT021 > Address: 192.168.1.50 > Netmask: 255.255.255.0 > Gateway: none > DNS: 192.168.1.2 > WINS: 192.168.1.2 > > Here are my config files and logs: > http://kdegraaf.net/samba-wtf/smb.conf > http://kdegraaf.net/samba-wtf/slapd.conf > http://kdegraaf.net/samba-wtf/log.smbd > http://kdegraaf.net/samba-wtf/log.nmbd > http://kdegraaf.net/samba-wtf/log.192.168.1.50 > http://kdegraaf.net/samba-wtf/log.ice-lt021 > > The server is running dnscache on 192.168.1.2 and tinydns on > 127.0.0.1. The client can ping the server by hostname, indicating > that DNS and basic TCP/IP are in working order. The client can > successfully join the domain and log in. > > Problem #1: > > register_name_response: server at IP 192.168.1.50 rejected our name > registration of INTERCLEAN<1d> IP 192.168.1.2 with error code 6. > > become_local_master_fail2: failed to register name INTERCLEAN<1d> on > subnet 192.168.1.2. Failed to become a local master browser. > > unbecome_local_master_browser: unbecoming local master for workgroup > INTERCLEAN on subnet 192.168.1.2 > > Seriously? Clients can tell servers to stop being servers? Imagine:in the smb network every host can be a server, who is the server is who wins the election. put local master = yes in smb.conf and change os level = 255> [CUT] > Problem #2: > > I attempted to change my password from the Windows workstation. The > request hung for 35 seconds and then I received an error: "The system > cannot change your password now because the domain INTERCLEAN is not > available." > >I'm not sure but the admin must write on the tree ldap> access to attr=userPassword,sambaNTPassword,sambaLMPassword,shadowLastChangeby dn="cn=Manager,dc=interclean,dc=com" write by anonymous auth> by self write > by * auth