Dear all,
I ran PDC on smbpasswd auth.
When i use following the command, i receive :
//////////////////////////////////////////
debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root
Enter root's password:
Creation of workstation account failed
Unable to join domain MYLOVE.
debian:/usr/local/etc/samba_3#
///////////////////////////////////////////////////////
my smb.conf is :
////////////////////////////////////////////////////////////
[global]
netbios name = mylove
server string = Axjooon
workgroup = mylove
os level = 65
prefered master = yes
domain master = yes
local master = yes
domain logons = yes
;misc options
#socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO
RCVBUF=8192
time server = yes
hide dot files = yes
#client code page = 852
#character set = ISO8859-2
smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd
security = user
guest ok = no
invalid users = bin sys ftp man mail
admin users = @admin
wins support = yes
# passdb backend = ldapsam:"ldap://ldap1.company.com
ldap://ldap2.company.com"
# passdb backend = ldapsam:ldap://127.0.0.1/
# ldap admin dn = cn=Manager,dc=mylove,dc=com
#ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com
# ldap suffix = dc=mylove,dc=com
# ldap group suffix = ou=Groups
# ldap user suffix = ou=Users
# ldap machine suffix = ou=Computers
#ldap idmap suffix = ou=Idmap
#add user script = /usr/sbin/smbldap-useradd -m "%u"
#ldap delete dn = Yes
#delete user script = /usr/sbin/smbldap-userdel "%u"
# add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
# add group script = /usr/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/sbin/smbldap-groupdel "%g"
# add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
# delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
# set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%
u'
#domain admin group = @admin
#domain admin users = root
#encrypt password = yes
;logging
log level = 2
log file = /usr/local/etc/samba_3/var/log.%L
max log size = 10000
debug timestamp = yes
syslog = 1
;user roaming profiles path
logon path = \\%N\profiles\%u
;general logon script
logon script = logon.bat
[netlogon]
path = /home/samba/netlogon
public = no
writeable = no
browseable = no
valid users = root@debian
[profiles]
path = /home/samba/profiles
writeable = yes
create mask = 0700
directory mask = 0700
browseable = no
valid users = root@debian
//////////////////////////////////////////////////////////////
my login.bat is :
///////////////////////////////////////////////////////////
@echo off
rem by robowarp.DeleteThis@gmx.de leave to public as it is , dont think
of asking me
rem created for samba 3 login, the bat files were creted on the fly by
genlogin.pl
rem this script is only valid for win2000/NT/XP
rem exec bat for logged in machine ( maybe software status or machine
data )
echo %COMPUTERNAME%
call %COMPUTERNAME%.bat
rem exec bat for login user
echo %USERNAME%
call %USERNAME%.bat
rem exec bat for different groups
rem ifmember.exe must be in the netlogon share download it at
microschrott
ifmember Administrators
if errorlevel 1 call Administrators.bat
ifmember users
if errorlevel 1 call users.bat
//////////////////////////////////////////////////////////////
Please help me................
sounds like your computer doesn't have a machine account. Mohsen Pahlevanzadeh wrote:> Dear all, > I ran PDC on smbpasswd auth. > When i use following the command, i receive : > ////////////////////////////////////////// > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > Enter root's password: > Creation of workstation account failed > Unable to join domain MYLOVE. > debian:/usr/local/etc/samba_3# > /////////////////////////////////////////////////////// > > > my smb.conf is : > > > > //////////////////////////////////////////////////////////// > [global] > netbios name = mylove > server string = Axjooon > workgroup = mylove > os level = 65 > prefered master = yes > domain master = yes > local master = yes > domain logons = yes > ;misc options > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > RCVBUF=8192 > time server = yes > hide dot files = yes > #client code page = 852 > #character set = ISO8859-2 > smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd > > security = user > guest ok = no > invalid users = bin sys ftp man mail > admin users = @admin > wins support = yes > # passdb backend = ldapsam:"ldap://ldap1.company.com > ldap://ldap2.company.com" > # passdb backend = ldapsam:ldap://127.0.0.1/ > # ldap admin dn = cn=Manager,dc=mylove,dc=com > #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com > # ldap suffix = dc=mylove,dc=com > # ldap group suffix = ou=Groups > # ldap user suffix = ou=Users > # ldap machine suffix = ou=Computers > #ldap idmap suffix = ou=Idmap > #add user script = /usr/sbin/smbldap-useradd -m "%u" > #ldap delete dn = Yes > #delete user script = /usr/sbin/smbldap-userdel "%u" > # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" > # add group script = /usr/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/sbin/smbldap-groupdel "%g" > # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > "%g" > # delete user from group script = /usr/sbin/smbldap-groupmod -x > "%u" "%g" > # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% > u' > > > > #domain admin group = @admin > #domain admin users = root > > #encrypt password = yes > > > ;logging > log level = 2 > log file = /usr/local/etc/samba_3/var/log.%L > max log size = 10000 > debug timestamp = yes > syslog = 1 > > ;user roaming profiles path > logon path = \\%N\profiles\%u > ;general logon script > logon script = logon.bat > > [netlogon] > path = /home/samba/netlogon > public = no > writeable = no > browseable = no > valid users = root@debian > > [profiles] > path = /home/samba/profiles > writeable = yes > create mask = 0700 > directory mask = 0700 > browseable = no > valid users = root@debian > ////////////////////////////////////////////////////////////// > > my login.bat is : > > > /////////////////////////////////////////////////////////// > @echo off > rem by robowarp.DeleteThis@gmx.de leave to public as it is , dont think > of asking me > rem created for samba 3 login, the bat files were creted on the fly by > genlogin.pl > rem this script is only valid for win2000/NT/XP > rem exec bat for logged in machine ( maybe software status or machine > data ) > echo %COMPUTERNAME% > call %COMPUTERNAME%.bat > rem exec bat for login user > echo %USERNAME% > call %USERNAME%.bat > rem exec bat for different groups > rem ifmember.exe must be in the netlogon share download it at > microschrott > ifmember Administrators > if errorlevel 1 call Administrators.bat > ifmember users > if errorlevel 1 call users.bat > ////////////////////////////////////////////////////////////// > > > Please help me................ > >
Can i hope to solve this problem? On Thu, 2009-07-09 at 17:56 +0530, VIJAYAN wrote:> Ok Millian thanks Mohsen Pahlevanzadeh > > Regards, > > -----Original Message----- > From: Mohsen Pahlevanzadeh [mailto:mohsen@pahlevanzadeh.org] > Sent: Thursday, July 09, 2009 5:01 PM > To: Adam Williams > Cc: samba@lists.samba.org > Subject: Re: [Samba] login.bat has error? > > Dear Adam, > I changed my machine & install Samba & Ldap in other machine with new > configuration. > > Even getent paaswd & getent shadow is work well.Ldap doesn't has problem. > Even i invoke :smbldap-useradd -w mylove then i run net rpc join mylove -u > root Enter root's password: > Creation of workstation account failed > Unable to join domain MYLOVE. > debian:/usr/local/etc/samba_3# > I confused.... > My smb.conf: > > ///////////////////////////////////////////// > [global] > dos charset = UTF-8 > display charset = UTF-8 > workgroup = MYLOVE > realm = MYLOVE > netbios name = MYLOVE > server string = %h server > map to guest = Bad User > passdb backend = ldapsam:ldap://127.0.0.1/ pam password change = Yes passwd > program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n > *Retype*new*password* %n\n > *all*authentication*tokens*updated* > unix password sync = Yes > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > time server = Yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script > /usr/sbin/smbldap-useradd -m %u delete user script > /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd > -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group > script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script > /usr/sbin/smbldap-groupmod -x %u %g set primary group script > /usr/sbin/smbldap-usermod -g %g %u add machine script > /usr/sbin/smbldap-useradd -w %u logon script = logon.bat logon path > \\%N\profiles\%U logon drive = U: > domain logons = Yes > os level = 65 > preferred master = Yes > domain master = Yes > dns proxy = No > wins support = Yes > ldap admin dn = cn=admin,dc=mylove > ldap delete dn = Yes > ldap group suffix = ou=group > ldap idmap suffix = ou=idmap > ldap machine suffix = ou=computer > ldap suffix = dc=example,dc=com > ldap ssl = no > ldap user suffix = ou=people > panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case > sensitive = No hide unreadable = Yes map hidden = Yes map system = Yes > > [homes] > comment = Home Directories > valid users = %S > read only = No > create mask = 0600 > directory mask = 0700 > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > create mask = 0700 > printable = Yes > browseable = No > > [print$] > comment = Printer Drivers > path = /var/lib/samba/printers > > [netlogon] > path = /var/lib/samba/netlogon > browseable = No > > [profiles] > path = /var/lib/samba/profiles > force user = %U > read only = No > create mask = 0600 > directory mask = 0700 > guest ok = Yes > profile acls = Yes > browseable = No > csc policy = disable > > [public] > path = /tmp > read only = No > guest ok = Yes > > > > > > On Tue, 2009-07-07 at 10:33 -0500, Adam Williams wrote: > > sounds like your computer doesn't have a machine account. > > > > Mohsen Pahlevanzadeh wrote: > > > Dear all, > > > I ran PDC on smbpasswd auth. > > > When i use following the command, i receive : > > > ////////////////////////////////////////// > > > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > > > Enter root's password: > > > Creation of workstation account failed Unable to join domain MYLOVE. > > > debian:/usr/local/etc/samba_3# > > > /////////////////////////////////////////////////////// > > > > > > > > > my smb.conf is : > > > > > > > > > > > > //////////////////////////////////////////////////////////// > > > [global] > > > netbios name = mylove > > > server string = Axjooon > > > workgroup = mylove > > > os level = 65 > > > prefered master = yes > > > domain master = yes > > > local master = yes > > > domain logons = yes > > > ;misc options > > > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > > > RCVBUF=8192 > > > time server = yes > > > hide dot files = yes > > > #client code page = 852 > > > #character set = ISO8859-2 > > > smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd > > > > > > security = user > > > guest ok = no > > > invalid users = bin sys ftp man mail > > > admin users = @admin > > > wins support = yes > > > # passdb backend = ldapsam:"ldap://ldap1.company.com > > > ldap://ldap2.company.com" > > > # passdb backend = ldapsam:ldap://127.0.0.1/ > > > # ldap admin dn = cn=Manager,dc=mylove,dc=com > > > #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com > > > # ldap suffix = dc=mylove,dc=com > > > # ldap group suffix = ou=Groups > > > # ldap user suffix = ou=Users > > > # ldap machine suffix = ou=Computers > > > #ldap idmap suffix = ou=Idmap > > > #add user script = /usr/sbin/smbldap-useradd -m "%u" > > > #ldap delete dn = Yes > > > #delete user script = /usr/sbin/smbldap-userdel "%u" > > > # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" > > > # add group script = /usr/sbin/smbldap-groupadd -p "%g" > > > #delete group script = /usr/sbin/smbldap-groupdel "%g" > > > # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > > > "%g" > > > # delete user from group script = /usr/sbin/smbldap-groupmod -x > > > "%u" "%g" > > > # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% > > > u' > > > > > > > > > > > > #domain admin group = @admin > > > #domain admin users = root > > > > > > #encrypt password = yes > > > > > > > > > ;logging > > > log level = 2 > > > log file = /usr/local/etc/samba_3/var/log.%L > > > max log size = 10000 > > > debug timestamp = yes > > > syslog = 1 > > > > > > ;user roaming profiles path > > > logon path = \\%N\profiles\%u > > > ;general logon script > > > logon script = logon.bat > > > > > > [netlogon] > > > path = /home/samba/netlogon > > > public = no > > > writeable = no > > > browseable = no > > > valid users = root@debian > > > > > > [profiles] > > > path = /home/samba/profiles > > > writeable = yes > > > create mask = 0700 > > > directory mask = 0700 > > > browseable = no > > > valid users = root@debian > > > ////////////////////////////////////////////////////////////// > > > > > > my login.bat is : > > > > > > > > > /////////////////////////////////////////////////////////// > > > @echo off > > > rem by robowarp.DeleteThis@gmx.de leave to public as it is , dont > > > think of asking me rem created for samba 3 login, the bat files were > > > creted on the fly by genlogin.pl rem this script is only valid for > > > win2000/NT/XP rem exec bat for logged in machine ( maybe software > > > status or machine data ) echo %COMPUTERNAME% call %COMPUTERNAME%.bat > > > rem exec bat for login user echo %USERNAME% call %USERNAME%.bat rem > > > exec bat for different groups rem ifmember.exe must be in the > > > netlogon share download it at microschrott ifmember Administrators > > > if errorlevel 1 call Administrators.bat ifmember users if errorlevel > > > 1 call users.bat > > > ////////////////////////////////////////////////////////////// > > > > > > > > > Please help me................ > > > > > > > > > > >
On Thu, Jul 9, 2009 at 10:51 AM, Mohsen Pahlevanzadeh<mohsen@pahlevanzadeh.org> wrote:> Can i hope to solve this problem?It would help if you posted the samba log from the PDC that showed what happened when you tried to join the domain. Also have you setup your nss_switch.conf and are you running nscd? John
My log.nmbd: ///////////////////////////////////////////////////////////////////////////////// Copyright Andrew Tridgell and the Samba Team 1992-2008 [2009/07/10 03:16:29, 0] nmbd/nmbd.c:main(879) standard input is not a socket, assuming -D option [2009/07/10 03:16:29, 0] nmbd/nmbd_subnetdb.c:create_subnets(206) create_subnets: No local IPv4 non-loopback interfaces ! [2009/07/10 03:16:29, 0] nmbd/nmbd_subnetdb.c:create_subnets(207) create_subnets: Waiting for an interface to appear ... [2009/07/10 03:16:59, 0] nmbd/nmbd_logonnames.c:add_logon_names(160) add_domain_logon_names: Attempting to become logon server for workgroup MYLOVE on subnet 192.168.2.101 [2009/07/10 03:16:59, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291) become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup MYLOVE on subnet 192.168.2.101 [2009/07/10 03:16:59, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(304) become_domain_master_browser_bcast: querying subnet 192.168.2.101 for domain master browser on workgroup MYLOVE [2009/07/10 03:17:03, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(121) become_logon_server_success: Samba is now a logon server for workgroup MYLOVE on subnet 192.168.2.101 [2009/07/10 03:17:07, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(110) ***** Samba server MYLOVE is now a domain master browser for workgroup MYLOVE on subnet 192.168.2.101 ***** [2009/07/10 03:17:22, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(395) ***** Samba name server MYLOVE is now a local master browser for workgroup MYLOVE on subnet 192.168.2.101 ***** /////////////////////////////////////////////////////// Mylove is my netbios name & my workgroup name. On Thu, 2009-07-09 at 20:07 -0300, Norberto Bensa wrote:> On Thu, Jul 9, 2009 at 8:31 AM, Mohsen > Pahlevanzadeh<mohsen@pahlevanzadeh.org> wrote: > > Even i invoke :smbldap-useradd -w mylove > > Does this one succeed or doesn't? > > > then i run net rpc join mylove -u root > > Why are you doing this? Who is mylove?