Hello,
I am currently trying to replace a 2003 AD Server with LDAP backed
Samba3 acting as a PDC.
Two days ago, Windows7 clients (that are on a different subnet) than the
samba server were working well and I thought my understanding advances.
Then, I started to learn how to integrate printers and suddenly I
noticed that the Windows7 clients stopped working -- even with the
working smb.conf that I saved before I went on to the printers.
When I try to logon from a Windows7 client, authentication seems to
work: if there is no roaming profile for the user, one is created and if
there is one, some files in it are updatet. But the client
displays an error message which translates to:
"The start of the service group policy client failed. Access denied."
If smbd runs with loglevel 0, I see the following in the logfile:
[2011/09/02 10:32:50.771238, 0]
rpc_server/srv_pipe.c:500(pipe_schannel_auth_bind)
pipe_schannel_auth_bind: Attempt to bind using schannel without successful
serverauth2
[2011/09/02 10:32:55.385069, 0]
rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth
request from client WIN7 machine account WIN7$
On the Windows7 client the event log says (roughly translated) that it
cannot find a logon server.
>From an XP client I can logon to the domain without problems and I would
like to ask for hints what I am probably doing wrong with the Windows7
clients.
Thanks,
Dirk
