[Samba] Problems with SAMBA as PDC and Windows XP SP2 as client - Samba

This is a discussion on [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client - Samba ; Hi!! We are trying to configure a Debian Linux Server as Samba Server (Domain Controller) and a Windows XP (with Service Pack 2) as client. We have configured Windows into the Samba Domain (in other words, we have been able ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client

  1. [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client

    Hi!!

    We are trying to configure a Debian Linux Server as Samba Server (Domain
    Controller) and a Windows XP (with Service Pack 2) as client. We have
    configured Windows into the Samba Domain (in other words, we have been
    able to agregate the machine into the domain), but when we restart
    Windows and try to login with a samba user (from linux server)
    (selecting the Domain), we received a message telling us that the domain
    is blocked or not available.

    We send you our smb.conf file. Linux Samba Server is running in a Debian
    Etch, with version 3.0.24-6etch4

    Thanks for you help!!

    [global]
    dos charset = CP850
    unix charset = UTF-8
    display charset = LOCALE
    workgroup = DOMAIN_NAME
    realm =
    netbios name = MACHINE_NAME
    netbios aliases =
    netbios scope =
    server string = %h server
    interfaces = eth1
    bind interfaces only = Yes
    security = USER
    auth methods =
    encrypt passwords = Yes
    update encrypted = No
    client schannel = Auto
    server schannel = Auto
    allow trusted domains = Yes
    map to guest = Never
    null passwords = No
    obey pam restrictions = Yes
    password server = *
    smb passwd file = /etc/samba/smbpasswd
    private dir = /etc/samba
    passdb backend = smbpasswd:/etc/samba/smbpasswd
    algorithmic rid base = 1000
    root directory =
    guest account = nobody
    enable privileges = Yes
    pam password change = No
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
    passwd chat debug = No
    passwd chat timeout = 2
    check password script =
    username map = /etc/samba/smbusers
    password level = 0
    username level = 0
    unix password sync = No
    restrict anonymous = 0
    lanman auth = Yes
    ntlm auth = Yes
    client NTLMv2 auth = No
    client lanman auth = Yes
    client plaintext auth = Yes
    preload modules =
    use kerberos keytab = No
    log level = 0
    syslog = 0
    syslog only = No
    log file = /var/log/samba/log.%m
    max log size = 1000
    debug timestamp = Yes
    debug hires timestamp = No
    debug pid = No
    debug uid = No
    enable core files = Yes
    smb ports = 445 139
    large readwrite = Yes
    max protocol = NT1
    min protocol = CORE
    read bmpx = No
    read raw = Yes
    write raw = Yes
    disable netbios = No
    reset on zero vc = No
    acl compatibility = auto
    defer sharing violations = Yes
    nt pipe support = Yes
    nt status support = Yes
    announce version = 4.9
    announce as = NT
    max mux = 50
    max xmit = 16644
    name resolve order = lmhosts wins host bcast
    max ttl = 259200
    max wins ttl = 518400
    min wins ttl = 21600
    time server = No
    unix extensions = Yes
    use spnego = Yes
    client signing = auto
    server signing = No
    client use spnego = Yes
    enable asu support = No
    svcctl list =
    deadtime = 0
    getwd cache = Yes
    keepalive = 300
    kernel change notify = Yes
    fam change notify = Yes
    lpq cache time = 30
    max smbd processes = 0
    paranoid server security = Yes
    max disk size = 0
    max open files = 10000
    open files database hash size = 10007
    socket options = TCP_NODELAY
    use mmap = Yes
    hostname lookups = No
    name cache timeout = 660
    load printers = No
    printcap cache time = 750
    printcap name =
    cups server =
    iprint server =
    disable spoolss = No
    addport command =
    enumports command =
    addprinter command =
    deleteprinter command =
    show add printer wizard = Yes
    os2 driver map =
    mangling method = hash2
    mangle prefix = 1
    max stat cache size = 0
    stat cache = Yes
    machine password timeout = 604800
    add user script =
    rename user script =
    delete user script =
    add group script =
    delete group script =
    add user to group script =
    delete user from group script =
    set primary group script =
    add machine script =
    shutdown script =
    abort shutdown script =
    username map script =
    logon script =
    logon path = \\%N\%U\profile
    logon drive =
    logon home = \\%N\%U
    domain logons = Yes
    os level = 64
    lm announce = Auto
    lm interval = 60
    preferred master = Yes
    local master = Yes
    domain master = Yes
    browse list = Yes
    enhanced browsing = Yes
    dns proxy = No
    wins proxy = No
    wins server =
    wins support = No
    wins hook =
    kernel oplocks = Yes
    lock spin count = 3
    lock spin time = 10
    oplock break wait time = 0
    ldap admin dn =
    ldap delete dn = No
    ldap group suffix =
    ldap idmap suffix =
    ldap machine suffix =
    ldap passwd sync = no
    ldap replication sleep = 1000
    ldap suffix =
    ldap ssl = no
    ldap timeout = 15
    ldap page size = 1024
    ldap user suffix =
    add share command =
    change share command =
    delete share command =
    eventlog list =
    config file =
    preload =
    lock directory =
    pid directory = /var/run/samba
    utmp directory =
    wtmp directory =
    utmp = No
    default service =
    message command =
    get quota command =
    set quota command =
    remote announce =
    remote browse sync =
    socket address = 0.0.0.0
    homedir map = auto.home
    afs username map =
    afs token lifetime = 604800
    log nt token command =
    time offset = 0
    NIS homedir = No
    usershare allow guests = No
    usershare max shares = 0
    usershare owner only = Yes
    usershare path = /var/run/samba/usershares
    usershare prefix allow list =
    usershare prefix deny list =
    usershare template share =
    panic action = /usr/share/samba/panic-action %d
    host msdfs = Yes
    passdb expand explicit = No
    idmap backend =
    idmap uid =
    idmap gid =
    template homedir = /home/%D/%U
    template shell = /bin/false
    winbind separator = \
    winbind cache time = 300
    winbind enum users = No
    winbind enum groups = No
    winbind use default domain = No
    winbind trusted domains only = No
    winbind nested groups = No
    winbind nss info = template
    winbind refresh tickets = No
    winbind offline logon = No
    comment =
    path =
    username =
    invalid users =
    valid users = root
    admin users = root
    read list =
    write list =
    printer admin =
    force user =
    force group =
    read only = Yes
    acl check permissions = Yes
    acl group control = No
    acl map full control = Yes
    create mask = 0744
    force create mode = 00
    security mask = 0777
    force security mode = 00
    directory mask = 0755
    force directory mode = 00
    directory security mask = 0777
    force directory security mode = 00
    force unknown acl user = No
    inherit permissions = No
    inherit acls = No
    inherit owner = No
    guest only = No
    guest ok = No
    only user = No
    hosts allow = 192.168.65.
    hosts deny =
    allocation roundup size = 1048576
    aio read size = 0
    aio write size = 0
    aio write behind =
    ea support = No
    nt acl support = Yes
    profile acls = No
    map acl inherit = No
    afs share = No
    block size = 1024
    change notify timeout = 60
    max connections = 0
    min print space = 0
    strict allocate = No
    strict sync = No
    sync always = No
    use sendfile = No
    write cache size = 0
    max reported print jobs = 0
    max print jobs = 1000
    printable = No
    printing = bsd
    cups options =
    print command = lpr -r -P'%p' %s
    lpq command = lpq -P'%p'
    lprm command = lprm -P'%p' %j
    lppause command =
    lpresume command =
    queuepause command =
    queueresume command =
    printer name =
    use client driver = No
    default devmode = Yes
    force printername = No
    default case = lower
    case sensitive = Auto
    preserve case = Yes
    short preserve case = Yes
    mangling char = ~
    hide dot files = Yes
    hide special files = No
    hide unreadable = No
    hide unwriteable files = No
    delete veto files = No
    veto files =
    hide files =
    veto oplock files =
    map archive = Yes
    map hidden = No
    map system = No
    map readonly = yes
    mangled names = Yes
    mangled map =
    store dos attributes = No
    dmapi support = No
    browseable = Yes
    blocking locks = Yes
    csc policy = manual
    fake oplocks = No
    locking = Yes
    oplocks = Yes
    level2 oplocks = Yes
    oplock contention limit = 2
    posix locking = Yes
    strict locking = Auto
    share modes = Yes
    dfree cache time = 0
    dfree command =
    copy =
    include =
    preexec =
    preexec close = No
    postexec =
    root preexec =
    root preexec close = No
    root postexec =
    available = Yes
    volume =
    fstype = NTFS
    set directory = No
    wide links = Yes
    follow symlinks = Yes
    dont descend =
    magic script =
    magic output =
    delete readonly = No
    dos filemode = No
    dos filetimes = Yes
    dos filetime resolution = No
    fake directory create times = No
    vfs objects =
    msdfs root = Yes
    msdfs proxy =

    [homes]
    comment = Home Directories
    path = /home
    valid users = root, pt
    admin users = root, pt
    create mask = 0700
    directory mask = 0700

    [printers]
    comment = All Printers
    path = /var/spool/samba
    create mask = 0700
    printable = Yes
    browseable = No

    [print$]
    comment = Printer Drivers
    path = /var/lib/samba/printers

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client

    Is this preventing the user from logging on or loading their profile?

    > profile acls = No

    If it is loading their profile I believe this may be your problem as I
    had the same problem a few months ago. Set that to yes. The reason for
    this is that WinXPSP2 checks the credentials of the profile match the
    user and rejects the profile when it does not match.

    John
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  3. Re: [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client

    John Drescher escribió:
    > Is this preventing the user from logging on or loading their profile?
    >
    >> profile acls = No

    > If it is loading their profile I believe this may be your problem as I
    > had the same problem a few months ago. Set that to yes. The reason for
    > this is that WinXPSP2 checks the credentials of the profile match the
    > user and rejects the profile when it does not match.
    >
    > John

    We have changed this parameter to "Yes", but we continue with the same
    problems.
    Logfile shows the following message: "smbd/service.c:
    make_connection_snum(849) Can't become connected user!"



    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  4. Re: [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client

    On 6/20/07, Dale Schroeder wrote:
    > In the [global] section, try changing
    >
    > valid users = root
    >
    > to
    >
    > valid users =
    >
    > Dale
    >

    Good spot, That will surely cause problems...

    John
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  5. Re: [Samba] Problems with SAMBA as PDC and Windows XP SP2 as client

    In the [global] section, try changing

    valid users = root

    to

    valid users =

    Dale

    Personal Técnico wrote:
    > Hi!!
    >
    > We are trying to configure a Debian Linux Server as Samba Server
    > (Domain Controller) and a Windows XP (with Service Pack 2) as client.
    > We have configured Windows into the Samba Domain (in other words, we
    > have been able to agregate the machine into the domain), but when we
    > restart Windows and try to login with a samba user (from linux server)
    > (selecting the Domain), we received a message telling us that the
    > domain is blocked or not available.
    >
    > We send you our smb.conf file. Linux Samba Server is running in a
    > Debian Etch, with version 3.0.24-6etch4
    >
    > Thanks for you help!!
    > ------------------------------------------------------------------------
    >
    > No virus found in this incoming message.
    > Checked by AVG.
    > Version: 7.5.472 / Virus Database: 269.9.0/853 - Release Date: 6/18/2007 3:02 PM

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread