[Samba] A device attached to the system is not functioning (smbd -V 3.5.x)

Todd E Thomas Sun, 14 Nov 2010 15:23:09 -0800

Howdy,

I'm having one last problem with my Samba PDC with an ldap backend. WhenI add a machine to the domain I get the error, on my Win7 test client,that says:


The following error occurred attempting to join the domain "office":
A device attached to the system is not functioning.

Here are some particulars:
# smbd -V
Version 3.5.6 (configured sernet repo to install latest packages)

I'm using OpenLDAP v2.4.23

# cat /etc/redhat-release
CentOS release 5.5 (Final)

The Win7 client is a VM in VirtualBox. It does, in fact, have a devicewith no driver (sound card).

---

After adding the client to the domain and entering UN/PW, these arelogged entries:

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.344804, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[admingear]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345033, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[apps]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345199, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[docs]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345352, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[homes]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345543, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[netlogon]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345689, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[printers]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.346143, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[print$]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.431008, 1]param/loadparm.c:7605(lp_do_parameter)Nov 14 16:37:26 hostname smbd[18542]: WARNING: The "printer admin"option is deprecatedNov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.498046, 2]param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section "[public]"

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.573629, 2]printing/print_cups.c:550(cups_async_callback)Nov 14 16:37:26 hostname smbd[18542]: cups_async_callback: failed toread a new printer listNov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.649941, 2]printing/print_cups.c:550(cups_async_callback)Nov 14 16:37:26 hostname smbd[18542]: cups_async_callback: failed toread a new printer listNov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.701745, 2]lib/interface.c:340(add_interface)Nov 14 16:37:26 hostname smbd[18542]: added interface lo ip=127.0.0.1bcast=127.255.255.255 netmask=255.0.0.0Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.768676, 2]lib/interface.c:340(add_interface)Nov 14 16:37:26 hostname smbd[18542]: added interface eth0 ip=10.0.0.4bcast=10.0.0.255 netmask=255.255.255.0Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.838027, 2]lib/access.c:406(check_access)Nov 14 16:37:26 hostname smbd[18542]: Allowed connection from10.0.0.203 (10.0.0.203)Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.912057, 2]smbd/reply.c:554(reply_special)Nov 14 16:37:26 hostname smbd[18542]: netbios connect:name1=ZERVER 0x20 name2=7TEST1 0x0Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.978893, 2]smbd/reply.c:565(reply_special)Nov 14 16:37:27 hostname smbd[18542]: netbios connect: local=zerverremote=7test1, name type = 0Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.575662, 2]smbd/sesssetup.c:1391(setup_new_vc_session)Nov 14 16:37:34 hostname smbd[18542]: setup_new_vc_session: New VC ==0, if NT4.x compatible we would close all old resources.Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.589383, 2]smbd/sesssetup.c:1391(setup_new_vc_session)Nov 14 16:37:34 hostname smbd[18542]: setup_new_vc_session: New VC ==0, if NT4.x compatible we would close all old resources.Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.590067, 2]lib/smbldap.c:950(smbldap_open_connection)Nov 14 16:37:34 hostname smbd[18542]: smbldap_open_connection:connection openedNov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.593216, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:34 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: rootNov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.597839, 2]passdb/pdb_ldap.c:2446(init_group_from_ldap)Nov 14 16:37:34 hostname smbd[18542]: init_group_from_ldap: Entryfound for group: 10002Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.604253, 2]auth/auth.c:304(check_ntlm_password)Nov 14 16:37:34 hostname smbd[18542]: check_ntlm_password:authentication for user [admin] -> [root] -> [root] succeededNov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.605279, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:34 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: rootNov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.649251, 2]lib/access.c:406(check_access)Nov 14 16:37:34 hostname smbd[18542]: Allowed connection from10.0.0.203 (10.0.0.203)Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.054891, 2]rpc_server/srv_samr_nt.c:4124(_samr_LookupDomain)Nov 14 16:37:38 hostname smbd[18542]: Returning domain sid for domainOFFICE -> S-1-5-21-341473964-3919201715-2767564749Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.406066, 2]lib/smbldap_util.c:277(smbldap_search_domain_info)Nov 14 16:37:38 hostname smbd[18542]: smbldap_search_domain_info:Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=OFFICE))]Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.453986, 2]passdb/pdb_ldap.c:1200(init_ldap_from_sam)Nov 14 16:37:38 hostname smbd[18542]: init_ldap_from_sam: Settingentry for user: 7TEST1$Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.574143, 2]passdb/pdb_ldap.c:2384(ldapsam_add_sam_account)Nov 14 16:37:38 hostname smbd[18542]: ldapsam_add_sam_account: added:uid == 7TEST1$ in the LDAP databaseNov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.602310, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:38 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.608293, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:38 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.634266, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:38 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.635898, 2]passdb/pdb_ldap.c:1200(init_ldap_from_sam)Nov 14 16:37:38 hostname smbd[18542]: init_ldap_from_sam: Settingentry for user: 7TEST1$Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.678490, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:38 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 16:37:38 hostname smbd[18542]: [2010/11/14 16:37:38.744535, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 16:37:38 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 16:37:45 hostname smbd[18286]: [2010/11/14 16:37:45.253240, 1]smbd/server.c:240(cleanup_timeout_fn)Nov 14 16:37:45 hostname smbd[18286]: Cleaning up brl and lockdatabase after unclean shutdown


This is where the error occurs:
The following error occurred attempting to join the domain "office":
A device attached to the system is not functioning.

But, I've verified the workstation account is resident in the ldapdatabase at this point:

# ldapsearch -x -H ldap://${FQDNAME} -b "${LDAPBASEDN}""(&(uid=7TEST1$)(objectClass=sambaSamAccount))" -D cn=config -w${LDAPPASSWD}

# extended LDIF
#
# LDAPv3
# base <dc=domain,dc=tld> with scope subtree
# filter: (&(uid=7TEST1$)(objectClass=sambaSamAccount))
# requesting: ALL
#

# 7TEST1$, machines, domain.tld
dn: uid=7TEST1$,ou=machines,dc=domain,dc=tld
uid: 7TEST1$
sambaSID: S-1-5-21-341473964-3919201715-2767564749-1008
displayName: Workstation (7test1$)
objectClass: sambaSamAccount
objectClass: account
sambaAcctFlags: [W          ]
sambaNTPassword: 3E27124ADFFC14F8F96B48C49808C43A
sambaPwdLastSet: 1289775897

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

It is also resident in /etc/passwd. I'm not sure how to make samba stopadding it here yet :)


$ grep -i 7test1 /etc/passwd
7test1$:x:10016:100:Workstation (7test1$):/nohome:/sbin/nologin

Does anyone know how to make samba only write workstation accounts toldap and not /etc/passwd?

---

If I were now to (on the Win7 client) click OK to the error andre-attempt to add the machine to the domain it would be joined withoutfailure.

Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.250056, 2]lib/smbldap.c:950(smbldap_open_connection)Nov 14 17:04:56 hostname smbd[18542]: smbldap_open_connection:connection openedNov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.535673, 2]rpc_server/srv_samr_nt.c:4124(_samr_LookupDomain)Nov 14 17:04:56 hostname smbd[18542]: Returning domain sid for domainOFFICE -> S-1-5-21-341473964-3919201715-2767564749Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.540337, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:04:56 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.554429, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:04:56 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.569368, 2]passdb/pdb_ldap.c:1200(init_ldap_from_sam)Nov 14 17:04:56 hostname smbd[18542]: init_ldap_from_sam: Settingentry for user: 7TEST1$Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.599912, 2]passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)Nov 14 17:04:56 hostname smbd[18542]: ldapsam_update_sam_account:successfully modified uid = 7TEST1$ in the LDAP databaseNov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.602703, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:04:56 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.604196, 2]passdb/pdb_ldap.c:1200(init_ldap_from_sam)Nov 14 17:04:56 hostname smbd[18542]: init_ldap_from_sam: Settingentry for user: 7TEST1$Nov 14 17:04:56 hostname smbd[18542]: [2010/11/14 17:04:56.941592, 2]passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)Nov 14 17:04:56 hostname smbd[18542]: ldapsam_update_sam_account:successfully modified uid = 7TEST1$ in the LDAP databaseNov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.031499, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:04:57 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.072269, 2]passdb/pdb_ldap.c:1200(init_ldap_from_sam)Nov 14 17:04:57 hostname smbd[18542]: init_ldap_from_sam: Settingentry for user: 7TEST1$Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.199951, 2]passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)Nov 14 17:04:57 hostname smbd[18542]: ldapsam_update_sam_account:successfully modified uid = 7TEST1$ in the LDAP databaseNov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.268142, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:04:57 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.313315, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:04:57 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.359135, 2]passdb/pdb_ldap.c:1200(init_ldap_from_sam)Nov 14 17:04:57 hostname smbd[18542]: init_ldap_from_sam: Settingentry for user: 7TEST1$Nov 14 17:04:57 hostname smbd[18542]: [2010/11/14 17:04:57.491592, 2]passdb/pdb_ldap.c:2061(ldapsam_update_sam_account)Nov 14 17:04:57 hostname smbd[18542]: ldapsam_update_sam_account:successfully modified uid = 7TEST1$ in the LDAP databaseNov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.966683, 2]lib/access.c:406(check_access)Nov 14 17:05:00 hostname smbd[18542]: Allowed connection from10.0.0.203 (10.0.0.203)Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.979326, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:05:00 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.982879, 2]../libcli/auth/credentials.c:307(netlogon_creds_server_check_internal)

Nov 14 17:05:00 hostname smbd[18542]:   credentials check failed

Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.982981, 0]rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3)Nov 14 17:05:00 hostname smbd[18542]: _netr_ServerAuthenticate3:netlogon_creds_server_check failed. Rejecting auth request from client7TEST1 machine account 7TEST1$Nov 14 17:05:00 hostname smbd[18542]: [2010/11/14 17:05:00.988057, 2]passdb/pdb_ldap.c:572(init_sam_from_ldap)Nov 14 17:05:00 hostname smbd[18542]: init_sam_from_ldap: Entry foundfor user: 7TEST1$Nov 14 17:05:08 hostname smbd[18542]: [2010/11/14 17:05:08.502178, 2]auth/auth.c:314(check_ntlm_password)Nov 14 17:05:08 hostname smbd[18542]: check_ntlm_password:Authentication for user [7TEST1] -> [7TEST1] FAILED with errorNT_STATUS_NO_SUCH_USER

After this I get a message, on the Win7 client, that says: Welcome tothe domain: OFFICE.

The message: "Authentication for user [7TEST1] -> [7TEST1] FAILED witherror NT_STATUS_NO_SUCH_USER" is just confusing.

---

I'm not really sure what I'm doing wrong here. I can say that theattached smb.conf file is from a samba 3.0x install with a few additionsto make it work quickly within my test environment (ldap ssl = off,etc). Its performed without fail for quite a long time.


If someone could shed some light on:
  q1: why does this error occur? and
  q2: how do I configure samba ignore it? or, maybe better
  q3: is there a better, more 'correct', solution for this problem?

that would be helpful. The lack of a sound card driver doesn't seem likea legitimate hold-up for adding a machine to the domain.


--
Thanks for the assist,

Todd E Thomas
"It's a frail music knits the world together."
-Robert Dana

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] A device attached to the system is not functioning (smbd -V 3.5.x)

Reply via email to