I re-registered the workstation with the PDC to create an interdomain trust account:
smbldap-userdel vm-xppro$ smbldap-useradd -w -i vm-xppro$ I can get Samba to find my workstation's IP address; shutdown needs an IP address and will not use a NetBIOS name: ================================================== [root@server0 samba]# net lookup vm-xppro 10.1.0.154 [root@server0 samba]# net rpc shutdown -I vm-xppro -U root Invalid ip address specified ================================================== ...And no I still can't shutdown using "net rpc shutdown -d 10 -I 10.1.0.154 -U root". :( - Joe From: [email protected] To: [email protected] Subject: Re: [Samba] Shutting down WinXP Pro instance Date: Tue, 25 Jan 2011 06:48:30 -0800 On Tuesday 25/01/2011 at 2:58 am, Joe Tseng wrote: Thanks again for the help... I looked at "Force shutdown from a remote system" and it already had Administrators in there; I had already added ATHOME\root included as a group member. I added it explicitly into that list but it made no difference. As for using the NetBIOS name that made no difference; in fact I think it didn't resolve at all: Then that IS a problem. The names need to resolve for trust to be determined. ================================================== [root@server0 samba]# net rpc shutdown -I HDA -U root Enter root's password: Shutdown of remote machine failed result was: WERR_ACCESS_DENIED [root@server0 samba]# net rpc shutdown -I 10.1.0.154 -U root Enter root's password: Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER ================================================== The detailed debug output of using the IP is below: ================================================== [root@server0 samba]# net rpc shutdown -d 10 -I 10.1.0.154 -U root [2011/01/25 05:41:26, 5] lib/debug.c:407(debug_dump_status) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 [2011/01/25 05:41:26, 3] param/loadparm.c:9039(lp_load_ex) lp_load_ex: refreshing parameters [2011/01/25 05:41:26, 3] param/loadparm.c:4848(init_globals) Initialising global parameters [2011/01/25 05:41:26, 2] param/loadparm.c:4707(max_open_files) rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) [2011/01/25 05:41:26, 3] ../lib/util/params.c:550(pm_process) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2011/01/25 05:41:26, 3] param/loadparm.c:7726(do_section) Processing section "[global]" doing parameter workgroup = ATHOME doing parameter server string = at.home doing parameter netbios name = hda [2011/01/25 05:41:26, 4] param/loadparm.c:7088(handle_netbios_name) handle_netbios_name: set global_myname to: HDA doing parameter printing = cups doing parameter printcap name = cups doing parameter load printers = yes doing parameter cups options = raw doing parameter log file = /var/log/samba/%m.log doing parameter log level = 0 doing parameter max log size = 150 doing parameter socket options = TCP_NODELAY doing parameter preferred master = yes doing parameter os level = 65 doing parameter domain master = yes doing parameter local master = yes doing parameter admin users = homeadmin doing parameter domain logons = yes doing parameter logon path = \\%L\profiles\%U doing parameter logon drive = H: doing parameter logon home = \\%L\%U doing parameter time server = yes doing parameter unix extensions = no doing parameter wide links = yes doing parameter veto files = /*.nws/riched20.dll/*.{*}/ doing parameter security = user doing parameter username map script = /usr/share/hda-platform/hda-usermap doing parameter large readwrite = yes doing parameter encrypt passwords = yes doing parameter dos charset = CP850 doing parameter unix charset = UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS-2LE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UCS-2LE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-16LE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-16LE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS-2BE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UCS-2BE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-16BE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-16BE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-8 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset ASCII [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset ASCII [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset 646 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset 646 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset ISO-8859-1 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset ISO-8859-1 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS2-HEX [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UCS2-HEX [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE doing parameter display charset = LOCALE doing parameter guest account = nobody doing parameter map to guest = Bad User doing parameter wins support = yes doing parameter printer admin = root, @ntadmin, administrator [2011/01/25 05:41:26, 1] param/loadparm.c:7489(lp_do_parameter) WARNING: The "printer admin" option is deprecated doing parameter logon script = %U.bat doing parameter passdb backend = ldapsam:ldap://127.0.0.1/ doing parameter ldap admin dn = cn=root,dc=at,dc=home doing parameter ldap suffix = dc=at,dc=home doing parameter ldap group suffix = ou=Groups doing parameter ldap user suffix = ou=Users doing parameter ldap machine suffix = ou=Computers doing parameter ldap ssl = no doing parameter ldap passwd sync = Yes doing parameter ldap delete dn = Yes doing parameter add machine script = /usr/sbin/smbldap-useradd -w "%u" doing parameter add user script = /usr/sbin/smbldap-useradd -m "%u" doing parameter add group script = /usr/sbin/smbldap-groupadd -p "%g" doing parameter add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" doing parameter delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" doing parameter set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" [2011/01/25 05:41:26, 4] param/loadparm.c:9074(lp_load_ex) pm_process() returned Yes [2011/01/25 05:41:26, 7] param/loadparm.c:9279(lp_servicenumber) lp_servicenumber: couldn't find homes [2011/01/25 05:41:26, 10] param/loadparm.c:8287(set_server_role) set_server_role: role = ROLE_DOMAIN_PDC [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/charcnv.c:82(charset_name) Substituting charset 'UTF-8' for LOCALE [2011/01/25 05:41:26, 5] lib/util.c:266(init_names) Netbios name list:- my_netbios_names[0]="HDA" [2011/01/25 05:41:26, 2] lib/interface.c:340(add_interface) added interface eth0 ip=fe80::215:58ff:fe6d:d900%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: [2011/01/25 05:41:26, 2] lib/interface.c:340(add_interface) added interface eth0 ip=10.1.0.10 bcast=10.1.0.255 netmask=255.255.255.0 lp_load_ex: refreshing parameters params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" doing parameter workgroup = ATHOME doing parameter server string = at.home doing parameter netbios name = hda handle_netbios_name: set global_myname to: HDA doing parameter printing = cups doing parameter printcap name = cups doing parameter load printers = yes doing parameter cups options = raw doing parameter log file = /var/log/samba/%m.log doing parameter log level = 0 doing parameter max log size = 150 doing parameter socket options = TCP_NODELAY doing parameter preferred master = yes doing parameter os level = 65 doing parameter domain master = yes doing parameter local master = yes doing parameter admin users = homeadmin doing parameter domain logons = yes doing parameter logon path = \\%L\profiles\%U doing parameter logon drive = H: doing parameter logon home = \\%L\%U doing parameter time server = yes doing parameter unix extensions = no doing parameter wide links = yes doing parameter veto files = /*.nws/riched20.dll/*.{*}/ doing parameter security = user doing parameter username map script = /usr/share/hda-platform/hda-usermap doing parameter large readwrite = yes doing parameter encrypt passwords = yes doing parameter dos charset = CP850 doing parameter unix charset = UTF8 doing parameter display charset = LOCALE doing parameter guest account = nobody doing parameter map to guest = Bad User doing parameter wins support = yes doing parameter printer admin = root, @ntadmin, administrator WARNING: The "printer admin" option is deprecated doing parameter logon script = %U.bat doing parameter passdb backend = ldapsam:ldap://127.0.0.1/ doing parameter ldap admin dn = cn=root,dc=at,dc=home doing parameter ldap suffix = dc=at,dc=home doing parameter ldap group suffix = ou=Groups doing parameter ldap user suffix = ou=Users doing parameter ldap machine suffix = ou=Computers doing parameter ldap ssl = no doing parameter ldap passwd sync = Yes doing parameter ldap delete dn = Yes doing parameter add machine script = /usr/sbin/smbldap-useradd -w "%u" doing parameter add user script = /usr/sbin/smbldap-useradd -m "%u" doing parameter add group script = /usr/sbin/smbldap-groupadd -p "%g" doing parameter add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" doing parameter delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" doing parameter set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_DOMAIN_PDC Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Netbios name list:- my_netbios_names[0]="HDA" added interface eth0 ip=fe80::215:58ff:fe6d:d900%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: added interface eth0 ip=10.1.0.10 bcast=10.1.0.255 netmask=255.255.255.0 Enter root's password: Connecting to host=10.1.0.154 s3_event: Added timed event "tevent_req_timedout": 0x7fc728024140 s3_event: Added timed event "tevent_req_timedout": 0x7fc7280245c0 Running timed event "tevent_req_timedout" 0x7fc728024140 s3_event: Destroying timer event 0x7fc728024140 "tevent_req_timedout" s3_event: Added timed event "tevent_req_timedout": 0x7fc728024140 Connecting to 10.1.0.154 at port 445 s3_event: Added timed event "tevent_req_timedout": 0x7fc728024df0 s3_event: Destroying timer event 0x7fc728024df0 "tevent_req_timedout" s3_event: Destroying timer event 0x7fc728024140 "tevent_req_timedout" Socket options: SO_KEEPALIVE = 0 SO_REUSEADDR = 0 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE cli_chain_cork: mid=1 handle_incoming_pdu: got mid 1 Doing spnego session setup (blob length=336) SPNEGO login failed: Invalid parameter failed session setup with NT_STATUS_INVALID_PARAMETER lang_tdb_init: /usr/lib64/samba/en_US.UTF-8.msg: No such file or directory Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER failed to make ipc connection: NT_STATUS_INVALID_PARAMETER initshutdown pipe failed, trying winreg pipe Connecting to host=10.1.0.154 s3_event: Added timed event "tevent_req_timedout": 0x7fc728014c70 s3_event: Added timed event "tevent_req_timedout": 0x7fc7280151d0 Running timed event "tevent_req_timedout" 0x7fc728014c70 s3_event: Destroying timer event 0x7fc728014c70 "tevent_req_timedout" s3_event: Added timed event "tevent_req_timedout": 0x7fc728014c70 Connecting to 10.1.0.154 at port 445 s3_event: Added timed event "tevent_req_timedout": 0x7fc728015a70 Running timed event "tevent_req_timedout" 0x7fc7280151d0 s3_event: Destroying timer event 0x7fc7280151d0 "tevent_req_timedout" s3_event: Added timed event "tevent_req_timedout": 0x7fc7280150b0 Connecting to 10.1.0.154 at port 139 s3_event: Added timed event "tevent_req_timedout": 0x7fc728016310 Running timed event "tevent_req_timedout" 0x7fc728015a70 s3_event: Destroying timer event 0x7fc728015a70 "tevent_req_timedout" s3_event: Added timed event "tevent_req_timedout": 0x7fc728015a70 s3_event: Destroying timer event 0x7fc728015a70 "tevent_req_timedout" s3_event: Destroying timer event 0x7fc728014c70 "tevent_req_timedout" Socket options: SO_KEEPALIVE = 0 SO_REUSEADDR = 0 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 cli_chain_cork: mid=1 handle_incoming_pdu: got mid 1 Doing spnego session setup (blob length=336) SPNEGO login failed: Invalid parameter failed session setup with NT_STATUS_INVALID_PARAMETER Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER failed to make ipc connection: NT_STATUS_INVALID_PARAMETER return code = -1 ================================================== Thanks again for the help... - Joe ---------------------------------------- From: [email protected] To: [email protected]; [email protected] CC: [email protected]; [email protected] Subject: AW: [Samba] Shutting down WinXP Pro instance Date: Tue, 25 Jan 2011 08:23:55 +0100 Maybe your local policies security disallows that feature. You can proof that with gpedit.msc local settings-->add user rights--> force shutdown from remote ----------------------------------------------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: [email protected] Internet: http://www.tropenklinik.de ----------------------------------------------- -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von [email protected] Gesendet: Dienstag, 25. Januar 2011 07:54 An: Michael Wood Cc: [email protected]; Joe Tseng Betreff: Re: [Samba] Shutting down WinXP Pro instance --- Original message --- Subject: Re: [Samba] Shutting down WinXP Pro instance From: Michael Wood To: Joe Tseng Cc: Date: Monday, 24/01/2011 10:51 PM Hi On 25 January 2011 02:54, Joe Tseng wrote: Recently I set up a PDC (Fedora 12 - I'm using this for a specific reason) using Samba 3.4.9 and OpenLDAP 2.4.19; I named my domain ATHOME. I am trying to figure out how to shut down WinXP Pro remotely and I'm not having any luck. Up to this point I have tried the following: - I used ATHOME\root which is the admin acct I used to join XP to my domain. I added ATHOME\root to my workstation's Administrators group. - I've disabled "simple file sharing" on WinXP. - I've disabled the WinXP firewall. My results are the following: [root@server0 openldap]# net rpc shutdown -d -I 10.1.0.154 -U root Hmmm. Do you have good NetBIOS browsing or WINS? I've noticed that these calls by IP address have a tendency to fail, but by NetBIOS name succeed. [2011/01/24 19:50:34, 0] lib/debug.c:451(debug_parse_params) debug_parse_params: unrecognized debug class name or format [-I] You are using incorrect syntax for the debug option. Try "net rpc shutdown -d 10 -I 10.1.0.154 -U root" and maybe that will show you what the problem is. (i.e. you need a number after -d.) -- Michael Wood -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
