Re: [Samba] Win XP logon issues

[Jeffrey D. Means]

Jeffrey D. Means wrote:

when trying to log on to my samba server (3.0a24 with LDAP)  I get a 
message about the domain not being available or the machine account is 
not available.  In the event log this is what the Netlogon service 
reports about the error.

---
The domain of this computer, MEANSPC has been downgraded from Windows 
2000 or newer to Windows NT4 or older. The computer cannot function 
properly in this case for authentication purposes. This computer needs 
to rejoin the domain. The following error occurred:
There are currently no logon servers available to service the logon 
request.
---

Is this a issue with my Win XP Pro box or the samba server.  I have 
broken the machine from the domain and rejoined it several times 
trying to fix this issue to no avail.  I have applied the registry 
patch for win xp and am now at a loss as to what to try next.

--- smb.conf  [Global Section]
# Global parameters
[global]
       workgroup = MEANSPC
       netbios name = BAST
       server string = Authentication Server
       encrypt passwords = Yes
       update encrypted = Yes
#       obey pam restrictions = Yes
#       pam password change = Yes
       restrict anonymous = Yes
       time server = Yes
       socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
       add user script = /usr/sbin/useradd -s /bin/false -d /dev/null 
-g 509 -c "%U" -M %u;passwd -l %u
       add machine script = /usr/sbin/useradd -s /bin/false -d 
/dev/null -g 509 -c "%m Machine" '%m$';passwd -l '%m$'
#       delete user script = smbpasswd -x %u;userdel %u
       message command = cat %s>/dev/lp0
#       use spnego = no

# LDAP
       passdb backend = ldapsam:ldap://bast.picotech.net/
       ldap suffix = o=smb,dc=meanspc,dc=com
       ldap admin dn = "cn=root,o=smb,dc=meanspc,dc=com"
#       ldap machine suffix = ou=Computers
#       ldap user suffix = ou=Users
       ldap ssl = no
# Debugging
       debug pid = Yes
       debug uid = Yes
       debug timestamp = Yes
       log level = 1
       log file = /var/log/samba/samba.log
       max log size = 50
       panic action = echo 
"*******************************************************\nSamba Panic 
!!!!!\n**************$

# Logon Info
       logon script = netlogon.bat
       logon path = \\bast\profiles\%u
       logon home = \\bast\%u
       logon drive = Z:
# Become PDC
       os level = 255
       lm announce = True
       preferred master = True
       domain master = True
       domain logons = yes
       dns proxy = No
       wins proxy = Yes
       wins support = Yes
       null passwords = Yes
# Admin Stuff
       admin users = @smbadmin
       write list = @smbadmin
       map system = Yes
       map hidden = Yes
       delete readonly = Yes
       hosts allow = 192.168. localhost 127.0.0.1
       interfaces = eth0
       bind interfaces only = Yes
       large readwrite = Yes
       min protocol = LANMAN1
       fstype = NTFS
       nt acl support = yes

-- samba.log for an actual logon attempt
[EMAIL PROTECTED] root]# cat /var/log/samba/samba.log
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(216)
 check_ntlm_password:  Checking password for unmapped user 
[EMAIL PROTECTED] with the new password interface
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(219)
 check_ntlm_password:  mapped user is: [EMAIL PROTECTED]
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/06/05 18:05:17, 2, pid=10120, effective(0, 0), real(0, 0)] 
passdb/pdb_ldap.c:ldapsam_search_suffix(948)
 ldapsam_search_suffix: searching 
for:[(&(sambaSID=S-1-5-21-720503001-857626571-2809650969-501)(objectclass=sambaSamAccount))]
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/06/05 18:05:17, 2, pid=10120, effective(0, 0), real(0, 0)] 
passdb/pdb_ldap.c:ldapsam_search_suffix(948)
 ldapsam_search_suffix: searching 
for:[(&(uid=)(objectclass=sambaSamAccount))]
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:05:17, 3, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth_sam.c:check_sam_security(437)
 Couldn't find user '' in passdb file.
[2003/06/05 18:05:17, 2, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(301)
 check_ntlm_password:  Authentication for user [] -> [] FAILED with 
error NT_STATUS_NO_SUCH_USER
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/process.c:process_smb(882)
 Transaction 8 of length 246
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/process.c:switch_message(676)
 switch message SMBsesssetupX (pid 10120)
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X(534)
 wct=12 flg2=0xc807
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(446)
 Doing spnego session setup
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(470)
 NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 
5.1]
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_spnego_negotiate(351)
 Got OID 1 3 6 1 4 1 311 2 2 10
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_spnego_negotiate(358)
 Got secblob of size 46
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
libsmb/ntlmssp.c:debug_ntlmssp_flags(33)
 Got NTLMSSP neg_flags=0xe008b297
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/process.c:process_smb(882)
 Transaction 9 of length 252
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/process.c:switch_message(676)
 switch message SMBsesssetupX (pid 10120)
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X(534)
 wct=12 flg2=0xc807
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(446)
 Doing spnego session setup
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(470)
 NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 
5.1]
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
libsmb/ntlmssp.c:ntlmssp_server_auth(284)
 Got user=[] domain=[] workstation=[JEFF-WS] len1=1 len2=0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(216)
 check_ntlm_password:  Checking password for unmapped user 
[EMAIL PROTECTED] with the new password interface
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(219)
 check_ntlm_password:  mapped user is: [EMAIL PROTECTED]
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/06/05 18:05:20, 2, pid=10120, effective(0, 0), real(0, 0)] 
passdb/pdb_ldap.c:ldapsam_search_suffix(948)
 ldapsam_search_suffix: searching 
for:[(&(sambaSID=S-1-5-21-720503001-857626571-2809650969-501)(objectclass=sambaSamAccount))]
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/06/05 18:05:20, 2, pid=10120, effective(0, 0), real(0, 0)] 
passdb/pdb_ldap.c:ldapsam_search_suffix(948)
 ldapsam_search_suffix: searching 
for:[(&(uid=)(objectclass=sambaSamAccount))]
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:05:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth_sam.c:check_sam_security(437)
 Couldn't find user '' in passdb file.
[2003/06/05 18:05:20, 2, pid=10120, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(301)
 check_ntlm_password:  Authentication for user [] -> [] FAILED with 
error NT_STATUS_NO_SUCH_USER
[2003/06/05 18:06:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:07:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:07:20, 2, pid=10120, effective(0, 0), real(0, 0)] 
smbd/process.c:timeout_processing(1126)
 Closing idle connection
[2003/06/05 18:07:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/06/05 18:07:20, 2, pid=10120, effective(0, 0), real(0, 0)] 
smbd/server.c:exit_server(558)
 Closing connections
[2003/06/05 18:07:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/connection.c:yield_connection(61)
 Yielding connection to
[2003/06/05 18:07:20, 3, pid=10120, effective(0, 0), real(0, 0)] 
smbd/server.c:exit_server(601)
 Server exit (normal exit)
 process_logon_packet: SAMLOGON request from JEFF-WS(192.168.100.2) for 
, returning logon svr \\BAST domain MEANSPC code 13 token=ffff
[EMAIL PROTECTED] root]#
---

I hope this helps someone find the domain controler missing error.



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba