When u used these FORCE user and group settings, you didn't have to tell it which user and group to force?
Can you send a copy of your smb.conf file. The problem I am having is that sometimes a machine that is connected to the domain will not allow a user to authenticate.. but it allows other users to authenticate.. Im wondering if this could be related... Jose -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, April 23, 2004 1:26 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [Samba] XP Client cannot join Samba3 PDC Resolved problem: Had decided to use global force user/force group options for the shares. It worked like a charm. All my shares now had default groups and users. I did not realize how truly global these settings were. After a careful review of the logs, I noticed that root indeed logged in. However, the effective user always morphed into nobody. At that time, I thought this was nominal behavior. NOT! The global settings for: FORCE USER = unix user FORCE GROUP= unix group Sets the Effective User ID to those forced ID's for EVERYTHING, including non share oriented communications. Check your configs and eliminate these GLOBAL settings. 30 hours! DOH! -----Original Message----- From: Chris Tepaske [SMTP:[EMAIL PROTECTED] Sent: Thursday, April 15, 2004 5:43 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [Samba] XP Client cannot join Samba3 PDC I have found the same problem no and again especially if you remove a machine and then want to rejoin I'm assuming that you use root to for the account and that is exists in you samba setup. I found that when it happens to me that quickest and easiest way to resolve the issue is to rebuild the machine I found the problem with XP and 2003 don't know what causes the issue and I think lots of people have the same problem as it is not the first time this has come up on the posts. Cheers Chris Tepaske -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, 15 April 2004 4:47 AM To: [EMAIL PROTECTED] Subject: [Samba] XP Client cannot join Samba3 PDC Migrating a working Samba 2.2.8a Domain Controller to 3.0.2a Using smbpasswd file compiled using gcc 3.2.2 ---------------------------------------------------------------------------- -------- Used working 2.2.8 configuration ---------------------------------------------------------------------------- -------- #authentication as PDC workgroup = XNET domain logons = yes domain master = yes preferred master = yes security = user password level = 8 username level = 8 smb passwd file = /usr/local/samba/lbin/smbpasswd logon script = logon.bat encrypt passwords = yes ---------------------------------------------------------------------------- -------- Added automation scripts ---------------------------------------------------------------------------- -------- #user group scripts add user script=/usr/sbin/useradd -d /dev/null -g machines -c "Machine a ccount %u" -s /bin/false -M %u delete user script=/usr/sbin/userdel -r %u add group script=/usr/sbin/groupadd %g delete group script=/usr/sbin/groupdel %g add user to group script=/usr/sbin/usermod -G %g %u add machine script=/usr/sbin/useradd -s /bin/false -d /dev/null %u ---------------------------------------------------------------------------- -------- Disabled the following items in the Local Security Policy ---------------------------------------------------------------------------- -------- Domain member: Digitally encrypt or sign secure channel data (Always) domain member: Digitally encrypt secure channel data (when possible) Domain member: Digitally sign secure channel data (when possible) Domain member: Require strong (Windows 2000 or later) session key ---------------------------------------------------------------------------- -------- Added the following Registry Hacks ---------------------------------------------------------------------------- -------- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "RequireSignOrSeal"=dword:00000000 If you still have changes, you may want to change the following [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "sealsecurechannel"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "signsecurechannel"=dword:00000000 ---------------------------------------------------------------------------- -------- Deleted existing machine entries in smbpasswd ---------------------------------------------------------------------------- -------- vi smbpasswd delete machine user line restart smb ---------------------------------------------------------------------------- -------- Added machine entries ---------------------------------------------------------------------------- -------- smbpasswd -a -m WORKSTATION_NAME ---------------------------------------------------------------------------- -------- SYMPTOMS ---------------------------------------------------------------------------- -------- CAN authenticate from domain members added prior to migration CAN use shares from 95/XP/Samba using share based authentication username/password CAN join domain form another Samba3 box CANNOT join domain from XP XP client reports: Access is denied (logged in on XP as Administrator) Samba reports (level 10 logging): _samr_open_domain: ACCESS DENIED Both root and nobody appear to authenticate Logs indicate insufficient privilege to continue Looks like it might be something on the client?? There are no warnings or errors in any of the XP logs. Symptoms are the same from multiple installs of XP to multiple installs of samba I have racked my brain for the last week and have even resorted to reading the manual. Thank you for any guidance in advance! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
