Ok I've got it back to PDC by doing the "net rpc join PDC. It gave me a failed to join domain error but it shows as a domain PDC now. I'm still unable to create a root account in pdbedit after changing security to user (and restarting nmb/smb). I still get the error in the logs about root not existing. Cheers BTW
Chris Boyd Systems Engineer USIT 19-21 Aston Quay Dublin 2 Ireland Tel: +353 1 6021670 Fax: +353 1 6771602 www.usit.ie >>> Bruno Guerreiro <[EMAIL PROTECTED]> 04/06/06 1:56 PM >>> Hi, I think you should set security to USER instead of DOMAIN. Best regards, Bruno Guerreiro > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On Behalf Of Chris Boyd > Sent: quinta-feira, 6 de Abril de 2006 12:25 > To: [email protected] > Subject: [Samba] Not able to join domain > > I'm trying to set up Samba 3.0.20-4-SUSE on a opensuse 10 > machine. I'm working with XP Pro on the client machine. I > can't get the XP mahcine (RDS7) to join the domain (UCD). It > asks for a user when trying to join and then says it cannot > find it. The samba log is: > > auth/auth.c:check_ntlm_password(317) > check_ntlm_password: Authentication for user [root] -> > [root] FAILED with error NT_STATUS_NO_SUCH_USER > > The root account is showing up in smbpasswd (that's assuming > it needs to be there). > > Now the XP machine can see the domain (UCD) as well as > WORKGROUP (which it currently is master of). > > > Domain=[UCD] OS=[Unix] Server=[Samba 3.0.20-4-SUSE] > > Server Comment > --------- ------- > UCD01 Samba 3.0.20-4-SUSE > > Workgroup Master > --------- ------- > UCD UCD01 > WORKGROUP RDS7 > > This is after having to manually create the machine account > (as there seems to be some problem with suse doing it "on-the-fly". > I've also noticed that testparm returns the samba machine as > a BDC instead of a PDC. > > Load smb config files from /etc/samba/smb.conf Processing > section "[protel]" > Processing section "[homes]" > Processing section "[profiles]" > Processing section "[users]" > Processing section "[groups]" > Processing section "[printers]" > Processing section "[print$]" > Processing section "[netlogon]" > Server's Role (logon server) NOT ADVISED with domain-level > security Loaded services file OK. > Server role: ROLE_DOMAIN_BDC > Press enter to see a dump of your service definitions > > Also here's the smb.conf: > > [global] > printcap name = cups > cups options = raw > map to guest = Bad User > # include = /etc/samba/dhcp.conf > logon path = \\%L\profiles\.msprofile > logon home = \\%L\%U\.9xprofile > logon drive = P: > security = domain > restrict anonymous = no > domain master = Yes > preferred master = Yes > # idmap uid = 15000-20000 > # idmap gid = 15000-20000 > log level = 2 > netbios name = UCD01 > max protocol = NT > ldap ssl = No > server signing = Auto > workgroup = UCD > add machine script = /usr/sbin/useradd -c Machine -d > /var/nodirs -s /bin/false '%u' > passdb backend = tdbsam > domain logons =Yes > local master = Yes > os level = 65 > > [protel] > comment = Protel Data Folder > path = /protel > read only = no > [homes] > comment = Home Directories > valid users = %S > browseable = No > read only = No > inherit acls = Yes > > [profiles] > comment = Network Profiles Service > path = %H > # path = /var/lib/samba/profiles > read only = No > store dos attributes = Yes > create mask = 0600 > directory mask = 0700 > > [users] > comment = All users > path = /home > read only = No > inherit acls = Yes > veto files = /aquota.user/groups/shares/ > > [groups] > comment = All groups > path = /home/groups > read only = No > inherit acls = Yes > > [printers] > comment = All Printers > path = /var/tmp > printable = Yes > create mask = 0600 > browseable = No > > [print$] > comment = Printer Drivers > path = /var/lib/samba/drivers > write list = @ntadmin root > force group = ntadmin > create mask = 0664 > directory mask = 0775 > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > write list = root > admin users = root > guest ok = Yes > browseable = No > > > Anyway...if it's not obvious am a samba newb Oh and TIA > > ----------------------------------------------------------------- > This email message is intended only for the addressee(s) and > contains information that may be confidential and/or > copyrighted. If you are not the intended recipient please > notify the sender by reply email and immediately delete this > email. Use, disclosure or reproduction of this email by > anyone other than the intended recipient(s) is strictly > prohibited. USIT has scanned this email for viruses and > dangerous content and believes it to be clean. However, virus > scanning is ultimately the responsibility of the recipient. > ----------------------------------------------------------------- > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > ----------------------------------------------------------------- This email message is intended only for the addressee(s) and contains information that may be confidential and/or copyrighted. If you are not the intended recipient please notify the sender by reply email and immediately delete this email. Use, disclosure or reproduction of this email by anyone other than the intended recipient(s) is strictly prohibited. USIT has scanned this email for viruses and dangerous content and believes it to be clean. However, virus scanning is ultimately the responsibility of the recipient. ----------------------------------------------------------------- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
