-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have successfully joined my windows xp box to my domain. I rebooted, and tried to log in as my test user and I received the error message:
"The system could not log you on. Make sure your User name and domain are correct, then type your password again..." On my local windows xp workstation. There is no Domain Users, Domain Admins, etc... groups. Is this a problem? In my LDAP log it is showing a successful query for my testuser, returning "nentries=1". Samba, however shows nothing. I disabled on the windows xp client: - ---------------- Start the Administrative Tools (Start / Settings / Control Panel / Administrative Tools). From there start the Local Security Policy. In the Local Security Policy open Local Policies and then Security Options. Disable the following entries: Domain member: Digitally encrypt or sign secure channel data (Always) Domain member: Digitally encrypt secure channel data (when possible) Domain member: Digitally sign secure channel data (when possible) Domain member: Require strong (Windows 2000 or later) session key In the Group Policy Editor (C:\windows\system32\gpedit.msc) enable the following entry: Computer Configuration\Administrative Templates\System\User Profiles\do not check for user ownership of roaming profiles folders - ---------------- And then I tried again, and I got the same error. My user testuser is set to have the primary group SID of Domain Users (S-1-5-21-3040749549-2843134544-1782940832-513) I can successfully login as my testuser using smbclient, and by logging in from a linux client. I just can't login from Windows. My group mappings are: [EMAIL PROTECTED]:/var/log# net groupmap list Domain Admins (S-1-5-21-3040749549-2843134544-1782940832-512) -> Domain Admins Domain Users (S-1-5-21-3040749549-2843134544-1782940832-513) -> Domain Users Domain Guests (S-1-5-21-3040749549-2843134544-1782940832-514) -> Domain Guests Domain Computers (S-1-5-21-3040749549-2843134544-1782940832-515) -> Domain Computers Administrators (S-1-5-32-544) -> Administrators Account Operators (S-1-5-32-548) -> Account Operators Print Operators (S-1-5-32-550) -> Print Operators Backup Operators (S-1-5-32-551) -> Backup Operators Replicators (S-1-5-32-552) -> Replicators Any ideas where I should look? Zach -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFEtSSEMyx0fW1d8G0RApHRAJ41KYXt9OGRsF8O4IYPbBw7pdUqjQCfVssx 0VjhFaCh1k44D62uVLrEsgg= =7c0q -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
