Hi,
- I have the same problem with Samba PDC (+ LDAP) as Ron Segal has. I am
using WINS because I have 2 subnets. I dont use roaming profiles. The
permission of netlogon directory is 755.
- I also have another problem although I've set the option in global "local
master = yes", but I often get the message from log.nmbd (every 15 min as
you already know):
-----------snip-------------
process_local_master_announce: Server WINDOWS-BOX at IP 192.168.0.x is
announcing itself as a local master browser for workgroup MYDOMAIN and we
think we are master. Forcing election.
[xxxxxx] nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
*****
Samba name server PDC has stopped being a local master browser for
workgroup MYDOMAIN on subnet 192.168.0.xx
--------------snip----------------------------
What do you think about these 2 problems guys. What do you recommend us to
fix? And how can you explain about them?
================
This is my smb.conf
================
[global]
workgroup = mydomain
server string = PDC
netbios name = PDC
interfaces = 127.0.0.0/8 192.168.0.0/255.255.0.0
smb ports = 445 139
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog = 0
logon home =
logon path =
logon drive =
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = ldapsam:ldap://127.0.0.1
ldap suffix = dc=mydomain,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap idmap suffix = ou=Users
ldap group suffix = ou=Groups
ldap admin dn = cn=manager,dc=mydomain,dc=com
ldap delete dn = no
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
ldap passwd sync = yes
obey pam restrictions = yes
guest account = nobody
; invalid users = root
; passwd program = /usr/bin/passwd %u
; passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
; pam password change = no
preferred master = yes
domain master = yes
os level = 255
domain logons = yes
enable privileges = yes
local master = yes
wins support = yes
wins proxy = no
name resolve order = wins lmhosts host bcast
max wins ttl = 518400
min wins ttl = 21600
dns proxy = no
time server = yes
null passwords = no
hide unreadable = yes
hide dot files = yes
logon script = logon.cmd
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192
SO_SNDBUF=8192
;[homes]
; comment = Home Directories
; browseable = no
; root preexec = /etc/samba/mk_sambadir "/home/%u" "%u" "%g"
; guest ok = no
; inherit permissions = yes
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
browseable = no
guest ok = yes
writable = no
share modes = no
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
public = no
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
=========================
Thank you,
Ngo Bao Thai
----- Original Message -----
From: "Gary Dale" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, October 16, 2007 4:55 AM
Subject: Re: [Samba] Samba as PDC with XP Client - Logon requires
reboot -Help Please
Ron Segal wrote:
Hi, I'm running the latest version of Samba with a tdbsam backend,
configured not to use roaming profiles. Two different XP clients (SP2)
are joined to the domain ok but users can only logon by rebooting before
entering their logon details. When users logoff and try to logon again
(or logon as a different user on the same machine) they get the standard
message 'windows cannot connect to the domain either because the domain
controller is down or because your computer account was not found.
Please try again later .. ' etc. Have tried fiddling with registry
entries and permissions but can't get this problem to go away. Any
ideas on this would be appreciated. Cheers.
Have you checked your netlogon and/or profiles Unix permissions? You
generally need to set them very, very loose and let Samba handle the
security.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
