[Samba] A device attached to the system is not functioning.

[Adam Williams]

Windows XP w/ SP2 is giving me that error message when I'm trying to log 
into my domain:

A device attached to the system is not functioning.
error log:

[2007/11/09 10:21:01, 1] 
rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004)
 _net_sam_logon: user TEST\testuser has user sid S-1-1-0
  but group sid S-1-5-21-3536689092-529281149-710501220-513.
 The conflicting domain portions are not supported for NETLOGON calls

[EMAIL PROTECTED] ~]# cat /etc/samba/smb.conf
[global]
 unix charset = LOCALE
  workgroup = TEST
 netbios name = GOMER
 server string = Samba Server %v on gomer
#  interfaces = eth0, lo
 interfaces = 10.8.3.37/24 127.0.0.1/8
 bind interfaces only = Yes
 hosts allow = 10.8.
 passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us
 enable privileges = Yes
 username map = /etc/samba/smbusers
 log level = 1
 syslog = 0
 log file = /var/log/samba/%m
 max log size = 50
 name resolve order = wins bcast hosts
 time server = Yes
 printcap name = CUPS
 show add printer wizard = no
 add user script = /usr/sbin/smbldap-useradd -a -m "%u"
 delete user script = /usr/sbin/smbldap-userdel "%u"
 add group script = /usr/sbin/smbldap-groupadd -p "%g"
 delete group script = /usr/sbin/smbldap-groupdel "%g"
 add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
 delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
 set primary group script = /usr/sbin/smbldap-groupmod -g "%g" "%u"
 add machine script = /usr/sbin/smbldap-useradd -w "%u"
 logon script = scripts\logon.bat
 logon path = \\%L\profiles\%U
 logon drive = X:
 domain logons = Yes
 preferred master = Yes
 wins support = Yes
 ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
 ldap machine suffix = ou=People
 ldap user suffix = ou=People
 ldap group suffix = ou=Groups
 ldap idmap suffix = ou=Idmap
 ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
 idmap backend = ldap:ldap://gomer.mdah.state.ms.us
  idmap uid = 10000-20000
  idmap gid = 10000-20000
 map acl inherit = Yes
 printing = cups
 printer admin = root, awilliam
 ldap passwd sync = yes
  winbind separator = +
# use uids from 10000 to 20000 for domain users
  idmap uid = 10000-20000
# use gids from 10000 to 20000 for domain groups
  idmap gid = 10000-20000
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes
# give winbind users a real shell (only needed if they have telnet access)
  template homedir = /home/winnt/%D/%U
  template shell = /bin/bash

winbind enum users = yes
winbind enum groups = yes

  winbind use default domain = no
[homes]
 comment = Home Directories
 valid users = %S
 read only = no
 browseable = No

[accounts]
 comment = Accounting Files
 path = /data/accounts
 read only = No

[netlogon]
 comment = network logon service
 path = /var/lib/samba/netlogon
 guest ok = Yes
 locking = No

[profiles]
 comment = Profile Share
 path = /var/lib/samba/profiles
 read only = No
 profile acls = Yes

[print$]
 comment = Printer Drivers
 path = /var/lib/samba/drivers
 browseable = yes
 guest ok = no
 read only = yes
 write list = root, awilliam

and the user exists in ldap:

ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b 
"uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxx -x
# extended LDIF
#
# LDAPv3
# base <uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us> 
with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# testuser, People, gomer.mdah.state.ms.us
dn: uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
uid: testuser
cn: test user
telephoneNumber: 5766888
roomNumber: IS
homePhone: 3738042
givenName: test
sn: user
mail: [EMAIL PROTECTED],dc=state,dc=ms,dc=us
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: sambaSamAccount
loginShell: /bin/bash
uidNumber: 501
gidNumber: 101
homeDirectory: /home/testuser
gecos: test user,IS,5766888,3738042
sambaSID: S-1-1-0
sambaLMPassword: xxxxxxxxxxx
sambaAcctFlags: [U]
sambaNTPassword: xxxxxxxxxxxxxxx
sambaPwdMustChange: 1194624706
shadowLastChange: 0
shadowMax: 99999
shadowWarning: 7
sambaPasswordHistory: 
00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1194624832
userPassword:: xxxxxxxxxxxxxxxxxx

# search result
search: 2
result: 0 Success

any ideas?
# numResponses: 2
# numEntries: 1




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba