Robert skrev:
On Saturday 16 February 2008, Doug VanLeuven wrote:
Robert wrote:
I've having trouble getting XP SP2's to join a domain. Whenever I try to
join, at the point I'm asked for a user name and password with permission
to join the domain, I enter root and root's password, then get the
dreaded "Unknown user or bad password" error message.
The clients are a mixed bunch with some 98's, 1 Win2K, a few XP SP1 (I
know, I know!, but it's not a priority to management who has me fighting
other fires), and the rest being XP SP2. I *ONLY* get the error with XP
SP2. The Win2K and SP1 all join no problem, so it shouldn't be a problem
with the Samba PDC or the config file else none should be joining. The
98's aren't a problem of course. In fact, for reasons I can't figure out,
2 of the SP2's joined too. What is stopping the SP2's from joining?
I've tried creating the machine accounts by hand, but that had no effect.
I cranked up the logging and it looks to me like root authenticates
correctly, but I still get the error.
Background: The original Samba PDC machine was getting old so management
decided to trash it. I was tasked with putting together a replacement
machine. I am using Kubuntu 7.10 (Gutsy) with Samba 3.0.26a. I
disconnected the client machines from the domain (switched them to
workgroup), then tried to reconnect with the new server online. The old
server is physically gone.
As I stated, only the XP SP2's are not joining. I'm including my
smb.conf, but considering the XP SP1's and the one Win2K (which is
actually running as a virtual machine with XP SP2 as a host OS; this XP
SP2 won't join) all join, the config file should be correct, and I have a
root user in my smbpassword file, and I'm typing the password correctly.
Therefore it has to be something to do with the SP2's. Possibly some
registry setting??? Right now the XP SP2's are running as workgroup
computers.
Yes, the old domain and new domain name are the same, but I've already
tried changing the new name to something different then joining but with
no luck.
#======================= Global Settings
===================================== [global]
debug level = 2
workgroup = hap
netbios name = linuxII
hosts allow = 192.168.1. 127.
printcap name = cups
load printers = yes
printing = cups
guest account = pcguest
log file = /var/log/samba/log.%m
max log size = 50
security = user
encrypt passwords = true
passdb backend = tdbsam
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password*
%n\n*passwd:*all*authentication*tokens*updated*successfully* username map
= /etc/samba/smbusers
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = 192.168.1.8/32 127.0.0.1/32
bind interfaces only = true
local master = yes
os level = 34
domain master = yes
preferred master = yes
domain logons = yes
logon script = home.bat
logon path = \\%L\profiles\%U
logon home = \\%L\%U
logon drive = H:
name resolve order = wins lmhosts bcast
wins support = yes
wins proxy = yes
hide dot files = yes
deadtime = 15
disable spoolss = yes
show add printer wizard = no
add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false %u
time server = yes
#======================== Share Definitions =========================
[homes]
comment = Home Directory
browseable = no
writable = yes
# Un-comment the following and create the netlogon directory for Domain
Logons [netlogon]
comment = Net
Logon Service
path = /home/netlogon
guest ok = yes
writable = no
#...Lots more shares...<snip>
#=========================end config file=============================
Since it's just XP SP2, you might want to look at the XP firewall settings
that were added by default during the SP2 update. Get there Control
Panel/Windows Firewall. In there is file and printer sharing blocking on
by default for notebooks and computers directly on the internet. Maybe you
already looked at this. Nothing else stands out.
Regards, Doug
It's a good thought. I'll check it, but I don't think that's the problem. As I
said, the XP SP2's are functioning as workgroup computers for now, so the
users can access their home shares just fine. Unless I'm badly mistaken, file
and printer sharing blocking, if on, should block this too.
Hi Robert
I've think i found the solution to your problem. what is the name of the
workgroup, it's not in your smb.conf?
Since the SP2 pc's are in a workgroup with the same name as your
domainname they need to be taken out of the that particular workgroup
before you can join them to your domain. To join them to your domain do
as follows:
1. Make a workstation member of a workgroup with a name differet to
your domainname e.g. testgroup
1. make sure it doesn't have any connection to file and
printershares in the old workgroup
2. restart
2. Join the domain you want.
1. restart to make the domain join work.
--
Rune Tønnesen
Bedste Hilsner/Best Regards
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
