Re: [Samba] smb-ldap or not to smb-ldap
[Sorry for my previous empty post, lost it for a second.] Craig White wrote: On Fri, 2006-03-31 at 16:30 +0100, Antony Gelberg wrote: Hi all, We are deploying a Linux server and desktops for a customer. We will have the users and groups in LDAP on the server, and files shared via NFS. However, one never knows if Windows desktops will be needed in the future. Is it a good idea to add users with smb-ldap even if samba is not initially used, as adding the samba attributes to an existing LDAP database is painful, and the smb-ldap created users will have the relevant POSIX credentials to be able to login anyway? It would seem to me that a successful LDAP implementation is going to have an administrator who can script changes to the users attributes when necessary, otherwise, it's not just a down the road implementation of samba that will make things difficult. My thinking is that time spent now to acquire skill sets is better than spending time to configure an imagined samba implementation which may happen down the road. You're right, but time is not always that easy to come by and smbldap-tools is a real time-saver, being so powerful. That being said, it probably won't hurt anything to implement smbldap-tools but consider that the real issue is the tool sets you use to create/modify existing users outside of the samba realm must all anticipate the samba schema because the smbldap-tools are for samba based tools. There is no requirement to have users who aren't part of the samba realm i.e. with POSIX login only, so we can always use the smbldap-tools toolset. Or did I misunderstand your point? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb-ldap or not to smb-ldap
Craig White wrote: On Fri, 2006-03-31 at 16:30 +0100, Antony Gelberg wrote: Hi all, We are deploying a Linux server and desktops for a customer. We will have the users and groups in LDAP on the server, and files shared via NFS. However, one never knows if Windows desktops will be needed in the future. Is it a good idea to add users with smb-ldap even if samba is not initially used, as adding the samba attributes to an existing LDAP database is painful, and the smb-ldap created users will have the relevant POSIX credentials to be able to login anyway? It would seem to me that a successful LDAP implementation is going to have an administrator who can script changes to the users attributes when necessary, otherwise, it's not just a down the road implementation of samba that will make things difficult. My thinking is that time spent now to acquire skill sets is better than spending time to configure an imagined samba implementation which may happen down the road. That being said, it probably won't hurt anything to implement smbldap-tools but consider that the real issue is the tool sets you use to create/modify existing users outside of the samba realm must all anticipate the samba schema because the smbldap-tools are for samba based tools. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smb-ldap or not to smb-ldap
Hi all, We are deploying a Linux server and desktops for a customer. We will have the users and groups in LDAP on the server, and files shared via NFS. However, one never knows if Windows desktops will be needed in the future. Is it a good idea to add users with smb-ldap even if samba is not initially used, as adding the samba attributes to an existing LDAP database is painful, and the smb-ldap created users will have the relevant POSIX credentials to be able to login anyway? Antony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP integration
(Craig, thanks for your response. I'm cc'ing the list as we need to try and resolve this today. Hope you don't mind.) Craig White wrote: On Sat, 2005-11-12 at 18:29 +, Antony Gelberg wrote: We're into our new server build. We have built Samba / LDAP servers before, but never a PDC. I'm not sure that this question is PDC-specific though. What is the difference between smbldap-useradd, and adding a user to the LDAP database normally e.g. with cpu useradd? smbldap-tools should create both the posix user and smb user - the former being necessary for the latter I understand the words, but not the sentence. Another samba/ldap box that we have authenticates the users quite happily, where they have been added to the LDAP directory via cpu. I understand that with the traditional passdb backend, there is a difference between the posix user and the smb user, hence the need to use smbpasswd to create smb users. However, I thought that with LDAP, everything is in one place, so I don't quite understand the need for a posix and smb user. Added to which, it worked for us on another box, as I said above. If somebody could clarify, we would be grateful. Are smbldap-tools needed for new installs, or only where an existing Samba database is being migrated to LDAP? the smbldap-tools aren't necessary at all, they are for your convenience and permit the usage of tools such as User Manager for Domains and 'net rpc vampire' processes. If you don't use smbldap-tools, then you would probably need another set of scripts to accomplish the same things. - I can see that they are useful for smb.conf actions such as add user script = /usr/sbin/smbldap-useradd -m %u. What is the best practise for the administrator for new installs? reading the excellent documentation, like Samba by Example...available in dead tree form at your typical bookseller or in pdf/html form at www.samba.org We're ploughing through it. Truly an *excellent* manual. Antony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP integration
Antony Gelberg wrote: (Craig, thanks for your response. I'm cc'ing the list as we need to try and resolve this today. Hope you don't mind.) Craig White wrote: smbldap-tools should create both the posix user and smb user - the former being necessary for the latter I understand the words, but not the sentence. Another samba/ldap box that we have authenticates the users quite happily, where they have been added to the LDAP directory via cpu. I understand that with the traditional passdb backend, there is a difference between the posix user and the smb user, hence the need to use smbpasswd to create smb users. However, I thought that with LDAP, everything is in one place, so I don't quite understand the need for a posix and smb user. Added to which, it worked for us on another box, as I said above. If somebody could clarify, we would be grateful. Sorry. On the box where it worked, I *did* run smbpasswd -a for each LDAP user. I have tried it on the new box and it works. What I think you are saying is that if we use smbldap-tools, it's one step rather than the two steps of cpu useradd and smbpasswd -a. Not for the first time, I reflect on how forgetting a little detail can waste hours. Thanks for your help though. It's much appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP integration
We're into our new server build. We have built Samba / LDAP servers before, but never a PDC. I'm not sure that this question is PDC-specific though. What is the difference between smbldap-useradd, and adding a user to the LDAP database normally e.g. with cpu useradd? Are smbldap-tools needed for new installs, or only where an existing Samba database is being migrated to LDAP? What is the best practise for the administrator for new installs? We plan to join machines to the domain as root. Is this overly dangerous? Do we need to create an admin user and group to join machines? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP user
This follows on from the previous questions. I noticed that smbldap-tools With lines like ldap user suffix = ou=Users in smb.conf, should we change Users to People if that's how our LDAP database was set up, or do Users and People generally mean different things in LDAP? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Migrating same domain
This weekend, we're replacing a customer's Windows 2003 server with a Samba box. They lost their Windows media and we can't reset the administrator password, so we can't even login to the server to examine it. The best we can do is to boot Knoppix and copy the filesystem onto an external USB drive, to recover their files. We're not sure how we will recover their Exchange mail yet. The box boots properly about 1 in 20 times. Given this scenario, are we best off creating a new domain? It would be nice if we could migrate the oild domain so it's transparent to the users. If it's not possible, would it be if we had admin access to the existing Server? While I'm on the subject, is there any way to ease pain of Exchange - Maildir migration? Current thinking is boot Windows server, have both Exchange and Maildir configured in Outlook, and drag the folders. What if we can't get the Exchange box to boot? -- Wayforth - the alternative Blackberry solution. http://www.wayforth.co.uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Reinstall workstation
We have an XP workstation joined to our Samba PDC. Will there be any issues if we reinstall XP on the workstation and join it to the domain with the same computer name that it originally had? Is there any need to delete the original entry from Samba's database of domain workstations? (Samba 3.0.14, Debian Sarge) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Reinstall workstation
Geert Stappers wrote: On Mon, Oct 03, 2005 at 12:23:46PM +0200, Tomasz Chmielewski wrote: Antony Gelberg schrieb: We have an XP workstation joined to our Samba PDC. Will there be any issues if we reinstall XP on the workstation and join it to the domain with the same computer name that it originally had? Is there any need to delete the original entry from Samba's database of domain workstations? (Samba 3.0.14, Debian Sarge) no, you don't need to remove the entry. normally it will be overwritten when the workstation with the same name (that is, your newly installed workstation) joins the domain. What value has add machine script = in your smb.conf? None, but it has: add user script = /usr/local/sbin/addmachine %m The script looks like: #!/bin/sh machine=$1$ /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -m $machine /usr/bin/smbpasswd -a -m $machine Is this no longer the way to do things? This server may have been upgraded from Samba 2 since we last added a machine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem over VPN
Antony Gelberg wrote: Hi all, Samba 3.0.14, Debian Sarge. I've asked on IRC but didn't get a response. I am having problems dragging files to my Samba share in Windows XP, over an IPSEC VPN. The file in question is a simple small text file. I have no problem directly creating and editing a file on the share. Here's the log: [2005/09/18 21:51:05, 0] lib/util_sock.c:read_socket_with_timeout(321) read_socket_with_timeout: timeout read. read error = Connection reset by peer. [2005/09/18 21:51:05, 0] smbd/oplock.c:oplock_break(841) oplock_break: receive_smb error (Connection reset by peer) oplock_break failed for file debian.txt (dev = 902, inode = 312405, file_id = 37). [2005/09/18 21:51:05, 0] smbd/oplock.c:oplock_break(931) oplock_break: client failure in break - shutting down this smbd. [2005/09/18 21:51:05, 1] smbd/service.c:close_cnum(830) pulse-laptop (192.168.0.190) closed connection to service antony Hope someone can advise. Antony Hi, this is most likely a mtu size problem. PMTU discovery does not work over IPSec connections, so you have to specify the mtu size in the ipsec connection. Sounds very possible indeed. When I ping with DF set, 1450 responds with Fragmentation required but DF set, 1350 responds normally, but 1400 times out. I'll take it to the openswan mailing list. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem over VPN
Antony Gelberg wrote: Hi all, Samba 3.0.14, Debian Sarge. I've asked on IRC but didn't get a response. I am having problems dragging files to my Samba share in Windows XP, over an IPSEC VPN. The file in question is a simple small text file. I have no problem directly creating and editing a file on the share. snip Sorry for replying to my own post. As nobody has any input, is it appropriate to forward it to the devel list? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem over VPN
Hi all, Samba 3.0.14, Debian Sarge. I've asked on IRC but didn't get a response. I am having problems dragging files to my Samba share in Windows XP, over an IPSEC VPN. The file in question is a simple small text file. I have no problem directly creating and editing a file on the share. Here's the log: [2005/09/18 21:51:05, 0] lib/util_sock.c:read_socket_with_timeout(321) read_socket_with_timeout: timeout read. read error = Connection reset by peer. [2005/09/18 21:51:05, 0] smbd/oplock.c:oplock_break(841) oplock_break: receive_smb error (Connection reset by peer) oplock_break failed for file debian.txt (dev = 902, inode = 312405, file_id = 37). [2005/09/18 21:51:05, 0] smbd/oplock.c:oplock_break(931) oplock_break: client failure in break - shutting down this smbd. [2005/09/18 21:51:05, 1] smbd/service.c:close_cnum(830) pulse-laptop (192.168.0.190) closed connection to service antony Hope someone can advise. Antony -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] extended error
Hi all, This is happening on a Samba 3.0.1 PDC-controlled domain, so I'm not sure if the issue is Samba-related. If not, perhaps somebody can point me in the right direction. One of my users has a printer connected to his Win2k PC (name UPSTAIRS-SMALL). Printing to it from another (WinXP) workstation fails miserably. I tried to go back to first principles and go Start-Run \\upstairs-small to see the shares on the machine. That returns: an extended error has occurred. Very helpful. Then, in a dos prompt: C:\Documents and Settings\antgelnet view Server NameRemark -- \\DOWNSTAIRS \\FUJITSU-LAPTOP LAPTOP \\PULSE-LAPTOP Pulse Solutions laptop \\RECEPTION \\SECRETARY \\SERVER Samba 3.0.1-Debian \\UPSTAIRS-SMALL The command completed successfully. C:\Documents and Settings\antgelnet view \\upstairs-small An internal Windows 2000 error occurred. More help is available by typing NET HELPMSG 2140. C:\Documents and Settings\antgelnet helpmsg 2140 An internal Windows 2000 error occurred. EXPLANATION A software error occurred. ACTION Contact technical support. Aside from the hilarity of the above, I need to get this going, and I am technical support, DOH! This happens from more than one workstation. The strange thing is that it does sometimes work (rarely), but appears to be totally random. I'd appreciate a CC as I'm not subscribed. A -- Now playing: The Mahavishnu Orchestra - Meeting of the Spirits -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: PDC - initial profile creation
Repost - didn't get through first time. Antony Gelberg wrote: Hi all, I'm still suffering from the problem whereby a user can login to the domain, but a message comes up saying Windows cannot locate the server copy of your roaming profile... DETAIL - The network path was not found.. I have now found these entries in the logs: [2004/01/20 12:31:27, 1] smbd/service.c:make_connection_snum(698) pulse-laptop (192.168.0.101) connect to service netlogon initially as user antgel (uid=1003, gid=100) (pid 5659) [2004/01/20 12:31:31, 0] smbd/service.c:make_connection(850) pulse-laptop (192.168.0.101) couldn't find service %u [2004/01/20 12:31:31, 0] smbd/service.c:make_connection(850) pulse-laptop (192.168.0.101) couldn't find service %u [2004/01/20 12:31:34, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2540) Returning domain sid for domain CHHAUSMANN - S-1-5-21-3247875428-2940378000-2436062379 [2004/01/20 12:31:34, 0] rpc_server/srv_util.c:get_domain_user_groups(371) get_domain_user_groups: primary gid of user [antgel] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2004/01/20 12:31:34, 0] rpc_server/srv_util.c:get_alias_user_groups(219) get_alias_user_groups: gid of user antgel doesn't exist. Check your /etc/passwd and /etc/group files Clearly the two issues are couldn't find service %u and the primary gid error. However user antgel has a primary group of users, which is mapped to Domain Users. Can anyone shed any light on this? Antony -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple group names
Hi all, Don't know if this is related to my other problem. In my list of groups, several are mentioned more than once (Domain Users, Domain Guests, Domain Admins). Is this normal? A System Operators (S-1-5-32-549) - -1 Domain Users (S-1-5-21-3247875428-2940378000-2436062379-513) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Users (S-1-5-21-2014712618-1374985912-2525701617-513) - -1 Domain Admins (S-1-5-21-3247875428-2940378000-2436062379-3003) - admin Power Users (S-1-5-32-547) - -1 Domain Users (S-1-5-21-3247875428-2940378000-2436062379-1201) - users Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Domain Admins (S-1-5-21-3247875428-2940378000-2436062379-512) - -1 Domain Guests (S-1-5-21-3247875428-2940378000-2436062379-514) - -1 Domain Admins (S-1-5-21-2014712618-1374985912-2525701617-512) - -1 Account Operators (S-1-5-32-548) - -1 Domain Guests (S-1-5-21-2014712618-1374985912-2525701617-514) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC - initial profile creation
Michael Aldrich wrote: Hello, I had the same problem. This is my current config: [global] logon path = %U\profile [netlogon] comment = Network Logon Service path = /home/netlogon share modes = No [profiles] path = /home/%U/profile browseable = No I am able to logon to my domain without errors. Do you know what solved the problem whem you were trying to get it to work? Can you post a ls -ld on /home/netlogon? I thought it wasn't recommended to have the logon path as a subdirectory of %U? Antony -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] PDC - initial profile creation
I can now login to my domain from an XP Pro client, as a normal user. Only problem is, I get this: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator. DETAIL - The network path was not found. Here are the relevant snippets: [profiles] path = /home/samba/profiles read only = no create mask = 0600 directory mask = 0700 browseable = no profile acls = yes [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = yes writable = no share modes = no browseable = no server:~# ls -l /home/samba total 8 drwxr-sr-x2 root users4096 Jan 14 20:19 netlogon drwxrwxrwt3 root users4096 Jan 15 23:03 profiles /home/samba/profiles is empty. Should the user subdirectory be created when the user first logs in? Is there any definitive guide to the minimum required permissions / ownership for the above two directories? Googling gives wildly differing answers. Antony -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win XP Pro / Linux PDC
On Tue, Jan 13, 2004 at 10:52:35AM -0600, Art Powell wrote:
In XP, you have to make some changes to the security policy. On the XP
client, go to the Control Panel and then Administrative Tools and
then open the Local Security Settings and the open the Local Options
and then the Security Options folder. The following should be
DISABLED:
Domain Member: Digitally encrypt or sign secure channel data
Domain Member: Digitally encrypt secure data channel
Domain Member: Digitally sign secure data channel.
Reboot your machine, and it should now be able to join the domain.
This was a problem in SAMBA 2.x. Let me know if it works, I am
interested to see if it is still a problem in SAMBA 3.x (my guess is
yes, due to difference in the way XP authenticates.).
Sadly, no. I still get the user name could not be found. I'm using
v3.0.0-debian. I have disabled:
Digitally encrypt or sign secure channel data (always).
Digitally encrypt secure channel data (when possible).
Digitally encrypt sign channel data (when possible).
Disable machine account password changes.
As an aside, google searching seems to disagree on the exact options
that need disabling. It would be good if someone can confirm the
minimal set.
I noticed that the attached smb.conf in my original didn't get through
(I guess the list strips attachments?), so I've pasted it below,
together with my referenced /usr/local/sbin/addmachine script. I'd
appreciate any feedback on problems that are contained within.
Antony
---
/etc/samba/smb.conf
---
Sample configuration file for the Samba suite for Debian GNU/Linux.
#
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options most of which
# are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentary and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command
# testparm to check that you have not many any basic syntactic
# errors.
#
#=== Global Settings ===
[global]
## Browsing/Identification ###
# Change this to the workgroup/NT-domain name your Samba server will
# part of
workgroup = chhausmann
# server string is the equivalent of the NT Description field
server string = %h server (Samba %v)
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS
# Server
; wins support = no
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT
# both
; wins server = w.x.y.z
# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no
# What naming service and in what order should we use to resolve host
# names
# to IP addresses
; name resolve order = lmhosts host wins bcast
Debugging/Accounting
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 1000
# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
; syslog only = no
# We want Samba to log a minimum amount of information to syslog.
# Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to
# log
# through syslog you should set the following parameter to something
# higher.
syslog = 0
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
### Authentication ###
# security = user is always a good idea. This will require a Unix
# account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc
# package for details.
security = user
# You may wish to use password encryption. See the section on
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
encrypt passwords = true
# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
passdb backend = tdbsam guest
obey pam restrictions = yes
; guest account = nobody
; invalid users = root
# This boolean parameter controls whether Samba attempts to sync the
# Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
unix password sync = yes
# For Unix password sync to work on a Debian GNU/Linux system, the
# following
# parameters must be set (thanks to Augustin Luton
# [EMAIL PROTECTED] for
# sending the correct chat script for the passwd program in Debian
# Potato).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:*
Re: [Samba] Win XP Pro / Linux PDC
On Tue, Jan 13, 2004 at 10:15:49AM -0700, Craig White wrote: On Tue, 2004-01-13 at 09:52, Art Powell wrote: In XP, you have to make some changes to the security policy. On the XP client, go to the Control Panel and then Administrative Tools and then open the Local Security Settings and the open the Local Options and then the Security Options folder. The following should be DISABLED: Domain Member: Digitally encrypt or sign secure channel data Domain Member: Digitally encrypt secure data channel Domain Member: Digitally sign secure data channel. Reboot your machine, and it should now be able to join the domain. This was a problem in SAMBA 2.x. Let me know if it works, I am interested to see if it is still a problem in SAMBA 3.x (my guess is yes, due to difference in the way XP authenticates.). actually, the answer is no on my setup Samba 3.0.0 PDC, this is not necessary (hooray) but on Samba 2.2.x PDC, it is necessary. Craig I'm runing 3.0.0 as a PDC. I'd really appreciate a copy of your smb.conf, to see what the relevant differences are. Antony -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win XP Pro / Linux PDC
Ok, fixed it! It was a typo in my addmachine script - the group was machines, not machine. I found it after starting the daemons with -d 3. Antony -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Win XP Pro / Linux PDC
Hi all, I'm trying to configure Samba as a PDC. I'm running Debian Woody, hence Samba version 3.0.0final-1. We have no Windows servers anywhere on the network (yay!). I have done an smbpasswd for root, and add machine script is setup (see attached smb.conf). From the XP Pro workstation, when I fill in the domain name, log in as root, and click ok, I eventually get: The following error occurred when attempting to join the domain CHHAUSMANN: access denied. I know that something is working, because if I type in the wrong root password, I get a different error - unknown username or bad password. In /var/log/samba/log.nmbd, I get things like: [2004/01/13 00:27:24, 1] nmbd/nmbd_processlogon.c:process_logon_packet(95) process_logon_packet: Logon from 192.168.0.101: code = 0x12 [2004/01/13 00:27:24, 1] nmbd/nmbd_processlogon.c:process_logon_packet(95) process_logon_packet: Logon from 192.168.0.101: code = 0x7 I'm about to use the source, but can anyone give me any pointers? I also looked at http://groups.google.com/groups?hl=enlr=ie=UTF-8oe=utf-8threadm=2d947vo q7e1rlatse397lr7sh6hosu8f6g%404ax.comrnum=1prev=/groups%3Fhl%3Den%26lr%3D% 26ie%3DUTF-8%26oe%3Dutf-8%26q%3Dxp%2Bpro%2Bsamba%2Bjoin%2Bdomain%2B%2522digi tally%2Bencrypt%2522%26btnG%3DGoogle%2BSearch and followed the instructions there, but trying to join the domain as machineadmin just returns The user name could not be found.. A -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
