Re: [Samba] Backup Tape
Denis Vlasenko wrote: Or better yet, in order to avoid carrying drives back and forth, copy backup over network to a few physically remote backup servers - just in case of asteroid impact, that sort of trouble, you know. We dont have a lot of data, but we use http://samba.anu.edu.au/rsync/ with http://freshmeat.net/projects/pdumpfs/ Since our data doesnt change very much, we have a backup that cost us 30 GB the first time,.. after this it took 10 GB for 1 month. (still have to write a clean script that will be triggered when the disk is almost full) Advantage with this sollution that you can also browse back in time. Please notice that we did use WIFI to have a geographical distance! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC (3.0.14a) with LDAP cannot add machines
Hello list, Im still trying to get the add machine script working. I have a user which is named administrator, which is stored in ldap, i can login using this user(i attached a loginshell) and execute the command: '/usr/sbin/smbldap-useradd -w eduard-laptop$' succesfull (UID=0,USER=root) Howevery, when this command is executed by samba, it will not run, since ldap doesnt like the way the command was started: (UID=65534,USER=root) How can i get this script to be executed the same way as when it is run from the commandline? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC (3.0.14a) with LDAP cannot add machines
Jan Evert van Grootheest wrote: Hi, I am setting up a Samba PDC which uses LDAP for account information. It is a debian installation with samba 3.0.14a and slapd 2.2.23 (I'm also using ldap-account-manager, but I don't think that has anything to do with this). Jan, I also ran into maybe similar problems, which i couldnt solve on ubuntu(debian). The problem for me is that when the script is executed on the command line/ '/usr/sbin/smbldap-useradd -w //eduard-laptop$'/ the following enviourment varaibles are set: ... UID=0 USER=root ... When the script is run by samba, the enviourment settings are: ... UID=65534 USER=root ... Notice that the UID of 65534 should be 0 AFAIK. I determined this by using the following setting in the smb.conf: 'set / /tmp/user.txt; /usr/sbin/smbldap-useradd -w %u' (http://lists.samba.org/archive/samba/2005-August/109759.html) I dont know if we have the same problem, but to me it almost looks the same. I dont have a sollution for this problem. / -- Eduard Witteveen +31 (0)6 414 789 23 nl_NL fy_NL en_US -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding machine to domain fails - check permissions? (ldap)
On Sun, 2005-08-14 at 12:02 +0200, Eduard Witteveen wrote: Eduard Witteveen wrote: Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 891, DATA line 283. [2005/08/11 16:46:54, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w eduard-laptop$' gave 127 I changed the add machine script into 'set /tmp/user.txt; /usr/sbin/smbldap-useradd -w %u'. This /tmp/user.txt contains a lot of information,.. but what really wondered me was the following part: ... UID=65534 USER=root ... (where one would expect uid=0, since the uid of administrator(user in ldap) is 0) When i do this on the commandline, the administrator has a UID of 0 [EMAIL PROTECTED]:~$ sudo -u Administrator bash [EMAIL PROTECTED]:~# set | grep UID=0 EUID=0 UID=0 How can i let the add machine script run with UID = 0? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding machine to domain fails - check permissions? (ldap)
I made a short summary of the current situation, and i hope that someone can give me some pointers The summary can be found at: http://nergens.org/download/ldap-problems.pdf -- Eduard Witteveen +31 (0)6 414 789 23 nl_NL fy_NL en_US -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding machine to domain fails - check permissions? (ldap)
Eduard Witteveen wrote: Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 891, DATA line 283. [2005/08/11 16:46:54, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w eduard-laptop$' gave 127 I didnt read the log file completely, before this message there were also some other messages: [EMAIL PROTECTED]:/var/log/samba# cat log.eduard-laptop [2005/08/12 15:15:26, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2005/08/12 15:15:26, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset by peer [2005/08/12 15:15:26, 0] lib/util_sock.c:send_smb(647) Error writing 4 bytes to client. -1. (Connection reset by peer) [2005/08/12 15:15:28, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2005/08/12 15:15:28, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset by peer [2005/08/12 15:15:28, 0] lib/util_sock.c:send_smb(647) Error writing 4 bytes to client. -1. (Connection reset by peer) Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 891, DATA line 283. [2005/08/12 15:15:38, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w eduard-laptop$' gave 127 [EMAIL PROTECTED]:/var/log/samba# I assume that this means that the smbldap_tools.pm script cannot connect to the ldap server. Therefore i opened the file and found the following code: sub get_next_id($$) { my $ldap_base_dn = shift; my $attribute = shift; my $tries = 0; my $found=0; my $next_uid_mesg; my $nextuid; if ($ldap_base_dn =~ m/$config{usersdn}/i) { # when adding a new user, we'll check if the uidNumber available is not # already used for a computer's account $ldap_base_dn=$config{suffix} } do { $next_uid_mesg = $ldap-search( base = $config{sambaUnixIdPooldn}, filter = (objectClass=sambaUnixIdPool), scope = base ); $next_uid_mesg-code die Error looking for next uid; if ($next_uid_mesg-count != 1) { die Could not find base dn, to get next $attribute; } my $entry = $next_uid_mesg-entry(0); $nextuid = $entry-get_value($attribute); my $modify=$ldap-modify( $config{sambaUnixIdPooldn}, changes = [ replace = [ $attribute = $nextuid + 1 ] ] ); $modify-code die Error: , $modify-error; ^^ # let's check if the id found is really free (in ou=Groups or ou=Users)... my $check_uid_mesg = $ldap-search( base = $ldap_base_dn, filter = ($attribute=$nextuid), ); $check_uid_mesg-code die Cannot confirm $attribute $nextuid is free; if ($check_uid_mesg-count == 0) { $found=1; return $nextuid; } $tries++; print Cannot confirm $attribute $nextuid is free: checking for the next one\n } while ($found != 1); die Could not allocate $attribute!; } This means that the variable $config{sambaUnixIdPooldn} contains something we dont like. I assume that this came from the file /etc/smbldap-tools/smbldap.conf This contains the value: sambaUnixIdPooldn=cn=NextFreeUnixId,${suffix} (i checked this one and it exists in ldap) Also: suffix=dc=hawarit,dc=com I've read the other documentation, but it doesnt give me any clue's Joachim told me to store the machines in the Users organisation-unit. Could somebody please give me some more pointers? -- Eduard Witteveen +31 (0)6 414 789 23 nl_NL fy_NL en_US # $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ # $Id: smbldap.conf,v 1.15 2004/10/14 09:53:14 jtournier Exp $ # # smbldap-tools.conf : Q D configuration file for smbldap-tools # This code was developped by IDEALX (http://IDEALX.org/) and # contributors (their names can be found in the CONTRIBUTORS file). # # Copyright (C) 2001-2002 IDEALX # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY
[Samba] Adding machine to domain fails - check permissions? (ldap)
Dear list, Whe i trying to add a machine to the domain(ldap/pdc) i get the following error: Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 891, DATA line 283. [2005/08/11 16:46:54, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w eduard-laptop$' gave 127 Since i used the user Administrator, i login from the windows-machine on the linux-computer running samba with the username Administrator (account which is stored inside ldap), i *can* run the command succesfull. (this user is actually root since i changed the gidnumber and the uidnumber both to 0) But when this machine has been added manually to the ldap-database, i still cannot join the domain and samba puts information like the following in the log: [2005/08/11 17:05:07, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. . [2005/08/11 17:05:22, 0] lib/smbldap.c:smbldap_search_suffix(1176) smbldap_search_suffix: Problem during the LDAP search: (Timed out) [2005/08/11 17:05:22, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350) could not add user/computer eduard-laptop$ to passdb. Check permissions? I've attached the smb.conf for completeness. Furthermore, im running Version 3.0.14a-Ubuntu Please let me know, how i can let samba execute the add machine script successfull -- Eduard Witteveen +31 (0)6 414 789 23 nl_NL fy_NL en_US # Global parameters [global] workgroup = hawarit netbios name = pdc enable privileges = yes #interfaces = 192.168.5.11 username map = /etc/samba/smbusers server string = Samba Server %v security = user encrypt passwords = true #min passwd length = 3 min print space = 3 obey pam restrictions = No #unix password sync = Yes #passwd program = /usr/sbin/smbldap-passwd -u %u #passwd chat = Changing password for*\nNew password* %n\n *Retype new password* %n\n ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 10 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = no passdb backend = ldapsam:ldap://127.0.0.1/ # passdb backend = ldapsam:ldap://127.0.0.1/ ldap://slave.idealx.com; # ldap filter = ((objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=manager,dc=hawarit,dc=com ldap suffix = dc=hawarit,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #TODO: use tls on ldap server one day! #ldap ssl = start tls ldap ssl = no add user script = /usr/sbin/smbldap-useradd -m %u ldap delete dn = Yes #delete user script = /usr/sbin/smbldap-userdel %u add machine script = /usr/sbin/smbldap-useradd -w %u add group script = /usr/sbin/smbldap-groupadd -p %g #delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u # printers configuration printer admin = @Print Operators load printers = Yes create mask = 0640 directory mask = 0750 nt acl support = No printing = cups printcap name = cups deadtime = 10 guest account = nobody map to guest = Bad User dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd show add printer wizard = yes ; to maintain capital letters in shortcuts in any of the profile folders: preserve case = yes short preserve case = yes case sensitive = no [homes] comment = repertoire de %U, %u read only = No create mask = 0644 directory mask = 0775 browseable = No [netlogon] path = /home/samba/netlogon/ browseable = No read only = yes [profiles] path = /home/samba/profiles read only = no create mask = 0600 directory mask = 0700 browseable = No guest ok = Yes profile acls = yes csc policy = disable # next line is a great way to secure the profiles force user = %U # next line allows administrator to access all profiles valid users = %U @Domain Admins [printers] comment
Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian) -- SOLVED by adding updating to 3 and 'domain logons = Yes' to smb.config
John H Terpstra wrote: I've searched on this topic on google, but this led only to other people asking the same question, without any aswers. It would really mean a lot to me to get Samba running in our organisation, but i've already spend a lot of time on this. So if one could give me some pointers were to start, i would be very thankfull First off, I'd recommend you use Samba-3.0.1 or later. I changed my sources.list to use an backport for my system. Below are the lines i added: # samba backport deb http://www.backports.org/debian stable samba deb-src http://www.backports.org/debian stable samba updated my system nemo:/var/log/samba# smbd -V Version 3.0.0-Debian Second, have you read the Samba-HOWTO-Collection? http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf It might help. This is also available in book form. It is called, The Official Samba-3 HOWTO and Reference Guide - It's available from Amazon.Com. After reading this document (http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf) my eyes fell on the following part: snip Note The above parameters make for a full set of parameters that may define the servers mode of operation. The following smb.conf parameters are the essentials alone: netbios name = BELERIAND workgroup = MIDEARTH domain logons = Yes domain master = Yes security = User The additional parameters shown in the longer listing above just makes for a more complete explanation. /snip I added the following line to my /etc/samba/smb.conf and im getting a login screen for joining the domain. I guess i can figure it out from here by using the other mails / docs :) domain logons = Yes I dont know if installing 3.0 was necessary, but i dont have time to analyse this problem further at this moment, thanx all Eduard Witteveen [global] ;added after reading the http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf page 55 domain logons = Yes ;changes after comments of Fabien Chevalier wins server = 10.0.0.10 ;changes after comments of Patrick Shoaf password level = 8 username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = yes pam password change = yes obey pam restrictions = yes ;basic server settings workgroup = HAWAR3 netbios name = nemo server string = Samba %h PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 ;PDC and master browser settings os level = 64 preferred master = yes local master = yes domain master = yes ;security and logging settings security = user # encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 # max log size = 50 # hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0 ;user profiles and home directory logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U logon script = netlogon.bat ;sync passwords unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* ; new machines add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u # shares [unsafe] path = /etc/samba comment = Unsafe Config Share, has to be removed browseable = yes writeable = yes [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)
Eduard Witteveen wrote: Please let me know what to do next. I've searched on this topic on google, but this led only to other people asking the same question, without any aswers. It would really mean a lot to me to get Samba running in our organisation, but i've already spend a lot of time on this. So if one could give me some pointers were to start, i would be very thankfull Eduard Witteveen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)
Patrick Shoaf wrote: I am running on RedHat, but everything should be same on server side. Try adding the following lines into the smb.conf file: password level = 8 username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = yes pam password change = yes obey pam restrictions = yes I added your parameters to the config file and also created an additional shared called [unsafe] from which i can easier get the config file when i want to email it. When i want to join the domain with an Windows XP Version 2002 Professional Service Pack 1 i still get the following error: A domain controller for the domain HAWAR3 could not be contacted. Ensure that the domain name is typed correctly. If the name is correct click Details for troubleshooting When i click on details: Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt. The domain name HAWAR3 might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS. If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration. The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain HAWAR3: The error was: DNS name does not exist. (error code 0x232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.HAWAR3 Common causes of this error include the following: - The DNS SRV record is not registered in DNS. - One or more of the following zones do not include delegation to its child zone: HAWAR3 . (the root zone) For information about correcting this problem, click Help. Screenshots: - http://www.nergens.org/samba/ComputerNameChanges.PNG - http://www.nergens.org/samba/ComputerProperties.PNG Attached is my smb.conf Eduard Witteveen [global] ;changes after comments of Patrick Shoaf password level = 8 username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = yes pam password change = yes obey pam restrictions = yes ;basic server settings workgroup = HAWAR3 netbios name = nemo server string = Samba %h PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 ;PDC and master browser settings os level = 64 preferred master = yes local master = yes domain master = yes ;security and logging settings security = user # encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 # max log size = 50 # hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0 ;user profiles and home directory logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U logon script = netlogon.bat ;sync passwords unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* ; new machines add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u # shares [unsafe] path = /etc/samba comment = Unsafe Config Share, has to be removed browseable = yes writeable = yes [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)
Fabien Chevalier wrote: It seems your workstation tries to locate the DC by doing a dns query, what is not currently supported by Samba. What is your workstation node type set to? Could you rephrase your question? I dont know how i found out what the node type of my workstations is. (after some googling i tried looking in the registry for the key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netbt\Parameters NodeType, but i couldnt find the entry) Eduard Witteveen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)
Fabien Chevalier wrote: Please send your ipconfig /all. I attached the output I suppose something's wrong in your network settings. Are you using Dhcp or static Ip? Dhcp. (look in the output) The linux server (nemo) has ip-number 10.0.0.152 Eduard Witteveen Windows IP Configuration Host Name . . . . . . . . . . . . : SHARED-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-E0-4C-48-3E-AB Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.0.156 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.0.0.138 DHCP Server . . . . . . . . . . . : 10.0.0.10 DNS Servers . . . . . . . . . . . : 194.134.0.97 194.134.5.55 Primary WINS Server . . . . . . . : 10.0.0.10 Lease Obtained. . . . . . . . . . : Dienstag, 16. Dezember 2003 10:38:39 Lease Expires . . . . . . . . . . : Dienstag, 23. Dezember 2003 10:38:39 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)
Fabien Chevalier wrote: I think your Samba server hasn't been registered to your wins server, thus when trying to join the domain, your workstation falls back to dns...which obviously fails. Try to add wins server = 10.0.0.10 to your smb.conf, and let us know if it works... No. I've attached my current configuration file. When i try to join the domain i still get the same error message(and no logfile). Please let me know what to do next. [global] ;changes after comments of Fabien Chevalier wins server = 10.0.0.10 ;changes after comments of Patrick Shoaf password level = 8 username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = yes pam password change = yes obey pam restrictions = yes ;basic server settings workgroup = HAWAR3 netbios name = nemo server string = Samba %h PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 ;PDC and master browser settings os level = 64 preferred master = yes local master = yes domain master = yes ;security and logging settings security = user # encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 # max log size = 50 # hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0 ;user profiles and home directory logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U logon script = netlogon.bat ;sync passwords unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* ; new machines add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u # shares [unsafe] path = /etc/samba comment = Unsafe Config Share, has to be removed browseable = yes writeable = yes [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] A domain controller for the domain could not by contacted (2.2.3a-12.3 for Debian)
Hello, I'm having problems using Samba as an primary domain controller. I am using debian woody as our platform. The version of samba is 2.2.3a-12.3 for Debian and i followed the instructions which can be found on the following url: http://www-106.ibm.com/developerworks/eserver/tutorials/samba/. In short this covers: - creating the config file - creating the users / groups - creating directory structure - configuring the windows client I attached my config file's /logging from my debian woody system. I did the following things on the windows client (Windows XP Professional 2002 Service Pack 1) - Open the Local Security Policy editor (Start - All Programs - Administrative Tools - Local Security Policy). - Locate the entry Domain member: Digitally encrypt or sign secure channel (always). Disable it. - Locate the entry Domain member: Disable machine account password changes. Make sure it's disabled as well. - Locate the entry Domain member: Require strong (Windows 2000 or later) session key. Disable it. - Next, download the WinXP_SignOrSeal registry patch from www.samba.org http://www.samba.org or collect it from the Further resources: Downloads and developerWorks http://www-106.ibm.com/developerworks/eserver/tutorials/samba/samba-6-2.html section at the end of this tutorial. Apply it by double-clicking and answering Yes to the dialog prompt. - Now join the domain the same as you would for Windows NT or 2000. Right-click My Computer, select Properties, Computer Name, and Change. Or click the Network ID button and run the Network Wizard. I put some screenshots of windows on the following locations: http://www.nergens.org/samba/ComputerNameChanges.PNG and http://www.nergens.org/samba/ComputerProperties.PNG ( i searched on the mailarchive, but i couldnt find any pointers / im kinda new to smb so i dont know how to debug) Could someone please help me here? Eduard Witteveen [global] ;basic server settings workgroup = HAWAR3 netbios name = nemo server string = Samba %h PDC running %v socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 ;PDC and master browser settings os level = 64 preferred master = yes local master = yes domain master = yes ;security and logging settings security = user # encrypt passwords = yes log file = /var/log/samba/log.%m log level = 2 # max log size = 50 # hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0 ;user profiles and home directory logon home = \\%L\%U\ logon drive = H: logon path = \\%L\profiles\%U logon script = netlogon.bat ;sync passwords unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*authentication*tokens*updated*successfully* ; new machines add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u # shares [homes] comment = Home Directories browseable = no writeable = yes [profiles] path = /home/samba/profiles writeable = yes browseable = no create mask = 0600[2003/12/16 17:18:37, 0] smbd/server.c:main(698) smbd version 2.2.3a-12.3 for Debian started. Copyright Andrew Tridgell and the Samba Team 1992-2002 [2003/12/16 17:18:37, 1] lib/debug.c:debug_message(250) INFO: Debug class all level = 2 (pid 232 from pid 232) [2003/12/16 17:18:37, 2] param/loadparm.c:do_section(2973) Processing section [homes] [2003/12/16 17:18:37, 2] param/loadparm.c:do_section(2973) Processing section [profiles] [2003/12/16 17:18:37, 2] param/loadparm.c:do_section(2973) Processing section [netlogon] [2003/12/16 17:18:37, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.152 bcast=10.0.0.255 nmask=255.255.255.0 [2003/12/16 17:18:37, 2] smbd/server.c:open_sockets(198) waiting for a connection nemo:/var/log/samba# cat log.nmbd [2003/12/16 17:18:37, 0] nmbd/nmbd.c:main(783) Netbios nameserver version 2.2.3a-12.3 for Debian started. Copyright Andrew Tridgell and the Samba Team 1994-2002 [2003/12/16 17:18:37, 1] lib/debug.c:debug_message(250) INFO: Debug class all level = 2 (pid 230 from pid 230) [2003/12/16 17:18:37, 2] nmbd/nmbd.c:main(821) Becoming a daemon. [2003/12/16 17:18:37, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.152 bcast=10.0.0.255 nmask=255.255.255.0 [2003/12/16 17:18:37, 2] nmbd/nmbd_subnetdb.c:make_subnet(193) making subnet name:10.0.0.152 Broadcast address:10.0.0.255 Subnet mask:255.255.255.0 [2003/12/16 17:18:37, 2] nmbd/nmbd_subnetdb.c:make_subnet(193) making subnet name:UNICAST_SUBNET Broadcast address:0.0.0.0 Subnet mask:0.0.0.0 [2003/12/16 17:18:37, 2] nmbd/nmbd_subnetdb.c:make_subnet(193) making subnet name:REMOTE_BROADCAST_SUBNET Broadcast address:0.0.0.0 Subnet mask:0.0.0.0 [2003/12/16 17:18:37, 2] nmbd/nmbd_lmhosts.c:load_lmhosts_file(41) load_lmhosts_file: Can't open lmhosts file /etc/samba/lmhosts. Error
Re: [Samba] A domain controller for the domain could not by contacted (2.2.3a-12.3 for Debian)
Fabien Chevalier wrote: Relevant information is generally in /var/log/samba/log.NETBIOSNAME. I cannot find this file. I did the following steps: - Stopped the samba deamon - Removed all the logging from the /var/log/samba directory - Started the samba deamon - Tried to join the domain again nemo:/var/log/samba# ls -la total 16 drwxr-x---2 root adm 4096 Dec 16 18:42 . drwxr-xr-x6 root root 4096 Dec 16 06:25 .. -rw-r--r--1 root root 3548 Dec 16 18:43 log.nmbd -rw-r--r--1 root root 663 Dec 16 18:42 log.smbd But when i try to access the server itselve by entering \\ipnumber-samba-machine in start run this file is created. nemo:/var/log/samba# cat log.shared-pc [2003/12/16 18:48:41, 2] smbd/server.c:exit_server(458) Closing connections [2003/12/16 18:48:41, 2] smbd/server.c:exit_server(458) Closing connections [2003/12/16 18:48:41, 2] smbd/server.c:exit_server(458) Closing connections I tried to join the domain again at this point, but no changes are made to the logging while im doing this Are there things i have to test before i want to join the domain? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba