[Samba] make_connection: connection to ipc$ denied due to security descriptor.
time: Tue, 19 Jan 2038 04:14:07 CET Kickoff time: Tue, 19 Jan 2038 04:14:07 CET Password last set:Thu, 25 Oct 2007 11:13:26 CEST Password can change: 0 Password must change: Tue, 19 Jan 2038 04:14:07 CET Last bad password : 0 Bad password count : 0 Logon hours : FF What could it be wrong ? Do you have an idea ? Some post seen on Internet make me think to upgrade and this is caused by the 3.0.24 version... Could it be true ? Thanks for your propositions. - -- Marc-Henri PAMISEUX _o _o _ // // // __ //__ // / o) //o // ///° ( ° /___/// /__/ // // //\\ .__) S.A.R.L. Libricks Maison de la technopole 6, rue Léonard de Vinci - BP 0119 53001 LAVAL Cedex -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHOKdLMJ9khz7GW8ERAuV5AJ9DJXfHCxXE3xB1qiGFiBfFifI3pwCfVYWH ma+moVcQMf1fwpt1E5lQtKY= =Ivyx -END PGP SIGNATURE- #=== Global Settings === [global] ; ## Browsing/Identification ### workgroup = MYWORKGROUP netbios name = RHEA server string = Serveur-Fichiers ; Debugging/Accounting syslog = 0 syslog only = no log level = 2 log file = /var/log/samba/log.%m max log size = 1000 ; Browse Options os level = 80 local master = yes domain master = yes preferred master = yes ; ## Domains ### domain logons = yes logon script = logon.cmd logon drive = U: logon home = \\%L\%U # logon path = \\%L\%U\.winprofile logon path = ; ## Wins Options ## name resolve order = wins lmhosts hosts bcast dns proxy = no wins proxy = no wins support = yes ; ### Authentication ### security = user null passwords = no unix password sync = no encrypt passwords = true update encrypted = yes map to guest = Bad User passdb backend = ldapsam:ldap://127.0.0.1/ ldap://192.168.1.3/; passwd program = /usr/sbin/smbldap-passwd ?u %u admin users = administrateur,@SmbDomAdmins guest account = guest username map = /etc/samba/smbusers password level = 5 username level = 5 valid users = administrateur,guest,@SmbDomAdmins,@SmbDomUsers,@SmbUsers client ntlmv2 auth = no # auth methods = # obey pam restrictions = yes # restrict anonymous = 1 # invalid users = root # pam pasword change = no # acl group control = yes ; Ldap Options ldap delete dn = yes ldap admin dn = cn=admin,ou=ldapadmins,dc=local,dc=mydomain,dc=org ldap suffix = dc=local,dc=mydomain,dc=org ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=machines ldap idmap suffix = ou=users ldap ssl = no ldap passwd sync = yes ; Scripts Options add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add machine script = /usr/sbin/smbldap-useradd -w -i %u add group script = /usr/sbin/smbldap-groupadd -p %g # delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u panic action = /usr/share/samba/panic-action %d ; Networking bind interfaces only = true interfaces = 127.0.0.1 192.168.1.2 remote announce = 192.168.1.255/HAPTION socket options = IPTOS_LOWDELAY SO_KEEPALIVE TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hosts allow = 127.0.0.1 192.168.1.0/24 hosts deny = 0.0.0.0/0 time server = yes include = /etc/samba/dhcp.conf ; Filename Handling preserve case = yes short preserve case = yes case sensitive = no # default case = lower dos charset = 850 unix charset = UTF-8 hide files = /.*/desktop.ini/ntuser.ini/NTUSER.*/ veto files = /*.eml/*.nws/*.{*}/ veto oplock files = /*.doc/*.xml/*.mdb/ create mode = 0660 force create mode = 660 directory mode = 0770 force directory mode = 770 ; Locking Options oplocks = yes level2 oplocks = yes strict locking = yes posix locking = yes kernel oplocks = yes oplock contention limit = 2 share modes = yes ; Protocol Options smb ports = 139 445 announce version = 5.2 announce as = NT Server ; Winbind Options idmap backend = winbind use
Re: [Samba] Cannot connect to NT 4 BDC Server
Cybionet a écrit : Salut Marc-Henri! :-) Ok the message A peripheral connected to this system doesn't works mean that the SID of your user/group are not the same of the Domain Controller. Check the SID between the result of 'net groupmap list' and 'net getlocalsid'. Robert So there is no other idea from this problem ? What research must i investigate now ? Regards, -- Marc-Henri PAMISEUX mél. [EMAIL PROTECTED] Tél. +33 0 243 020 161 31, rue des closeaux 53240 SAINT JEAN SUR MAYENNE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot connect to NT 4 BDC Server
() returned Yes added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 added interface ip=192.168.5.11 bcast=192.168.5.255 nmask=255.255.255.0 Client started (version 3.0.22). Connecting to 192.168.5.12 at port 445 error connecting to 192.168.5.12:445 (Connexion refusée) Connecting to 192.168.5.12 at port 139 session request ok Password: Domain=[ALITEC] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] session setup ok tconx ok dos_clean_name [] smb: \ exit Something else, when i try to connect from SERVEUR to SAMBA, using the LDAP user i've just add, all work nice: C:\ NET USE P: \\SAMBA\partage /USER:ALITEC\marcori Taper le mot de passe pour \\SAMBA\partage : La commande a été exécutée. C:\ P: P:\ dir [ ... some files ... ] P:\ C: C:\ NET USE P: /DELETE Connexions can be established in a single way ! In fact, when i go to NT4 server, in the domain user interface, menu Strategy - User rights, i can't see any strategy defined (they were defined before acting as a BDC). Before adding some strategy, i've create some well defined group and group mapping: # net groupmap list Administrators (S-1-5-32-544) - SmbAdministrators Replicators (S-1-5-32-552) - SmbReplicators Account Operators (S-1-5-32-548) - SmbAccountOperators Backup Operators (S-1-5-32-551) - SmbBackupOperators Domain Admins (S-1-5-21-114968459-120084214-1990678075-512) - SmbDomAdmins Domain Computers (S-1-5-21-114968459-120084214-1990678075-515) - SmbDomComputers Domain Guests (S-1-5-21-114968459-120084214-1990678075-514) - SmbDomGuests Domain Users (S-1-5-21-114968459-120084214-1990678075-513) - SmbDomUsers Print Operators (S-1-5-32-550) - SmbPrintOperators Guests (S-1-5-32-546) - SmbGuests Server Operators (S-1-5-32-549) - SmbServerOperators Users (S-1-5-32-545) - SmbUsers Anonymous (S-1-5-7) - SmbAnonymous Power Users (S-1-5-32-547) - SmbPowerUsers So, i've try to add some user's strategy, NT4 can see my group, but when i try to add it, i've got an error 'A peripheral connected to this system doesn't works' or something like that... When i try to modify LDAP user i've add, i've got an error indicate that NT4 can't find the primary Group Name (or any group in reality). My question is: Is it possible to connect to an NT4 server acting as a BDC, or should i denote NT4 server as a standalone server (and then join it to Samba PDC) ? Another question: Is it possible to denote an NT4 server acting as a BDC to a standalone server, and how can i do that without re-installing NT4 ? Do you know some free utility, or some Registry Key to change ? Best Regards, -- Marc-Henri PAMISEUX mél. [EMAIL PROTECTED] Tél. +33 0 243 020 161 31, rue des closeaux 53240 SAINT JEAN SUR MAYENNE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba