[Samba] Issue with SambaNTPassword not replicating
Hi, I set up a Samba PDC/BDC configuration some time ago using LDAP as configured here - http://www.atlanticlinux.ie/blog/?p=25 The configuration has been working without problems for a few months now but we have noticed one issue. When users take their laptop from the network the PDC is serving to the networking the BDC is serving - they sometimes have problems logging in. A dig through the BDC logs indicates the following error [2008/12/09 12:02:30, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(478) _net_auth2: creds_server_check failed. Rejecting auth request from client machine account $ Comparing the LDAP records on the PDC and the BDC for system I see that the following fields are different sambaNTPassword: 64AF0BD8913B5BD2F6B92201B2AFD071 sambaPwdLastSet: 1226922777 on the PDC and BDC LDAP servers. It looks like the PDC has a newer sambaNTPassword than the BDC which would seem to explain the domain authentication problems. I'm wondering why only the sambaNTPassword field is not getting replicated properly though. Is this a known issue with Samba in PDC/BDC config or do I need to look to OpenLDAP? I'll post some config files if someone has any input but didn't want to clutter this mail with excess detail. Thanks for any comment, -stephen -- Stephen Mulcahy Applepie Solutions Ltd. http://www.aplpi.com Registered in Ireland, no. 289353 (5 Woodlands Avenue, Renmore, Galway) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba crashes and domain problems
in the global section add: posix locking = No and in the share section add: csc policy = disable profile acls = yes nt acl support = no force security mode = 777 will fix your excel read only errors. Thanks - I'll give those a shot - I guess I figured the Excel errors were a manifestation of an underlying Samba issue due to the strange crashes in the error logs. upgrade to samba 3.0.31 also. If I install samba 3.0.31 from source in /usr/local, is it only the smb.conf, secrets.tdb and smbpasswd / LDAP data I'll have to migrate over to preserve our domain trusts - or will things break if I do just that? Thanks, -stephen ** CONFIDENTIALITY WARNING: The contents of this e-mail and any attachment are the property of Bio-Medical Research Ltd (BMR) and intended for the addressee only. Any reader of this message who is not the intended recipient, or an employee/agent responsible for delivering to the intended recipient, is notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you receive this communication in error please notify us immediately and delete all copies from your computer system. Subsequent alterations to this electronic message after its transmission will be disregarded. VIRUS WARNING: You are requested to carry out your own virus check before opening any attachment. BMR accepts no liability for any loss or damage which may be caused by software viruses. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba crashes and domain problems
Hi, I have inherited a Samba PDC running on SuSE Linux Enterprise Server 10.1 (the Samba version is 3.0.24-2.23-1296-SUSE-CODE10). The server has been giving problems for a few weeks including the following symptoms: 1. Users accessing a share are experiencing intermittent problems writing to the share (Excel tells them the file they are trying to write is read-only). 2. when I try to add a domain account to a Workstations that is a member of the domain - it succeeds, but subsequently fails to allow me to login with those credentials. 3. Samba is logging intermittent errors and dumping core e.g. Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/fault.c:fault_report(41) Aug 7 12:26:54 X smbd[23462]: === Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/fault.c:fault_report(42) Aug 7 12:26:54 X smbd[23462]: INTERNAL ERROR: Signal 6 in pid 23462 (3.0.24-2.23-1296-SUSE-CODE10) Aug 7 12:26:54 X smbd[23462]: Please read the Trouble-Shooting section of the Samba3-HOWTO Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/fault.c:fault_report(44) Aug 7 12:26:54 X smbd[23462]: Aug 7 12:26:54 X smbd[23462]: From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/fault.c:fault_report(45) Aug 7 12:26:54 X smbd[23462]: === Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/util.c:smb_panic(1599) Aug 7 12:26:54 X smbd[23462]: PANIC (pid 23462): internal error Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/util.c:log_stack_trace(1706) Aug 7 12:26:54 X smbd[23462]: BACKTRACE: 24 stack frames: Aug 7 12:26:54 X smbd[23462]:#0 /usr/sbin/smbd(log_stack_trace+0x1c) [0x5575482c] Aug 7 12:26:54 X smbd[23462]:#1 /usr/sbin/smbd(smb_panic+0x43) [0x55754913] Aug 7 12:26:54 X smbd[23462]:#2 /usr/sbin/smbd [0x55742bf2] Aug 7 12:26:54 X smbd[23462]:#3 /lib64/libc.so.6 [0x2b6533045c10] Aug 7 12:26:54 X smbd[23462]:#4 /lib64/libc.so.6(gsignal+0x35) [0x2b6533045b95] Aug 7 12:26:54 X smbd[23462]:#5 /lib64/libc.so.6(abort+0x110) [0x2b6533046f90] Aug 7 12:26:54 X smbd[23462]:#6 /usr/sbin/smbd [0x557598f9] Aug 7 12:26:54 X smbd[23462]:#7 /usr/sbin/smbd(talloc_steal+0x35) [0x55759aa5] Aug 7 12:26:54 X smbd[23462]:#8 /usr/sbin/smbd(lookup_sids+0x341) [0x55719c41] Aug 7 12:26:54 X smbd[23462]:#9 /usr/sbin/smbd [0x55667a5f] Aug 7 12:26:54 X smbd[23462]:#10 /usr/sbin/smbd(_lsa_lookup_sids+0x129) [0x55668179] Aug 7 12:26:54 X smbd[23462]:#11 /usr/sbin/smbd [0x5566238e] Aug 7 12:26:54 X smbd[23462]:#12 /usr/sbin/smbd(api_rpcTNP+0x16d) [0x556b68cd] Aug 7 12:26:54 X smbd[23462]:#13 /usr/sbin/smbd(api_pipe_request+0x168) [0x556b6e08] Aug 7 12:26:54 X smbd[23462]:#14 /usr/sbin/smbd [0x556b21d6] Aug 7 12:26:54 X smbd[23462]:#15 /usr/sbin/smbd [0x556b266d] Aug 7 12:26:54 X smbd[23462]:#16 /usr/sbin/smbd [0x555caaf3] Aug 7 12:26:54 X smbd[23462]:#17 /usr/sbin/smbd [0x555caed2] Aug 7 12:26:54 X smbd[23462]:#18 /usr/sbin/smbd(reply_trans+0x650) [0x555cb7f0] Aug 7 12:26:54 X smbd[23462]:#19 /usr/sbin/smbd [0x55618312] Aug 7 12:26:54 X smbd[23462]:#20 /usr/sbin/smbd(smbd_process+0x720) [0x556192f0] Aug 7 12:26:54 X smbd[23462]:#21 /usr/sbin/smbd(main+0xa0b) [0x557e8beb] Aug 7 12:26:54 X smbd[23462]:#22 /lib64/libc.so.6(__libc_start_main+0xf4) [0x2b6533033154] Aug 7 12:26:54 X smbd[23462]:#23 /usr/sbin/smbd [0x555b25c9] Aug 7 12:26:54 X smbd[23462]: [2008/08/07 12:26:54, 0] lib/fault.c:dump_core(180) Aug 7 12:26:54 X smbd[23462]: dumping core in /var/log/samba/cores/smbd Aug 7 12:26:54 X smbd[23462]: In a bid to fix these problems, I've been working through the Samba Troubleshooting HOWTO and various other resources but I'm not even sure what the problem is. As I said, I inherited this system recently so I'm not sure how it was originally configured or what quirks exist in the config. Running testparm doesn't shed any errors (output below) # testparm Load smb config files from /etc/samba/smb.conf WARNING: The acl group control option is deprecated Processing section [homes] Processing section [users] Processing section [groups] Processing section [netlogon] Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions [global] workgroup = Y server string = passdb backend = ldapsam:ldap://localhost guest account = guest add machine script = /usr/sbin/useradd -c Machine -d /home/temp -s /bin/false %m$ logon script = logon.bat
Re: [Samba] Automatic printer download
Hi Bjorn, I blogged about this a while back at http://blog.aplpi.com/index.php/2007/03/30/simple-samba-printserver-on-debian-gnulinux-40-etch/ That might help you. -stephen [EMAIL PROTECTED] wrote: Hallo! I am running samba-3.0.10-1.4E.11 on centOS. I want to enable the automatic printer download feature, but are running into problems. I have tried to work it out from samba by example, but since the automatic driver download is bundeled togehter with ldap (which I am not using), this does not get me anywhere. Can anyone direct me to a good howto on this - one that will make things work! I have found many howtos - but they are too incomplete and fragmented. Thanks! Sincerly, Bjorn -- Stephen Mulcahy, Applepie Solutions Ltd., Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. +353.91.751262 http://www.aplpi.com Registered in Ireland, no. 289353 (5 Woodlands Avenue, Renmore, Galway) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
stephen mulcahy wrote: Does this mean I should include an SRV record on my DNS server for _ldap._tcp.dc._msdcs.DUCK pointing at the PDCs A address? Or is this just noise generated by the fact that Samba 3 isn't an AD server? I've seen no mention of setting up SRV records in the HOWTOs so any advice appreciated. I went and configured an SRV record pointing to my Samba/Wins server just in case. It made no difference. In order to determine if this is indeed a problem caused by specific gigabit network adapters I went and installed new gigabit cards from an entirely different manufacturer in both the server and the client. Unfortunately the results are entirely the same - still seeing a UserEnv error in the Application event log with id 1054 and the client is failing to process the user part of the NTConfig.POL. I've created a test environment which differs only in that the test systems are linked by a single gigabit switch rather than 2 switches daisychained together which is the case in the production environment. The test environment works without problems (even the same clients connect to the Samba server and process the entire policy file without any UserEnv errors). I guess at this stage I'm inclined to conclude that using Windows policies with my clients is inherently unreliable (at least on my network) and to proceed to look at some other solution. Hopefully these notes will be useful to someone else who encounters a similar situation (I'm surprised that no-one else has encountered these errors, but perhaps not many people are using NTConfig.POL + Samba with tdbsam backend + Windows XP SP2 clients with all the latest Windows updates). -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password alignment with /etc/passwd
Hi Markus, If you configure your Samba as follows unix password sync = yes passwd program = /usr/bin/passwd %u pam password change = yes Then everytime a user changes their samba password (using smbpasswd on the Samba server or CTRL-ALT-DEL/Change Password on a client logged into the domain) the password will also be copied to /etc/passwd so they will always remain in sync. Is this what you want? The only minor headache is ensuring your users use smbpasswd rather than passwd to change their password even when they want to change their Linux/UNIX system password. -stephen Markus Franke wrote: Dear Samba Users, I have a Linux Server exporting its services (NFS/NIS) to some Linux Clients. Now, I have installed a new Windows Client and I would like to use Samba as a PDC. My question is, if there is any possibility to align the passwords between /etc/passwd and some backend (e.g. smbpasswd). I know that there is mksmbpasswd.sh but it resets all passwords and just aligns usernames with /etc/passwd. Is there a way to preserve also the passwords? Or is there maybe also a special backend for doing so? Thanks for help, Regards, Markus -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password alignment with /etc/passwd
Hi Markus, Markus Franke wrote: well it's actually very close to what I want. The problem is that the existing user passwords should be preserved. I don't want to create new passwords for each user. Is it somehow possible to convert the encoded password string in /etc/passwd to /etc/samba/smbpasswd? As far as I know this isn't possible ... but I'm not a samba expert. I'd be delighted to find out otherwise. -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon message
Hi Ben, One way of doing it is to use a policy file - NTConfig.pol which is loaded by each user when they login to the domain from your [netlogon] share. The login banner is created with a standard option - check out http://www.pcc-services.com/articles/implement_sys_policies.html for details of creating your own policy. -stephen Ben Natala wrote: I am interested in creating a logon message to be delivered to users when they logon. Is this possible? And if so, how can this be done? With logon scripts? The majority of my clients are connecting from Windows XP Pro, SAMBA is running on Debian Etch. Thank You --To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
stephen mulcahy wrote: I'm unfamiliar with Windows UserEnv logging so this could all be normal but USERENV(280.5b4) 18:45:52:468 ProcessGPOs: The DC for domain DUCK is not available. aborting looks suspect to me. The domain I'm using is APLPI - not DUCK. DUCK is the PDC for the domain. Is this a normal message or does something have the nebtios name of the PDC and domain name mixed up. Anyone have any thoughts on this? Hi, In an effort to diagnose the problem I've installed Microsoft Support Tools and run a tool called netdiag which prints out a bunch of diagnostic information including the following DC discovery test. . . . . . . . . : Failed Found DC '\\DUCK' in domain 'APLPI'. Found PDC emulator '\\DUCK' in domain 'APLPI'. [WARNING] Cannot find Windows 2000 DC in domain 'APLPI'. [ERROR_NO_SUCH_ DOMAIN] This isn't a problem if domain 'APLPI' does not have any Windows 2000 DC s. This computer cannot be joined to the [DUCK] domain because of one of the following reasons. 1. The DNS SRV record for [DUCK] is not registered in DNS; or 2. A zone from the following list of DNS zones does not include delegation to its child zone. Such zones can include [_ldap._tcp.dc._msdcs.DUCK], and root zone. Ask your network/DNS administrator to perform the following actions: To find out why the SRV record for [DUCK] is not registered in the DNS, run the dcdiag command prompt tool with the command RegisterInDNS on the domain controller that did not perform the registration. [FATAL] Cannot find DC in domain 'DUCK'. [ERROR_NO_SUCH_DOMAIN] Does this mean I should include an SRV record on my DNS server for _ldap._tcp.dc._msdcs.DUCK pointing at the PDCs A address? Or is this just noise generated by the fact that Samba 3 isn't an AD server? I've seen no mention of setting up SRV records in the HOWTOs so any advice appreciated. Thanks, -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Simple Samba PDC on Debian GNU/Linux 4.0 (Etch)
Hi, I've tried to distil my experiences setting up a basic tdbasm based PDC on Debian on my blog. I'd appreciate peoples comments if I've gotten anything wrong or am using a more complex approach than is neccesary. http://blog.aplpi.com/index.php/2007/02/22/simple-samba-pdc-on-debian-40-etch/ I'm hoping to document the basic of using policies and automatic installing printer drivers too at some stage in the future using some of the tips from this list ... but I'm still digesting the data :) Thanks, -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
Hi, I've noticed that any policy I created - the default machine part seems to be processed but the default user part does not get processed - which I suspect is back to the 1054 event I'm seeing in the application event logs. I've enabled usernev debug logging to try and get to the bottom of this - the snippet around the event failure relating to user policy processing is as follows USERENV(280.5b4) 18:45:52:468 ProcessGPOs: USERENV(280.5b4) 18:45:52:468 ProcessGPOs: USERENV(280.5b4) 18:45:52:468 ProcessGPOs: Starting user Group Policy (Background) processing... USERENV(280.5b4) 18:45:52:468 ProcessGPOs: USERENV(280.5b4) 18:45:52:468 ProcessGPOs: USERENV(280.5b4) 18:45:52:468 EnterCriticalPolicySectionEx: Entering with timeout 60 and flags 0x0 USERENV(280.5b4) 18:45:52:468 EnterCriticalPolicySectionEx: User critical section has been claimed. Handle = 0x93c USERENV(280.5b4) 18:45:52:468 EnterCriticalPolicySectionEx: Leaving successfully. USERENV(280.5b4) 18:45:52:468 GetUserGuid: Failed to get user guid with 1355. USERENV(280.5b4) 18:45:52:468 GetUserGuid: Failed to get user guid with 1355. USERENV(280.5b4) 18:45:52:468 ProcessGPOs: Machine role is 1. USERENV(280.5b4) 18:45:52:468 ProcessGPOs: The DC for domain DUCK is not available. aborting USERENV(280.5b4) 18:45:52:468 ProcessGPOs: No WMI logging done in this policy cycle. USERENV(280.5b4) 18:45:52:468 ProcessGPOs: Processing failed with error 1355. USERENV(280.5b4) 18:45:52:468 LeaveCriticalPolicySection: Critical section 0x93c has been released. USERENV(280.5b4) 18:45:52:468 ProcessGPOs: User Group Policy has been applied. USERENV(280.5b4) 18:45:52:468 ProcessGPOs: Leaving with 0. I'm unfamiliar with Windows UserEnv logging so this could all be normal but USERENV(280.5b4) 18:45:52:468 ProcessGPOs: The DC for domain DUCK is not available. aborting looks suspect to me. The domain I'm using is APLPI - not DUCK. DUCK is the PDC for the domain. Is this a normal message or does something have the nebtios name of the PDC and domain name mixed up. Anyone have any thoughts on this? Microsoft discuss this in http://support.microsoft.com/kb/840669 - I'm not sure if its the same problem and I'm not sure I want to go chasing Microsoft support about this. Thanks for your help, -stephen stephen mulcahy wrote: stephen mulcahy wrote: In the interests of getting to the bottom of this I went and configured Samba on another system as a PDC for a second domain. I then joined yet another machine to this domain (of the same spec and configuration as the systems I'd previous experienced problems with) and diligently examined the event log for any errors ... noting that there were no event id 1054 's reported this time. Hi, In the interests of verifying my theories I went and reinstalled one of our office systems from scratch with Windows XP SP2 and then ran Microsoft Update to bring the system entirely up to date. I then went and joined it back to my Samba domain and restarted. What do I see on reboot only my good friend event 1054. So it looks like some recent change of Microsoft's is causing this error (since I don't see it on less up to date systems). *sigh* - I'm now thoroughly out of ideas but don't know what the implications of this are other than that it seems to prevent at least part of my NTConfig.POL being parsed. I'm surprised no-one else has come across this (or am I the only crazy installing all of Microsoft's updates on my clients? :). -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Tips/hints for Windows network management
Dave Ewart wrote: Are there any further possibilities with regard to policies? Does everyone here just do this using the System Policy setup, via poledit.exe/NTConfig.POL ? Hi Dave, I think this section of the Samba HOWTO provides an overview of some scenarios. http://samba.org/samba/docs/man/Samba-HOWTO-Collection/PolicyMgmt.html I'm relatively new to System Policies myself. My environment is a bunch of XP machines with a Samba PDC. My current understanding is that, ideally, you would manage a bunch of XP machines in a domain with GPOs created via the MMC Group Policy snap-in. Unfortunately, Samba doesn't currently support these since they are tightly bound to Active Directory. As an alternative, you can use the older approach to Policies - System Policies which were the standard way to do this on NT4. I've tried doing this on my network with mixed results. Following the instructions in the HOWTO above and the excellent documentation at http://www.pcc-services.com/custom_poledit.html I've created an NTConfig.pol and have had some of the settings specified in there applied to my XP clients as people login. Unfortunately, I've also noticed that some of the settings I set in the NTConfig.POL using poledit.exe *are not applied* to the clients. A simple example would be the desktop Wallpaper. I'm trying to enforce a company wallpaper on all systems for consistency - its a good example cos it's immediately obvious if the setting has been applied. What I've seen when using NTConfig.POL generated from the standard templates (not Mike Petersen's which I must go back and further investigate) is that some settings are ignored, including Wallpaper. My suspicion is that this is due to the Registry key for Desktop Wallpaper changing between NT4 and XP SP2. I suspect this may happen with lots of other setting also. Since Microsoft's recommended approach to setting Policy on XP systems is to use GPOs rather than System Policies they don't provide any updated XP specific system policy templates (that I am aware of, I'd love to be corrected on this though) you're kinda left out in the cold a little on this one. Is anyone else using other approaches to this? -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Tips/hints for Windows network management
stephen mulcahy wrote: Unfortunately, I've also noticed that some of the settings I set in the NTConfig.POL using poledit.exe *are not applied* to the clients. A simple example would be the desktop Wallpaper. I'm trying to enforce a company wallpaper on all systems for consistency - its a good example cos it's immediately obvious if the setting has been applied. What I've seen when using NTConfig.POL generated from the standard templates (not Mike Petersen's which I must go back and further investigate) is that some settings are ignored, including Wallpaper. My suspicion is that this is due to the Registry key for Desktop Wallpaper changing between NT4 and XP SP2. Further reading of this http://www.pcc-services.com/articles/create_custom_spe_templates.html confirms that the Microsoft templates may not contain all of the XP2 settings. It also indicates that you can create your own custom templates for new registry keys - you just need to identify the ones you want to change. So it's fixable, it just needs some work :) Anyone have any custom templates specific to XP2 prepared? I see Mike has a bunch of XP2 settings in his custom.adm but more would be welcome. -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
stephen mulcahy wrote: In the interests of getting to the bottom of this I went and configured Samba on another system as a PDC for a second domain. I then joined yet another machine to this domain (of the same spec and configuration as the systems I'd previous experienced problems with) and diligently examined the event log for any errors ... noting that there were no event id 1054 's reported this time. Hi, In the interests of verifying my theories I went and reinstalled one of our office systems from scratch with Windows XP SP2 and then ran Microsoft Update to bring the system entirely up to date. I then went and joined it back to my Samba domain and restarted. What do I see on reboot only my good friend event 1054. So it looks like some recent change of Microsoft's is causing this error (since I don't see it on less up to date systems). *sigh* - I'm now thoroughly out of ideas but don't know what the implications of this are other than that it seems to prevent at least part of my NTConfig.POL being parsed. I'm surprised no-one else has come across this (or am I the only crazy installing all of Microsoft's updates on my clients? :). -stephen -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
Hi, In the interests of getting to the bottom of this I went and configured Samba on another system as a PDC for a second domain. I then joined yet another machine to this domain (of the same spec and configuration as the systems I'd previous experienced problems with) and diligently examined the event log for any errors ... noting that there were no event id 1054 's reported this time. I think took this client and joined it to the original domain/samba server I was having problems with, but only after removing my first attempt at policy file (NTConfig.POL) from the netlogon share. Another restart and I login to the client and again examine the event logs and verified, again, that there were no 1054 errors. The only conclusion I can come to at this stage is that I somehow mangled the registry on my first test clients with some setting in my NTConfig.POL which lead to the 1054 errors (lovely circular chain of events there). So the good news is my Samba configuration works, the bad news is I have 2 systems with dodgy registries (and registry backups were ... errr, next on my TODO list). I'll be more cautious with future NT policy creation but I'm glad to have gotten to the bottom of this. Sorry if I wasted anyones time, hopefully someone can learn from my mistakes. -stephen stephen mulcahy wrote: Hi, While perusing the SAMBA HOWTOs I decided to try some of the validation steps including the wins test at http://www.samba.org/samba/docs/man/Samba-Guide/secure.html#ch4valid If I try the following, 1. start samba with wins support = yes 2. edit /etc/nsswitch.conf and change hosts to wins only. 3. ping the samba server and I get unknown host error. Does this suggest my wins configuration is broken? I verified in this case that nmbd was running and the log.nmbd doesn't contain any obvious error messages. Thanks, -stephen stephen mulcahy wrote: Hi, In effort to resolve the 1054 errors on the XP client, I tried to create a new test domain on a separate server and join one of the XP clients to that. The joining process went smoothly (with one caveat below) but I notice the same event is logged in the new domain. I notice that is it preceeded by an AutoEnrollment error with event id 15 which is discussed here - http://lists.linux.org.au/archives/lias/2002-November/msg00033.html Is it possible that this is connected to my errors? Did I miss some documentation in the Samba HOWTO relating to my XP client setup? On a related note, when I restarted the XP client for the first time after joining the new test domain, it displayed a dialog on the login screen saying Please wait while the domain list is created which stayed there for a few minutes. Is that normal or is it indicative of a problem? Finally, whats the most current recommended documentation for configuring Samba with a tdbsam backend as a PDC? I'm wondering if further reading of some fine manual may help me in my quest. Thanks, -stephen stephen mulcahy wrote: Hi Paul, Thanks for your reply. I tried adding the following to lmhosts as suggested, 10.1.2.3 duck #PRE #DOM:APLPI and rebooted but I'm still seeing the same error (should I disable the WINS server I have enabled in samba to correctly verify this?). I would note that on the client if I type 'net view \\duck' this consistently works suggesting that name resolution is working (but is there a better way of testing name resolution in a samba environment?) I restarted samba with some additional logging and noted 2 things 1. Samba creates a log-file for the client with the ip address first and then subsequently creates a log-file with the client name. Is this normal or indicative of a problem? 2. I can clearly see the client successfully opening the NTConfig.POL file (and the logon.cmd file) indicating that the client has connected to and downloaded the policy file .. so the nature of the Event 1054 error is unclear to me .. [2007/02/08 14:35:20, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service netlogon initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving netlogon as a Dfs root [2007/02/08 14:35:22, 2] smbd/open.c:open_file(352) smulcahy opened file NTConfig.POL read=Yes write=No (numopen=1) [2007/02/08 14:35:22, 2] smbd
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
Hi, In effort to resolve the 1054 errors on the XP client, I tried to create a new test domain on a separate server and join one of the XP clients to that. The joining process went smoothly (with one caveat below) but I notice the same event is logged in the new domain. I notice that is it preceeded by an AutoEnrollment error with event id 15 which is discussed here - http://lists.linux.org.au/archives/lias/2002-November/msg00033.html Is it possible that this is connected to my errors? Did I miss some documentation in the Samba HOWTO relating to my XP client setup? On a related note, when I restarted the XP client for the first time after joining the new test domain, it displayed a dialog on the login screen saying Please wait while the domain list is created which stayed there for a few minutes. Is that normal or is it indicative of a problem? Finally, whats the most current recommended documentation for configuring Samba with a tdbsam backend as a PDC? I'm wondering if further reading of some fine manual may help me in my quest. Thanks, -stephen stephen mulcahy wrote: Hi Paul, Thanks for your reply. I tried adding the following to lmhosts as suggested, 10.1.2.3 duck #PRE #DOM:APLPI and rebooted but I'm still seeing the same error (should I disable the WINS server I have enabled in samba to correctly verify this?). I would note that on the client if I type 'net view \\duck' this consistently works suggesting that name resolution is working (but is there a better way of testing name resolution in a samba environment?) I restarted samba with some additional logging and noted 2 things 1. Samba creates a log-file for the client with the ip address first and then subsequently creates a log-file with the client name. Is this normal or indicative of a problem? 2. I can clearly see the client successfully opening the NTConfig.POL file (and the logon.cmd file) indicating that the client has connected to and downloaded the policy file .. so the nature of the Event 1054 error is unclear to me .. [2007/02/08 14:35:20, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service netlogon initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving netlogon as a Dfs root [2007/02/08 14:35:22, 2] smbd/open.c:open_file(352) smulcahy opened file NTConfig.POL read=Yes write=No (numopen=1) [2007/02/08 14:35:22, 2] smbd/close.c:close_normal_file(344) smulcahy closed file NTConfig.POL (numopen=0) [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service smulcahy initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving smulcahy as a Dfs root [2007/02/08 14:35:23, 2] smbd/open.c:open_file(352) smulcahy opened file logon.cmd read=Yes write=No (numopen=1) [2007/02/08 14:35:23, 2] smbd/open.c:open_file(352) smulcahy opened file logon.cmd read=Yes write=No (numopen=2) Not sure if that is any help in the grand scheme of things but I'm running out of ideas on how to resolve this. Is it possible that something is being cached somewhere? I've tried removing the machine from the domain (deleting the tdbsam entry with pdbedit -x and the password entry for the machine) rejoining the client to the domain in the hope that it might reset something but to no effect -- are there additional steps I should perform to ensure there are no traces of the client/domain membership remaining on either the client or samba? Thanks, -stephen Paul McGrath wrote: It could be a name resolving issue. Try creating a lmhosts file in the etc folder using the examples listed in the file. Copy lmhosts.sam lmhosts then edit the lmhosts file (it doesn't have an extension). 111.111.111.1dc-server #PRE #DOM:mydomain Then reboot. If you don't have a WINS server and you havent entered this into your client then your best bet is to use the lmhosts file. Also helps if your clients are on different subnets. Regards Paul -Original Message- From: stephen mulcahy [mailto:[EMAIL PROTECTED] Sent: Thursday 08 February 2007 10:29 To: samba@lists.samba.org Subject: Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
Hi, While perusing the SAMBA HOWTOs I decided to try some of the validation steps including the wins test at http://www.samba.org/samba/docs/man/Samba-Guide/secure.html#ch4valid If I try the following, 1. start samba with wins support = yes 2. edit /etc/nsswitch.conf and change hosts to wins only. 3. ping the samba server and I get unknown host error. Does this suggest my wins configuration is broken? I verified in this case that nmbd was running and the log.nmbd doesn't contain any obvious error messages. Thanks, -stephen stephen mulcahy wrote: Hi, In effort to resolve the 1054 errors on the XP client, I tried to create a new test domain on a separate server and join one of the XP clients to that. The joining process went smoothly (with one caveat below) but I notice the same event is logged in the new domain. I notice that is it preceeded by an AutoEnrollment error with event id 15 which is discussed here - http://lists.linux.org.au/archives/lias/2002-November/msg00033.html Is it possible that this is connected to my errors? Did I miss some documentation in the Samba HOWTO relating to my XP client setup? On a related note, when I restarted the XP client for the first time after joining the new test domain, it displayed a dialog on the login screen saying Please wait while the domain list is created which stayed there for a few minutes. Is that normal or is it indicative of a problem? Finally, whats the most current recommended documentation for configuring Samba with a tdbsam backend as a PDC? I'm wondering if further reading of some fine manual may help me in my quest. Thanks, -stephen stephen mulcahy wrote: Hi Paul, Thanks for your reply. I tried adding the following to lmhosts as suggested, 10.1.2.3 duck#PRE #DOM:APLPI and rebooted but I'm still seeing the same error (should I disable the WINS server I have enabled in samba to correctly verify this?). I would note that on the client if I type 'net view \\duck' this consistently works suggesting that name resolution is working (but is there a better way of testing name resolution in a samba environment?) I restarted samba with some additional logging and noted 2 things 1. Samba creates a log-file for the client with the ip address first and then subsequently creates a log-file with the client name. Is this normal or indicative of a problem? 2. I can clearly see the client successfully opening the NTConfig.POL file (and the logon.cmd file) indicating that the client has connected to and downloaded the policy file .. so the nature of the Event 1054 error is unclear to me .. [2007/02/08 14:35:20, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service netlogon initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving netlogon as a Dfs root [2007/02/08 14:35:22, 2] smbd/open.c:open_file(352) smulcahy opened file NTConfig.POL read=Yes write=No (numopen=1) [2007/02/08 14:35:22, 2] smbd/close.c:close_normal_file(344) smulcahy closed file NTConfig.POL (numopen=0) [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service smulcahy initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving smulcahy as a Dfs root [2007/02/08 14:35:23, 2] smbd/open.c:open_file(352) smulcahy opened file logon.cmd read=Yes write=No (numopen=1) [2007/02/08 14:35:23, 2] smbd/open.c:open_file(352) smulcahy opened file logon.cmd read=Yes write=No (numopen=2) Not sure if that is any help in the grand scheme of things but I'm running out of ideas on how to resolve this. Is it possible that something is being cached somewhere? I've tried removing the machine from the domain (deleting the tdbsam entry with pdbedit -x and the password entry for the machine) rejoining the client to the domain in the hope that it might reset something but to no effect -- are there additional steps I should perform to ensure there are no traces of the client/domain membership remaining on either the client or samba? Thanks, -stephen Paul McGrath wrote: It could be a name resolving issue. Try creating a lmhosts file in the etc folder using the examples listed in the file. Copy lmhosts.sam lmhosts
Re: [Samba] Windows cannot obtain the domain controller name for your computer network error on XP Pro SP2 clients for Samba 3.0.23d PDC
Hi, Further debugging of this - I see that the logon.cmd is successfully executed by the Windows XP client even as it logs the 1054 Event -- the logon.cmd simply mounts some shares. Looking at the samba logs (default log level) I can't see any errors. Is this some browsing issue? Or a problem with name resolution? Any suggestions on tools to diagnose this further would be appreciated. Thanks, -stephen stephen mulcahy wrote: Hi, I've recently reinstalled our Samba server with a view to getting it working as a PDC using the tdbsam backend. I've successfully connected a number of XP Pro SP2 clients to the domain and can login ok, but I'm have problems getting the clients to read/apply an NTConfig.POL file I created following the instructions at http://www.pcc-services.com/custom_poledit.html I'm seeing the following error logged in the event log on the XP Pro SP2 clients, Event ID: 1054 Source: Userenv Type: Error Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or exist or could not be contacted). Group Policy processing aborted. Data: (unavailable) Some Googling turns up the following http://support.microsoft.com/kb/840669 and various other postings on this on the net. In response to those I've tried various combinations of the following, 1. Change from using DHCP to static IP on client. 2. Applied various registry hacks including turning DHCP media sensing off. 3. Disabled various network card options such as media sensing. 4. Forced the card to 100Mbps/full duplex (rather than auto). 5. Upgraded to the latest network card drivers. 6. Downgraded to older network card drivers. I'm getting the same error message on 3 XP Pro SP2 clients which I test this on, all of which have gigabit broadcom cards (various different chipsets). The knowledge base article suggests this is a problem which occurs with gigabit cards .. short of trying adding new network cards to the systems (some of which are laptops) - does anyone have any suggestions on what I could try? I assumes others are successfully running with a similar config or are PDCs with tdbsam rare (or is that totally unrelated to the problems I'm experiencing). I've also tried using a Samba PDC config from the HOWTO rather than my own hand-crafted one (see below for both). Samba version is 3.0.23d running on 2.6.17-2-686 Debian etch on Dell Poweredge 1600sc with an Intel Corporation 82540EM Gigabit Ethernet Controller (rev 02). I have a djbdns dhcp server on the network serving which references the samba server as a wins server. Thanks, -stephen Original PDC config [global] workgroup = X netbios name = server string = %h server (Samba %v) log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes guest account = nobody unix password sync = yes passwd program = /usr/bin/passwd %u pam password change = yes domain logons = yes os level = 40 logon path = \\%L\profiles\%U logon drive = U: logon home = \\%L\%U logon script = logon.cmd add machine script = /usr/sbin/useradd -d /var/lib/nobody -g 1015 -s /bin/false %u load printers = yes printing = cups printcap name = cups socket options = TCP_NODELAY domain master = yes preferred master = yes wins support = yes idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash smb ports = 445 [homes] comment = Home Directories browseable = no writable = yes create mask = 0700 directory mask = 0700 hide files = /desktop.ini/ntuser.ini/NTUSER.*/RECYCLER/ [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes public = no writable = no create mode = 0700 # Windows clients look for this share name as a source of downloadable # printer drivers [print$] comment = Printer Drivers path = /var/lib/samba/printers write list = root, @ntadmin printer admin = root, @ntadmin [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no share modes = no # For profiles to work, create a user directory under the path # shown. i.e., mkdir -p /var/lib/samba/profiles/maryo [profiles] comment = Roaming Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes PDC config from HOWTO [global] workgroup = netbios name = passdb backend = tdbsam printcap name = cups add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user
Re: [Samba] Howto setup printing with Windows XP Clients, Cups and samba..
= No [profiles] path = /mnt/srv/data/Profiles valid users = %U, @Domain Admins force user = %U read only = No guest ok = Yes profile acls = Yes browseable = No csc policy = disable root preexec = /opt/domain/bin/create_profile.sh '%u' [Temp] path = /mnt/srv/data/Temp read only = No [Privat] path = /mnt/srv/data/Home read only = No [Archiv] path = /mnt/srv/data/archiv read only = No [firma.in-medias-res] path = /mnt/srv/data/firma.in-medias-res read only = No [firma.rotas] path = /mnt/srv/data/firma.rotas read only = No [firma.mcity] path = /mnt/srv/data/firma.mcity read only = No [firma.returnit] path = /mnt/srv/data/firma.returnit read only = No [install] path = /mnt/srv/data/firma.returnit read only = No [printers] comment = All Printers path = /var/spool/samba printer admin = Administrator, schoenfeld, root guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = root, schoenfeld, Administrator -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC
Hi Paul, Thanks for your reply. I tried adding the following to lmhosts as suggested, 10.1.2.3 duck #PRE #DOM:APLPI and rebooted but I'm still seeing the same error (should I disable the WINS server I have enabled in samba to correctly verify this?). I would note that on the client if I type 'net view \\duck' this consistently works suggesting that name resolution is working (but is there a better way of testing name resolution in a samba environment?) I restarted samba with some additional logging and noted 2 things 1. Samba creates a log-file for the client with the ip address first and then subsequently creates a log-file with the client name. Is this normal or indicative of a problem? 2. I can clearly see the client successfully opening the NTConfig.POL file (and the logon.cmd file) indicating that the client has connected to and downloaded the policy file .. so the nature of the Event 1054 error is unclear to me .. [2007/02/08 14:35:20, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving IPC$ as a Dfs root [2007/02/08 14:35:22, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [smulcahy] - [smulcahy] - [smulcahy] succeeded [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service netlogon initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving netlogon as a Dfs root [2007/02/08 14:35:22, 2] smbd/open.c:open_file(352) smulcahy opened file NTConfig.POL read=Yes write=No (numopen=1) [2007/02/08 14:35:22, 2] smbd/close.c:close_normal_file(344) smulcahy closed file NTConfig.POL (numopen=0) [2007/02/08 14:35:22, 1] smbd/service.c:make_connection_snum(950) puck (10.7.44.30) connect to service smulcahy initially as user smulcahy (uid=1000, gid=1000) (pid 29041) [2007/02/08 14:35:22, 2] smbd/reply.c:reply_tcon_and_X(711) Serving smulcahy as a Dfs root [2007/02/08 14:35:23, 2] smbd/open.c:open_file(352) smulcahy opened file logon.cmd read=Yes write=No (numopen=1) [2007/02/08 14:35:23, 2] smbd/open.c:open_file(352) smulcahy opened file logon.cmd read=Yes write=No (numopen=2) Not sure if that is any help in the grand scheme of things but I'm running out of ideas on how to resolve this. Is it possible that something is being cached somewhere? I've tried removing the machine from the domain (deleting the tdbsam entry with pdbedit -x and the password entry for the machine) rejoining the client to the domain in the hope that it might reset something but to no effect -- are there additional steps I should perform to ensure there are no traces of the client/domain membership remaining on either the client or samba? Thanks, -stephen Paul McGrath wrote: It could be a name resolving issue. Try creating a lmhosts file in the etc folder using the examples listed in the file. Copy lmhosts.sam lmhosts then edit the lmhosts file (it doesn't have an extension). 111.111.111.1 dc-server #PRE #DOM:mydomain Then reboot. If you don't have a WINS server and you havent entered this into your client then your best bet is to use the lmhosts file. Also helps if your clients are on different subnets. Regards Paul -Original Message- From: stephen mulcahy [mailto:[EMAIL PROTECTED] Sent: Thursday 08 February 2007 10:29 To: samba@lists.samba.org Subject: Re: [Samba] Windows cannot obtain the domain controller name foryour computer network error on XP Pro SP2 clients for Samba 3.0.23dPDC Hi, Further debugging of this - I see that the logon.cmd is successfully executed by the Windows XP client even as it logs the 1054 Event -- the logon.cmd simply mounts some shares. Looking at the samba logs (default log level) I can't see any errors. Is this some browsing issue? Or a problem with name resolution? Any suggestions on tools to diagnose this further would be appreciated. Thanks, -stephen stephen mulcahy wrote: Hi, I've recently reinstalled our Samba server with a view to getting it working as a PDC using the tdbsam backend. I've successfully connected a number of XP Pro SP2 clients to the domain and can login ok, but I'm have problems getting the clients to read/apply an NTConfig.POL file I created following the instructions at http://www.pcc-services.com/custom_poledit.html I'm seeing the following error logged in the event log on the XP Pro SP2 clients, Event ID: 1054 Source: Userenv Type: Error Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or exist
Re: [Samba] Howto setup printing with Windows XP Clients, Cups and samba..
Hi Martin, Thanks for the clear instructions. They've inspired me to try this again as soon as I fix my other problem :) -stephen Martin Zielinski wrote: Hi, That's really not the way you should do this. Try this: 1st Check your permissions : Enter on your windows client: Start-Run- \\server\print$ (Note the $) You should see at least the W32X86 folder you previously created in the driver section of your Samba server. Try to add a new folder - or (if exists) change into W32X86\3 and create a file (or folder) *from your windows client*. If this fails - you have a permission problem and have to solve it first. 2nd Install your driver: - Enter on your windows client: Start-Run- \\server - Change into the Printers and Faxes folder - Right click - Server Properties - Middle tab Drivers - Click Add and follow the instructions 3rd Assign your driver: - In the printers and faxes folder right-click on a printer - Select Properties - Tab Advanced - Select the driver from the drop down box - Ok Your done. Most problems with permissions will be caused because of the unix rights of your driver directories. You could try to chmod 0777 them all e.g. /var/drivers /var/driver/W32X86 ... Hope that helps, Martin stephen mulcahy schrieb: Hi, I (unsuccessfully) tried to set this up about 12 months ago. To get the printer drivers I downloaded them from the printer vendor, extracted the downloaded driver package (or ran it to install them) and then copied the resulting files to the server. This seemed to work ok but I tripped over permissions problems (possibly because at the time the print server wasn't functioning as a pdc). Not sure if that helps though. -stephen [...] -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. mailto:[EMAIL PROTECTED] mobile:+353.87.2930252 office:+353.91.751262 http://www.aplpi.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows cannot obtain the domain controller name for your computer network error on XP Pro SP2 clients for Samba 3.0.23d PDC
-2 idmap gid = 15000-2 printing = cups wins support = yes [homes] comment = Home Directories valid users = %S read only = No browseable = No # Printing auto-share (makes printers available thru CUPS) [printers] comment = All Printers path = /var/spool/samba printer admin = root create mask = 0600 guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers Share path = /var/lib/samba/drivers write list = root printer admin = root # Needed to support domain logons [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon admin users = root guest ok = Yes browseable = No # For profiles to work, create a user directory under the path # shown. i.e., mkdir -p /var/lib/samba/profiles/maryo [Profiles] comment = Roaming Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes -- Stephen Mulcahy, Applepie Solutions Ltd, Innovation in Business Center, GMIT, Dublin Rd, Galway, Ireland. http://www.aplpi.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba