[Samba] A device attached to the system is not functioning(samba 3.6.3 + OpenLDAP)

[Mike]

Today's morning I got *Domain not available* on all windows xp 
machines(domain logon working only for users with cached profiles)
I tried to rejoin machine to domain, but when I try to join, error *A 
device attached to the system is not functioning* occurs

Here is error log when I tried to join http://pastebin.com/MCHKMjmL
*Re-using invalid record* looks suspicious, but I don't understand how 
its related to my problem.

I'm using samba 3.6.3 with OpenLDAP

My samba config: http://pastebin.com/BKLVBeWv

Also, I done absolutely nothing to server before error happens(just 
reboot 2 days ago)


--
С уважением,
Майоров Михаил.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning(samba 3.6.3 + OpenLDAP)

[John Drescher]

 Today's morning I got *Domain not available* on all windows xp
 machines(domain logon working only for users with cached profiles)
 I tried to rejoin machine to domain, but when I try to join, error *A
 device attached to the system is not functioning* occurs
 Here is error log when I tried to join http://pastebin.com/MCHKMjmL
 *Re-using invalid record* looks suspicious, but I don't understand how its
 related to my problem.
 I'm using samba 3.6.3 with OpenLDAP

 My samba config: http://pastebin.com/BKLVBeWv

 Also, I done absolutely nothing to server before error happens(just reboot 2
 days ago)

A lot of times I see errors like this to be a browsing problem where
the client does not know the ipaddress of the server. Does your client
have a wins address in its config?

John
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

Yep, it is some extra *-513* in the end,
also I can not understand

# net groupmap list
Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - Domain Users

User SID: S-1-5-21-2139989288-483860436-2398042574-3152
is okey too.

Primary Group SID:S-1-5-21-3745118107-2241246581-749181168-513*-513*

is good too,
# net getlocalsid MYDOMAIN.COM
SID for domain  MYDOMAIN .COM is:
S-1-5-21-3745118107-2241246581-749181168-513

I guess problem is in file passdb.tdb

but I really don't know what to do with this ...



 Hi Alan,
 I do not know how you came about this setup, but from a quick glance the
 sid defined in alexander's Primary Group SID is incorrect:
 Domain Users' sid is defined by
 SID: S-1-5-21domain-513 (from 
 http://support.microsoft.com/**kb/243330http://support.microsoft.com/kb/243330
 )
 So it seems to me that:
 1) you have additional -513 appended at the end
 2) Your domain portion of the sid for Primary Group SID is different to
 the one used in the User SID and to the ones listed by net groupmap admins
 So shouldn't alexander's Primary Group SID be
 S-1-5-21-2139989288-483860436-**2398042574-513?

 HTH

 L




-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

I did change SID for *user *alexander on the same SID that his *group *has:

Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - Domain Users
  ---HIS GROUP

# smbldap-usershow alexander

sambaSID: S-1-5-21-3745118107-2241246581-749181168-513


but this extra -513 still here ...


== /var/log/samba/xp-8a995003b537.log ==
[2012/07/03 13:31:57.108776,  1]
rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
  _netr_LogonSamLogon: user CALLMYNAME.COM\zvika has user sid *
S-1-5-21-3745118107-2241246581-749181168-513*
   but group sid *S-1-5-21-3745118107-2241246581-749181168-513-513*.
  The conflicting domain portions are not supported for NETLOGON calls


-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

I just noticed, when I am truing to connect with windows computer to
domain, I see in the log next:


[2012/07/03 14:06:26.341978,  1]
rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
  _netr_LogonSamLogon: user MYDOMAINE.COM\ronib has user sid
S-1-5-21-2139989288-483860436-2398042574-3222
   but group sid S-1-5-21-3745118107-2241246581-749181168-513-513.

But:

Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) - Domain
Admins
Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - Domain Users
Domain Guests (S-1-5-21-2139989288-483860436-2398042574-514) - Domain
Guests
Domain Computers (S-1-5-21-2139989288-483860436-2398042574-515) - Domain
Computers
Administrators (S-1-5-32-544) - Administrators
Account Operators (S-1-5-32-548) - Account Operators
Print Operators (S-1-5-32-550) - Print Operators
Backup Operators (S-1-5-32-551) - Backup Operators
Replicators (S-1-5-32-552) - Replicators
Board Members (S-1-5-32-600) - Board
Management Members (S-1-5-32-601) - Management
qa (S-1-5-21-2139989288-483860436-2398042574-3001) - qa
na (S-1-5-21-2139989288-483860436-2398042574-3007) - na


So question is, wtf is but group sid
S-1-5-21-3745118107-2241246581-749181168-513-513 this ???

I don not see any group like this in my domain, user ronib is in group
Domain Users and this group looks like this:
Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - Domain Users

From where this sid S-1-5-21-3745118107-2241246581-749181168-513-513




-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

And once again I did find from where this sid, it is from my domain:

[root@server smbldap-tools]#  net getlocalsid MYDOMAIN.COM
SID for domain  MYDOMAIN.COM is:
S-1-5-21-3745118107-2241246581-749181168-513

So like I told before, I did change SID for user alexander:
[2012/07/03 14:15:11.730721,  1]
rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
  _netr_LogonSamLogon: user CALLMYNAME.COM\zvika has user sid
S-1-5-21-3745118107-2241246581-749181168-513
   but group sid S-1-5-21-3745118107-2241246581-749181168-513*-513*.
  The conflicting domain portions are not supported for NETLOGON calls

And now his SID is ok, SID of group is ok too, but -513 is extra and I
don't see this in Apache Directory Studio, also I don't see it in console
on server (((





-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] A device attached to the system is not functioning

[Alan Holt]

Dear all,
I was looking a lot around of Internet, but still did not find some
solution for my problem.
I have SAMBA and domain with ldap, everything have been fine until today.

Like usually I did create new user in domain and tried to get into my
domain on Windows 7 and Windows XP machines.
Then I have got this error:

A device attached to the system is not functioning
I checked SAMBA logs and found this:

== /var/log/samba/xp-8a995003b537.log ==
[2012/07/02 17:38:28.626582,  1]
rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
  _netr_LogonSamLogon: user MYDOMAINE.COM\alex has user sid
S-1-5-21-2139989288-483860436-2398042574-3228
   but group sid S-1-5-21-3745118107-2241246581-749181168-513-513.
  The conflicting domain portions are not supported for NETLOGON calls

I guess it's happens because some problems with SID. I did check SID for
user alex:

# pdbedit -L -v alex
User SID:  S-1-5-21-2139989288-483860436-2398042574-3228
Primary Group SID:S-1-5-21-3745118107-2241246581-*749181168-513*-513
Domain:MYDOMAIN.COM

Also I did check SID for my domain:
# net getlocalsid  MYDOMAIN .COM
SID for domain  MYDOMAIN .COM is: S-1-5-21-3745118107-2241246581-*
749181168-513*

So could you please to help to solve this issue?
Thanks.


-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[John Drescher]

On Mon, Jul 2, 2012 at 10:49 AM, Alan Holt berber...@gmail.com wrote:
 Dear all,
 I was looking a lot around of Internet, but still did not find some
 solution for my problem.
 I have SAMBA and domain with ldap, everything have been fine until today.

 Like usually I did create new user in domain and tried to get into my
 domain on Windows 7 and Windows XP machines.
 Then I have got this error:

 A device attached to the system is not functioning
 I checked SAMBA logs and found this:

 == /var/log/samba/xp-8a995003b537.log ==
 [2012/07/02 17:38:28.626582,  1]
 rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
   _netr_LogonSamLogon: user MYDOMAINE.COM\alex has user sid
 S-1-5-21-2139989288-483860436-2398042574-3228
but group sid S-1-5-21-3745118107-2241246581-749181168-513-513.
   The conflicting domain portions are not supported for NETLOGON calls

 I guess it's happens because some problems with SID. I did check SID for
 user alex:

 # pdbedit -L -v alex
 User SID:  S-1-5-21-2139989288-483860436-2398042574-3228
 Primary Group SID:S-1-5-21-3745118107-2241246581-*749181168-513*-513
 Domain:MYDOMAIN.COM

 Also I did check SID for my domain:
 # net getlocalsid  MYDOMAIN .COM
 SID for domain  MYDOMAIN .COM is: S-1-5-21-3745118107-2241246581-*
 749181168-513*

 So could you please to help to solve this issue?
 Thanks.


I do not believe windows likes samba3 / windows nt domains having a
. in the domain name

John
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

What does it mean?
This is name of my domain:

# vi /etc/smbldap-tools/smbldap.conf

suffix=dc=mydomaine,dc=com






On Mon, Jul 2, 2012 at 5:51 PM, John Drescher dresche...@gmail.com wrote:

 On Mon, Jul 2, 2012 at 10:49 AM, Alan Holt berber...@gmail.com wrote:
  Dear all,
  I was looking a lot around of Internet, but still did not find some
  solution for my problem.
  I have SAMBA and domain with ldap, everything have been fine until today.
 
  Like usually I did create new user in domain and tried to get into my
  domain on Windows 7 and Windows XP machines.
  Then I have got this error:
 
  A device attached to the system is not functioning
  I checked SAMBA logs and found this:
 
  == /var/log/samba/xp-8a995003b537.log ==
  [2012/07/02 17:38:28.626582,  1]
  rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
_netr_LogonSamLogon: user MYDOMAINE.COM\alex has user sid
  S-1-5-21-2139989288-483860436-2398042574-3228
 but group sid S-1-5-21-3745118107-2241246581-749181168-513-513.
The conflicting domain portions are not supported for NETLOGON calls
 
  I guess it's happens because some problems with SID. I did check SID for
  user alex:
 
  # pdbedit -L -v alex
  User SID:  S-1-5-21-2139989288-483860436-2398042574-3228
  Primary Group SID:S-1-5-21-3745118107-2241246581-*749181168-513*-513
  Domain:MYDOMAIN.COM
 
  Also I did check SID for my domain:
  # net getlocalsid  MYDOMAIN .COM
  SID for domain  MYDOMAIN .COM is: S-1-5-21-3745118107-2241246581-*
  749181168-513*
 
  So could you please to help to solve this issue?
  Thanks.
 

 I do not believe windows likes samba3 / windows nt domains having a
 . in the domain name

 John




-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[John Drescher]

On Mon, Jul 2, 2012 at 11:01 AM, Alan Holt berber...@gmail.com wrote:
 What does it mean?
 This is name of my domain:

 # vi /etc/smbldap-tools/smbldap.conf
 
 suffix=dc=mydomaine,dc=com
 

I am talking about the workgroup setting in smb.conf

This should not contain a .

John
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

Not this is problem right now.
Something wrong with SID ...
but what..

please any suggestions ..

Also for users that already were created I see in logs this error:

  _netr_LogonSamLogon: user MYDOMAINE.COM\elad has user sid
S-1-5-21-2139989288-483860436-2398042574-3070
   but group sid S-1-5-21-3745118107-2241246581-749181168-513-513.
  *The conflicting domain portions are not supported for NETLOGON calls*

And also I can get into samba with new user alex:

# smbclient -L localhost -U alex
Enter zvika's password:
Domain=[MYDOMAINE.COM] OS=[Unix] Server=[Samba 3.5.11-79.fc14]


On Mon, Jul 2, 2012 at 6:06 PM, John Drescher dresche...@gmail.com wrote:

 On Mon, Jul 2, 2012 at 11:01 AM, Alan Holt berber...@gmail.com wrote:
  What does it mean?
  This is name of my domain:
 
  # vi /etc/smbldap-tools/smbldap.conf
  
  suffix=dc=mydomaine,dc=com
  

 I am talking about the workgroup setting in smb.conf

 This should not contain a .

 John




-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Alan Holt]

Also, this is SID of groups in domain:

# net groupmap list
Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) - Domain
Admins
Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) - Domain Users
Domain Guests (S-1-5-21-2139989288-483860436-2398042574-514) - Domain
Guests
Domain Computers (S-1-5-21-2139989288-483860436-2398042574-515) - Domain
Computers
Administrators (S-1-5-32-544) - Administrators

and this is SID of my user:
# pdbedit -Lv alexander
User SID: S-1-5-21-2139989288-483860436-2398042574-3186
Primary Group SID:S-1-5-21-3745118107-2241246581-749181168-513-513

They are completely different 

-- 
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3
*
*www.linuxspace.org* http://www.linuxspace.org
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* http://www.linuxspace.org/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning

[Lukasz Zalewski]

On 02/07/12 16:15, Alan Holt wrote:

Also, this is SID of groups in domain:

# net groupmap list
Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) -  Domain
Admins
Domain Users (S-1-5-21-2139989288-483860436-2398042574-513) -  Domain Users
Domain Guests (S-1-5-21-2139989288-483860436-2398042574-514) -  Domain
Guests
Domain Computers (S-1-5-21-2139989288-483860436-2398042574-515) -  Domain
Computers
Administrators (S-1-5-32-544) -  Administrators

and this is SID of my user:
# pdbedit -Lv alexander
User SID: S-1-5-21-2139989288-483860436-2398042574-3186
Primary Group SID:S-1-5-21-3745118107-2241246581-749181168-513-513

They are completely different 



Hi Alan,
I do not know how you came about this setup, but from a quick glance the 
sid defined in alexander's Primary Group SID is incorrect:

Domain Users' sid is defined by
SID: S-1-5-21domain-513 (from http://support.microsoft.com/kb/243330)
So it seems to me that:
1) you have additional -513 appended at the end
2) Your domain portion of the sid for Primary Group SID is different to 
the one used in the User SID and to the ones listed by net groupmap admins
So shouldn't alexander's Primary Group SID be 
S-1-5-21-2139989288-483860436-2398042574-513?


HTH

L
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning - When adding a computer to the domain

[Chris Beach]

I wanted to send this out a 2nd (and last) time.. I got suggestions not to
use BLAH.COM and to use BLAH instead for my domain name, however I don't
think that's causing my problem as it's been this way for 6 years? Any way I
still can't add machines to my domain and am fairly panicked (this is
production, 140~ users).

Any other suggestions?

Thank you.

On Thu, Dec 30, 2010 at 1:35 PM, Chris Beach chr...@pintys.com wrote:

 Hi all,

 I just setup a Samba 3.3.14, with an ldap back-end.

 I migrated the ldap back end and samba shares from my old samba server.
 I've found when adding a machine (WinXP) to the domain, I get the following
 error on XP:

 The following error occurred attempting to join the domain Blah.com:
 A device attached to the system is not functioning.

 in my /var/log/messages I have:

 Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0]
 passdb/pdb_get_set.cdb_get_group_sid(210)
 Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find Unix
 account for OAKRND02$

 repeated about 6 times.

 My smb.conf looks like this for the scripts to run:

 * add machine script = /usr/sbin/smbldap-useradd -w %u
 add user script = /usr/sbin/smbldap-useradd -m -a %u
 delete user script = /usr/sbin/smbldap-userdel -r %u
 add group script = /usr/sbin/smbldap-groupadd -p %g
 delete group script = /usr/sbin/smbldap-groupdel %g
 add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
 delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
 set primary group script = /usr/sbin/smbldap-usermod -g %g %u

 ldap passwd sync = yes
 passwd program = /usr/sbin/smbldap-passwd %u
 passwd chat = Changing password for*\nNew password* %n\n *Retype new
 password* %n\n*

 When I do an LDAP search, I see there is an entry in LDAP for it the
 machine, so some of the add machine script must have worked:

 ldapsearch -b dc=mydomain,dc=com -x (uid=oakrnd01$)

 # OAKRND01$, Computers, mydomain, com
 dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com
 uid: OAKRND01$
 sambaSID: S-1-5-21-3318375643-2463009161-75282-41448
 sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-75282-515
 sambaAcctFlags: [W ]
 objectClass: sambaSamAccount
 objectClass: account
 objectClass: top
 objectClass: inetOrgPerson
 objectClass: posixAccount
 sambaPwdCanChange: 1291378566
 sambaPwdMustChange: 1299154566
 sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313
 sambaPwdLastSet: 1291378566

 Also, I get results in pdbedit:

 [r...@happiness ~]# pdbedit -v oakrnd01$
 Unix username:OAKRND01$
 NT username:  OAKRND01$
 Account Flags:[W  ]
 User SID: S-1-5-21-3318375643-2463009161-75282-41448
 *pdb_get_group_sid: Failed to find Unix account for OAKRND01$*
 *Primary Group SID:(NULL SID)*
 Full Name:
 Home Directory:
 HomeDir Drive:
 Logon Script: logon.exe
 Profile Path:
 Domain:   MYDOMAIN.COM
 Account desc:
 Workstations:
 Munged dial:
 Logon time:   0
 Logoff time:  never
 Kickoff time: never
 Password last set:Fri, 03 Dec 2010 06:16:06 CST
 Password can change:  Fri, 03 Dec 2010 06:16:06 CST
 Password must change: Thu, 03 Mar 2011 06:16:06 CST
 Last bad password   : 0
 Bad password count  : 0
 Logon hours : FF

 Also:

 /usr/sbin/smbldap-useradd -w OAKRND02
 failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm line
 616.

 And then my slapd dies out (crashes)... this same behaviour happens when
 trying to use USRMGR.exe to add a new user (but doing it manually via
 smbldap DOES work for adding a new user).

 What's most annoying is I tested joining a Windows 7 machine to the domain
 before I went live with this server, and it was successful, so I've no clue
 why this isn't working now

 Any help I can get it REALLY APPRECIATED, right now I've got a PC I can't
 get on the domain, so a user how can't work.




-- 
Chris Beach
IT Analyst
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning - When adding a computer to the domain

[Volker Lendecke]

On Mon, Jan 03, 2011 at 07:57:35AM -0500, Chris Beach wrote:
 I wanted to send this out a 2nd (and last) time.. I got suggestions not to
 use BLAH.COM and to use BLAH instead for my domain name, however I don't
 think that's causing my problem as it's been this way for 6 years? Any way I
 still can't add machines to my domain and am fairly panicked (this is
 production, 140~ users).
 
 Any other suggestions?

If you're 100% sure that you don't have nscd running, this
might be a case sensivity bug. I think we fixed that some
time ago. We used to not try the case-insensitive search in
all cases. Please try 3.5.6.

With best regards,

Volker Lendecke

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning - When adding a computer to the domain

[Chris Beach]

Turns out it is only the one machine having this problem, I've just tried
joining a Windows 7 and Windows XP client to the domain and it's worked
without problems, so whatever is causing this error is local to one machine
(thank god).

Thanks to those who replied!

On Mon, Jan 3, 2011 at 8:13 AM, Volker Lendecke
volker.lende...@sernet.dewrote:

 On Mon, Jan 03, 2011 at 07:57:35AM -0500, Chris Beach wrote:
  I wanted to send this out a 2nd (and last) time.. I got suggestions not
 to
  use BLAH.COM and to use BLAH instead for my domain name, however I don't
  think that's causing my problem as it's been this way for 6 years? Any
 way I
  still can't add machines to my domain and am fairly panicked (this is
  production, 140~ users).
 
  Any other suggestions?

 If you're 100% sure that you don't have nscd running, this
 might be a case sensivity bug. I think we fixed that some
 time ago. We used to not try the case-insensitive search in
 all cases. Please try 3.5.6.

 With best regards,

 Volker Lendecke

 --
 SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
 phone: +49-551-37-0, fax: +49-551-37-9
 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen




-- 
Chris Beach
IT Analyst
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning -When adding a computer to the domain

[tms3]

On Monday 03/01/2011 at 4:58 am, Chris Beach  wrote:
I wanted to send this out a 2nd (and last) time.. I got suggestions 
not to
use BLAH.COM and to use BLAH instead for my domain name, however I 
don't

think that's causing my problem as it's been this way for 6 years?

Then  you have done no research regarding NetBIOS names.

NetBIOS
Restictions
Characters
Unicode characters, numbers, white space, symbols: ! @ # $ % ^  ' ) ( 
. - _ { } ~


See chart top of page:

http://technet.microsoft.com/en-us/library/cc959336.aspx

Machine trusts MUST be able to resolve NetBIOS names.  The preferred 
method is via WINS.  Misconfigured NetBIOS names will make this, shall 
we say, difficult.


Any way I
still can't add machines to my domain and am fairly panicked (this is
production, 140~ users).

Any other suggestions?

Thank you.

On Thu, Dec 30, 2010 at 1:35 PM, Chris Beach chr...@pintys.com 
wrote:




Hi all,

I just setup a Samba 3.3.14, with an ldap back-end.

I migrated the ldap back end and samba shares from my old samba 
server.
I've found when adding a machine (WinXP) to the domain, I get the 
following

error on XP:

The following error occurred attempting to join the domain Blah.com:
A device attached to the system is not functioning.

in my /var/log/messages I have:

Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0]
passdb/pdb_get_set.cdb_get_group_sid(210)
Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find 
Unix

account for OAKRND02$

repeated about 6 times.

My smb.conf looks like this for the scripts to run:

* add machine script = /usr/sbin/smbldap-useradd -w %u
add user script = /usr/sbin/smbldap-useradd -m -a %u
delete user script = /usr/sbin/smbldap-userdel -r %u
add group script = /usr/sbin/smbldap-groupadd -p %g
delete group script = /usr/sbin/smbldap-groupdel %g
add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
delete user from group script = /usr/sbin/smbldap-groupmod -x %u 
%g

set primary group script = /usr/sbin/smbldap-usermod -g %g %u

ldap passwd sync = yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = Changing password for*\nNew password* %n\n *Retype 
new

password* %n\n*

When I do an LDAP search, I see there is an entry in LDAP for it the
machine, so some of the add machine script must have worked:

ldapsearch -b dc=mydomain,dc=com -x (uid=oakrnd01$)

# OAKRND01$, Computers, mydomain, com
dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com
uid: OAKRND01$
sambaSID: S-1-5-21-3318375643-2463009161-75282-41448
sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-75282-515
sambaAcctFlags: [W ]
objectClass: sambaSamAccount
objectClass: account
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
sambaPwdCanChange: 1291378566
sambaPwdMustChange: 1299154566
sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313
sambaPwdLastSet: 1291378566

Also, I get results in pdbedit:

[r...@happiness ~]# pdbedit -v oakrnd01$
Unix username:OAKRND01$
NT username:  OAKRND01$
Account Flags:[W  ]
User SID: S-1-5-21-3318375643-2463009161-75282-41448
*pdb_get_group_sid: Failed to find Unix account for OAKRND01$*
*Primary Group SID:(NULL SID)*
Full Name:
Home Directory:
HomeDir Drive:
Logon Script: logon.exe
Profile Path:
Domain:   MYDOMAIN.COM
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  never
Kickoff time: never
Password last set:Fri, 03 Dec 2010 06:16:06 CST
Password can change:  Fri, 03 Dec 2010 06:16:06 CST
Password must change: Thu, 03 Mar 2011 06:16:06 CST
Last bad password   : 0
Bad password count  : 0
Logon hours : FF

Also:

/usr/sbin/smbldap-useradd -w OAKRND02
failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm 
line

616.

And then my slapd dies out (crashes)... this same behaviour happens 
when

trying to use USRMGR.exe to add a new user (but doing it manually via
smbldap DOES work for adding a new user).

What's most annoying is I tested joining a Windows 7 machine to the 
domain
before I went live with this server, and it was successful, so I've no 
clue

why this isn't working now

Any help I can get it REALLY APPRECIATED, right now I've got a PC I 
can't

get on the domain, so a user how can't work.





--
Chris Beach
IT Analyst
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning -When adding a computer to the domain

[Chris Beach]

Thank you, I'll give it a read and do some more research on it.. To be
honest my predecessor set up Samba before I got here (6-7 years ago), so
that's what I was left with (BLAH.COM), and not knowing any better, have
used it ever since.

Just FYI, my Domain name (workgroup in smb.conf) is BLAH.COM ... the netbios
name of the actual samba server is HAPPINESS

On Mon, Jan 3, 2011 at 9:32 AM, t...@tms3.com wrote:




 On Monday 03/01/2011 at 4:58 am, Chris Beach wrote:

 I wanted to send this out a 2nd (and last) time.. I got suggestions not to
 use BLAH.COM and to use BLAH instead for my domain name, however I don't
 think that's causing my problem as it's been this way for 6 years?

 Then  you have done no research regarding NetBIOS names.

 NetBIOS
 Restictions
 Characters
 Unicode characters, numbers, white space, symbols: ! @ # $ % ^  ' ) ( . -
 _ { } ~

 See chart top of page:

 http://technet.microsoft.com/en-us/library/cc959336.aspx

 Machine trusts MUST be able to resolve NetBIOS names.  The preferred method
 is via WINS.  Misconfigured NetBIOS names will make this, shall we say,
 difficult.

 Any way I
 still can't add machines to my domain and am fairly panicked (this is
 production, 140~ users).

 Any other suggestions?

 Thank you.

 On Thu, Dec 30, 2010 at 1:35 PM, Chris Beach chr...@pintys.com wrote:

 Hi all,

 I just setup a Samba 3.3.14, with an ldap back-end.

 I migrated the ldap back end and samba shares from my old samba server.
 I've found when adding a machine (WinXP) to the domain, I get the following
 error on XP:

 The following error occurred attempting to join the domain Blah.com:
 A device attached to the system is not functioning.

 in my /var/log/messages I have:

 Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0]
 passdb/pdb_get_set.cdb_get_group_sid(210)
 Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find Unix
 account for OAKRND02$

 repeated about 6 times.

 My smb.conf looks like this for the scripts to run:

 * add machine script = /usr/sbin/smbldap-useradd -w %u
 add user script = /usr/sbin/smbldap-useradd -m -a %u
 delete user script = /usr/sbin/smbldap-userdel -r %u
 add group script = /usr/sbin/smbldap-groupadd -p %g
 delete group script = /usr/sbin/smbldap-groupdel %g
 add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
 delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
 set primary group script = /usr/sbin/smbldap-usermod -g %g %u

 ldap passwd sync = yes
 passwd program = /usr/sbin/smbldap-passwd %u
 passwd chat = Changing password for*\nNew password* %n\n *Retype new
 password* %n\n*

 When I do an LDAP search, I see there is an entry in LDAP for it the
 machine, so some of the add machine script must have worked:

 ldapsearch -b dc=mydomain,dc=com -x (uid=oakrnd01$)

 # OAKRND01$, Computers, mydomain, com
 dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com
 uid: OAKRND01$
 sambaSID: S-1-5-21-3318375643-2463009161-75282-41448
 sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-75282-515
 sambaAcctFlags: [W ]
 objectClass: sambaSamAccount
 objectClass: account
 objectClass: top
 objectClass: inetOrgPerson
 objectClass: posixAccount
 sambaPwdCanChange: 1291378566
 sambaPwdMustChange: 1299154566
 sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313
 sambaPwdLastSet: 1291378566

 Also, I get results in pdbedit:

 [r...@happiness ~]# pdbedit -v oakrnd01$
 Unix username: OAKRND01$
 NT username: OAKRND01$
 Account Flags: [W ]
 User SID: S-1-5-21-3318375643-2463009161-75282-41448
 *pdb_get_group_sid: Failed to find Unix account for OAKRND01$*
 *Primary Group SID: (NULL SID)*
 Full Name:
 Home Directory:
 HomeDir Drive:
 Logon Script: logon.exe
 Profile Path:
 Domain: MYDOMAIN.COM
 Account desc:
 Workstations:
 Munged dial:
 Logon time: 0
 Logoff time: never
 Kickoff time: never
 Password last set: Fri, 03 Dec 2010 06:16:06 CST
 Password can change: Fri, 03 Dec 2010 06:16:06 CST
 Password must change: Thu, 03 Mar 2011 06:16:06 CST
 Last bad password : 0
 Bad password count : 0
 Logon hours : FF

 Also:

 /usr/sbin/smbldap-useradd -w OAKRND02
 failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm line
 616.

 And then my slapd dies out (crashes)... this same behaviour happens when
 trying to use USRMGR.exe to add a new user (but doing it manually via
 smbldap DOES work for adding a new user).

 What's most annoying is I tested joining a Windows 7 machine to the domain
 before I went live with this server, and it was successful, so I've no clue
 why this isn't working now

 Any help I can get it REALLY APPRECIATED, right now I've got a PC I can't
 get on the domain, so a user how can't work.




 --
 Chris Beach
 IT Analyst

 --
 To unsubscribe from this list go to the following URL and read the
 instructions: https://lists.samba.org/mailman/options/samba





-- 
Chris Beach
IT Analyst
-- 
To unsubscribe from this list go to the following URL and read the

[Samba] A device attached to the system is not functioning - When adding a computer to the domain

[Chris Beach]

Hi all,

I just setup a Samba 3.3.14, with an ldap back-end.

I migrated the ldap back end and samba shares from my old samba server. I've
found when adding a machine (WinXP) to the domain, I get the following error
on XP:

The following error occurred attempting to join the domain Blah.com:
A device attached to the system is not functioning.

in my /var/log/messages I have:

Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0]
passdb/pdb_get_set.cdb_get_group_sid(210)
Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find Unix
account for OAKRND02$

repeated about 6 times.

My smb.conf looks like this for the scripts to run:

* add machine script = /usr/sbin/smbldap-useradd -w %u
add user script = /usr/sbin/smbldap-useradd -m -a %u
delete user script = /usr/sbin/smbldap-userdel -r %u
add group script = /usr/sbin/smbldap-groupadd -p %g
delete group script = /usr/sbin/smbldap-groupdel %g
add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
set primary group script = /usr/sbin/smbldap-usermod -g %g %u

ldap passwd sync = yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = Changing password for*\nNew password* %n\n *Retype new
password* %n\n*

When I do an LDAP search, I see there is an entry in LDAP for it the
machine, so some of the add machine script must have worked:

ldapsearch -b dc=mydomain,dc=com -x (uid=oakrnd01$)

# OAKRND01$, Computers, mydomain, com
dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com
uid: OAKRND01$
sambaSID: S-1-5-21-3318375643-2463009161-75282-41448
sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-75282-515
sambaAcctFlags: [W ]
objectClass: sambaSamAccount
objectClass: account
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
sambaPwdCanChange: 1291378566
sambaPwdMustChange: 1299154566
sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313
sambaPwdLastSet: 1291378566

Also, I get results in pdbedit:

[r...@happiness ~]# pdbedit -v oakrnd01$
Unix username:OAKRND01$
NT username:  OAKRND01$
Account Flags:[W  ]
User SID: S-1-5-21-3318375643-2463009161-75282-41448
*pdb_get_group_sid: Failed to find Unix account for OAKRND01$*
*Primary Group SID:(NULL SID)*
Full Name:
Home Directory:
HomeDir Drive:
Logon Script: logon.exe
Profile Path:
Domain:   MYDOMAIN.COM
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  never
Kickoff time: never
Password last set:Fri, 03 Dec 2010 06:16:06 CST
Password can change:  Fri, 03 Dec 2010 06:16:06 CST
Password must change: Thu, 03 Mar 2011 06:16:06 CST
Last bad password   : 0
Bad password count  : 0
Logon hours : FF

Also:

/usr/sbin/smbldap-useradd -w OAKRND02
failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm line 616.

And then my slapd dies out (crashes)... this same behaviour happens when
trying to use USRMGR.exe to add a new user (but doing it manually via
smbldap DOES work for adding a new user).

What's most annoying is I tested joining a Windows 7 machine to the domain
before I went live with this server, and it was successful, so I've no clue
why this isn't working now

Any help I can get it REALLY APPRECIATED, right now I've got a PC I can't
get on the domain, so a user how can't work.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning - Whenadding a computer to the domain

[tms3]

--- Original message ---
Subject: [Samba] A device attached to the system is not functioning - 
Whenadding a computer to the domain

From: Chris Beach chr...@pintys.com
To: samba@lists.samba.org
Date: Thursday, 30/12/2010 10:42 AM

Hi all,

I just setup a Samba 3.3.14, with an ldap back-end.

I migrated the ldap back end and samba shares from my old samba 
server. I've
found when adding a machine (WinXP) to the domain, I get the following 
error

on XP:

The following error occurred attempting to join the domain Blah.com:
Blah.com---a . in a NETBios domain name is VERY bad.  Rename it 
BLAH.



A device attached to the system is not functioning.

in my /var/log/messages I have:

Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0]
passdb/pdb_get_set.cdb_get_group_sid(210)
Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find 
Unix

account for OAKRND02$

repeated about 6 times.

My smb.conf looks like this for the scripts to run:

* add machine script = /usr/sbin/smbldap-useradd -w %u
add user script = /usr/sbin/smbldap-useradd -m -a %u
delete user script = /usr/sbin/smbldap-userdel -r %u
add group script = /usr/sbin/smbldap-groupadd -p %g
delete group script = /usr/sbin/smbldap-groupdel %g
add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
delete user from group script = /usr/sbin/smbldap-groupmod -x %u 
%g

set primary group script = /usr/sbin/smbldap-usermod -g %g %u

ldap passwd sync = yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = Changing password for*\nNew password* %n\n *Retype 
new

password* %n\n*

When I do an LDAP search, I see there is an entry in LDAP for it the
machine, so some of the add machine script must have worked:

ldapsearch -b dc=mydomain,dc=com -x (uid=oakrnd01$)

# OAKRND01$, Computers, mydomain, com
dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com
uid: OAKRND01$
sambaSID: S-1-5-21-3318375643-2463009161-75282-41448
sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-75282-515
sambaAcctFlags: [W ]
objectClass: sambaSamAccount
objectClass: account
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
sambaPwdCanChange: 1291378566
sambaPwdMustChange: 1299154566
sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313
sambaPwdLastSet: 1291378566

Also, I get results in pdbedit:

[r...@happiness ~]# pdbedit -v oakrnd01$
Unix username:OAKRND01$
NT username:  OAKRND01$
Account Flags:[W  ]
User SID: S-1-5-21-3318375643-2463009161-75282-41448
*pdb_get_group_sid: Failed to find Unix account for OAKRND01$*
*Primary Group SID:(NULL SID)*
Full Name:
Home Directory:
HomeDir Drive:
Logon Script: logon.exe
Profile Path:
Domain:   MYDOMAIN.COM
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  never
Kickoff time: never
Password last set:Fri, 03 Dec 2010 06:16:06 CST
Password can change:  Fri, 03 Dec 2010 06:16:06 CST
Password must change: Thu, 03 Mar 2011 06:16:06 CST
Last bad password   : 0
Bad password count  : 0
Logon hours : FF

Also:

/usr/sbin/smbldap-useradd -w OAKRND02
failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm 
line 616.


And then my slapd dies out (crashes)... this same behaviour happens 
when

trying to use USRMGR.exe to add a new user (but doing it manually via
smbldap DOES work for adding a new user).

What's most annoying is I tested joining a Windows 7 machine to the 
domain
before I went live with this server, and it was successful, so I've no 
clue

why this isn't working now

Any help I can get it REALLY APPRECIATED, right now I've got a PC I 
can't

get on the domain, so a user how can't work.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning - Whenadding a computer to the domain

[Chris Beach]

I apologize, I changed it for sake of keeping my actual domain name unknown,
but it is all capital, BLAH.COM in my system.

On Thu, Dec 30, 2010 at 2:24 PM, t...@tms3.com wrote:




 --- Original message ---
 *Subject:* [Samba] A device attached to the system is not functioning -
 Whenadding a computer to the domain
 *From:* Chris Beach chr...@pintys.com
 *To:* samba@lists.samba.org
 *Date:* Thursday, 30/12/2010 10:42 AM

 Hi all,

 I just setup a Samba 3.3.14, with an ldap back-end.

 I migrated the ldap back end and samba shares from my old samba server.
 I've
 found when adding a machine (WinXP) to the domain, I get the following
 error
 on XP:

 The following error occurred attempting to join the domain Blah.com:

 Blah.com---a . in a NETBios domain name is VERY bad.  Rename it BLAH.


 A device attached to the system is not functioning.

 in my /var/log/messages I have:

 Dec 30 09:40:24 hap smbd[29379]: [2010/12/30 09:40:24, 0]
 passdb/pdb_get_set.cdb_get_group_sid(210)
 Dec 30 09:40:24 hap smbd[29379]: pdb_get_group_sid: Failed to find Unix
 account for OAKRND02$

 repeated about 6 times.

 My smb.conf looks like this for the scripts to run:

 * add machine script = /usr/sbin/smbldap-useradd -w %u
 add user script = /usr/sbin/smbldap-useradd -m -a %u
 delete user script = /usr/sbin/smbldap-userdel -r %u
 add group script = /usr/sbin/smbldap-groupadd -p %g
 delete group script = /usr/sbin/smbldap-groupdel %g
 add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
 delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
 set primary group script = /usr/sbin/smbldap-usermod -g %g %u

 ldap passwd sync = yes
 passwd program = /usr/sbin/smbldap-passwd %u
 passwd chat = Changing password for*\nNew password* %n\n *Retype new
 password* %n\n*

 When I do an LDAP search, I see there is an entry in LDAP for it the
 machine, so some of the add machine script must have worked:

 ldapsearch -b dc=mydomain,dc=com -x (uid=oakrnd01$)

 # OAKRND01$, Computers, mydomain, com
 dn: uid=OAKRND01$,ou=Computers,dc=pintys,dc=com
 uid: OAKRND01$
 sambaSID: S-1-5-21-3318375643-2463009161-75282-41448
 sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-75282-515
 sambaAcctFlags: [W ]
 objectClass: sambaSamAccount
 objectClass: account
 objectClass: top
 objectClass: inetOrgPerson
 objectClass: posixAccount
 sambaPwdCanChange: 1291378566
 sambaPwdMustChange: 1299154566
 sambaNTPassword: EED67D5B90ED8B5C2C168FB90DC4D313
 sambaPwdLastSet: 1291378566

 Also, I get results in pdbedit:

 [r...@happiness ~]# pdbedit -v oakrnd01$
 Unix username: OAKRND01$
 NT username: OAKRND01$
 Account Flags: [W ]
 User SID: S-1-5-21-3318375643-2463009161-75282-41448
 *pdb_get_group_sid: Failed to find Unix account for OAKRND01$*
 *Primary Group SID: (NULL SID)*
 Full Name:
 Home Directory:
 HomeDir Drive:
 Logon Script: logon.exe
 Profile Path:
 Domain: MYDOMAIN.COM
 Account desc:
 Workstations:
 Munged dial:
 Logon time: 0
 Logoff time: never
 Kickoff time: never
 Password last set: Fri, 03 Dec 2010 06:16:06 CST
 Password can change: Fri, 03 Dec 2010 06:16:06 CST
 Password must change: Thu, 03 Mar 2011 06:16:06 CST
 Last bad password : 0
 Bad password count : 0
 Logon hours : FF

 Also:

 /usr/sbin/smbldap-useradd -w OAKRND02
 failed to add entry: Unexpected EOF at /usr/sbin//smbldap_tools.pm line
 616.

 And then my slapd dies out (crashes)... this same behaviour happens when
 trying to use USRMGR.exe to add a new user (but doing it manually via
 smbldap DOES work for adding a new user).

 What's most annoying is I tested joining a Windows 7 machine to the domain
 before I went live with this server, and it was successful, so I've no clue
 why this isn't working now

 Any help I can get it REALLY APPRECIATED, right now I've got a PC I can't
 get on the domain, so a user how can't work.
 --
 To unsubscribe from this list go to the following URL and read the
 instructions: https://lists.samba.org/mailman/options/samba





-- 
Chris Beach
IT Analyst
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] A device attached to the system is not functioning (smbd -V 3.5.x)

[Todd E Thomas]

I've tried everything I can think of to get your suggestion to work. I 
can only seem to get this done after the addition of the of the 
workstation to the domain with pdbedit. And, at that point I still get 
the error. I've created 2 additional test samba servers, 1 with tdb 
backend and another with ldap. Same thing.


Additionally, I was able to do some testing with an older Samba 3.0.33 
production box and the sambaAcctFlags: [W  ] are the same on 
that server without having to add workstation twice.


Is this a minor bug?




On 11/15/2010 01:17 AM, Daniel Müller wrote:

I had a similar problem:
Look at this sambaAcctFlags: [W  ]
I had one workstation with this sambaAcctFlags: [W  ]
All other workstations had [W].
I changed it to [W] and it did the trick.
Maybe you can solve this too.
Good Luck

---
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: muel...@tropenklinik.de
Internet: www.tropenklinik.de
---
-Ursprüngliche Nachricht-
Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im
Auftrag von Todd E Thomas
Gesendet: Montag, 15. November 2010 00:23
An: Samba List; Todd E Thomas
Betreff: [Samba] A device attached to the system is not functioning (smbd -V
3.5.x)

Howdy,

I'm having one last problem with my Samba PDC with an ldap backend. When I
add a machine to the domain I get the error, on my Win7 test client, that
says:

The following error occurred attempting to join the domain office:
A device attached to the system is not functioning.

Here are some particulars:
# smbd -V
Version 3.5.6 (configured sernet repo to install latest packages)

I'm using OpenLDAP v2.4.23

# cat /etc/redhat-release
CentOS release 5.5 (Final)

The Win7 client is a VM in VirtualBox. It does, in fact, have a device with
no driver (sound card).
---

After adding the client to the domain and entering UN/PW, these are logged
entries:

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.344804,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [admingear]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345033,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [apps]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345199,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [docs]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345352,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [homes]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345543,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [netlogon]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345689,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [printers]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.346143,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [print$]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.431008,  1]
param/loadparm.c:7605(lp_do_parameter)
Nov 14 16:37:26 hostname smbd[18542]:   WARNING: The printer admin
option is deprecated
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.498046,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [public]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.573629,  2]
printing/print_cups.c:550(cups_async_callback)
Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to
read a new printer list
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.649941,  2]
printing/print_cups.c:550(cups_async_callback)
Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to
read a new printer list
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.701745,  2]
lib/interface.c:340(add_interface)
Nov 14 16:37:26 hostname smbd[18542]:   added interface lo ip=127.0.0.1
bcast=127.255.255.255 netmask=255.0.0.0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.768676,  2]
lib/interface.c:340(add_interface)
Nov 14 16:37:26 hostname smbd[18542]:   added interface eth0 ip=10.0.0.4
bcast=10.0.0.255 netmask=255.255.255.0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.838027,  2]
lib/access.c:406(check_access)
Nov 14 16:37:26 hostname smbd[18542]:   Allowed connection from
10.0.0.203 (10.0.0.203)
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.912057,  2]
smbd/reply.c:554(reply_special)
Nov 14 16:37:26 hostname smbd[18542]:   netbios connect:
name1=ZERVER 0x20 name2=7TEST1 0x0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 

[Samba] A device attached to the system is not functioning (smbd -V 3.5.x)

[Todd E Thomas]

Howdy,

I'm having one last problem with my Samba PDC with an ldap backend. When 
I add a machine to the domain I get the error, on my Win7 test client, 
that says:


The following error occurred attempting to join the domain office:
A device attached to the system is not functioning.

Here are some particulars:
# smbd -V
Version 3.5.6 (configured sernet repo to install latest packages)

I'm using OpenLDAP v2.4.23

# cat /etc/redhat-release
CentOS release 5.5 (Final)

The Win7 client is a VM in VirtualBox. It does, in fact, have a device 
with no driver (sound card).

---

After adding the client to the domain and entering UN/PW, these are 
logged entries:


Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.344804,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [admingear]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345033,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [apps]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345199,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [docs]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345352,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [homes]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345543,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [netlogon]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345689,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [printers]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.346143,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [print$]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.431008,  1] 
param/loadparm.c:7605(lp_do_parameter)
Nov 14 16:37:26 hostname smbd[18542]:   WARNING: The printer admin 
option is deprecated
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.498046,  2] 
param/loadparm.c:7859(do_section)

Nov 14 16:37:26 hostname smbd[18542]:   Processing section [public]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.573629,  2] 
printing/print_cups.c:550(cups_async_callback)
Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to 
read a new printer list
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.649941,  2] 
printing/print_cups.c:550(cups_async_callback)
Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to 
read a new printer list
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.701745,  2] 
lib/interface.c:340(add_interface)
Nov 14 16:37:26 hostname smbd[18542]:   added interface lo ip=127.0.0.1 
bcast=127.255.255.255 netmask=255.0.0.0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.768676,  2] 
lib/interface.c:340(add_interface)
Nov 14 16:37:26 hostname smbd[18542]:   added interface eth0 ip=10.0.0.4 
bcast=10.0.0.255 netmask=255.255.255.0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.838027,  2] 
lib/access.c:406(check_access)
Nov 14 16:37:26 hostname smbd[18542]:   Allowed connection from 
10.0.0.203 (10.0.0.203)
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.912057,  2] 
smbd/reply.c:554(reply_special)
Nov 14 16:37:26 hostname smbd[18542]:   netbios connect: 
name1=ZERVER 0x20 name2=7TEST1 0x0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.978893,  2] 
smbd/reply.c:565(reply_special)
Nov 14 16:37:27 hostname smbd[18542]:   netbios connect: local=zerver 
remote=7test1, name type = 0
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.575662,  2] 
smbd/sesssetup.c:1391(setup_new_vc_session)
Nov 14 16:37:34 hostname smbd[18542]:   setup_new_vc_session: New VC == 
0, if NT4.x compatible we would close all old resources.
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.589383,  2] 
smbd/sesssetup.c:1391(setup_new_vc_session)
Nov 14 16:37:34 hostname smbd[18542]:   setup_new_vc_session: New VC == 
0, if NT4.x compatible we would close all old resources.
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.590067,  2] 
lib/smbldap.c:950(smbldap_open_connection)
Nov 14 16:37:34 hostname smbd[18542]:   smbldap_open_connection: 
connection opened
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.593216,  2] 
passdb/pdb_ldap.c:572(init_sam_from_ldap)
Nov 14 16:37:34 hostname smbd[18542]:   init_sam_from_ldap: Entry found 
for user: root
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.597839,  2] 
passdb/pdb_ldap.c:2446(init_group_from_ldap)
Nov 14 16:37:34 hostname smbd[18542]:   init_group_from_ldap: Entry 
found for group: 10002
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.604253,  2] 
auth/auth.c:304(check_ntlm_password)
Nov 14 16:37:34 hostname smbd[18542]:  

Re: [Samba] A device attached to the system is not functioning (smbd -V 3.5.x)

[Daniel Müller]

I had a similar problem:
Look at this sambaAcctFlags: [W  ]
I had one workstation with this sambaAcctFlags: [W  ]
All other workstations had [W].
I changed it to [W] and it did the trick.
Maybe you can solve this too.
Good Luck

---
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: muel...@tropenklinik.de
Internet: www.tropenklinik.de
---
-Ursprüngliche Nachricht-
Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im
Auftrag von Todd E Thomas
Gesendet: Montag, 15. November 2010 00:23
An: Samba List; Todd E Thomas
Betreff: [Samba] A device attached to the system is not functioning (smbd -V
3.5.x)

Howdy,

I'm having one last problem with my Samba PDC with an ldap backend. When I
add a machine to the domain I get the error, on my Win7 test client, that
says:

The following error occurred attempting to join the domain office:
A device attached to the system is not functioning.

Here are some particulars:
# smbd -V
Version 3.5.6 (configured sernet repo to install latest packages)

I'm using OpenLDAP v2.4.23

# cat /etc/redhat-release
CentOS release 5.5 (Final)

The Win7 client is a VM in VirtualBox. It does, in fact, have a device with
no driver (sound card).
---

After adding the client to the domain and entering UN/PW, these are logged
entries:

Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.344804,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [admingear]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345033,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [apps]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345199,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [docs]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345352,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [homes]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345543,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [netlogon]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.345689,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [printers]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.346143,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [print$]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.431008,  1]
param/loadparm.c:7605(lp_do_parameter)
Nov 14 16:37:26 hostname smbd[18542]:   WARNING: The printer admin 
option is deprecated
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.498046,  2]
param/loadparm.c:7859(do_section)
Nov 14 16:37:26 hostname smbd[18542]:   Processing section [public]
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.573629,  2]
printing/print_cups.c:550(cups_async_callback)
Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to 
read a new printer list
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.649941,  2]
printing/print_cups.c:550(cups_async_callback)
Nov 14 16:37:26 hostname smbd[18542]:   cups_async_callback: failed to 
read a new printer list
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.701745,  2]
lib/interface.c:340(add_interface)
Nov 14 16:37:26 hostname smbd[18542]:   added interface lo ip=127.0.0.1 
bcast=127.255.255.255 netmask=255.0.0.0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.768676,  2]
lib/interface.c:340(add_interface)
Nov 14 16:37:26 hostname smbd[18542]:   added interface eth0 ip=10.0.0.4 
bcast=10.0.0.255 netmask=255.255.255.0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.838027,  2]
lib/access.c:406(check_access)
Nov 14 16:37:26 hostname smbd[18542]:   Allowed connection from 
10.0.0.203 (10.0.0.203)
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.912057,  2]
smbd/reply.c:554(reply_special)
Nov 14 16:37:26 hostname smbd[18542]:   netbios connect: 
name1=ZERVER 0x20 name2=7TEST1 0x0
Nov 14 16:37:26 hostname smbd[18542]: [2010/11/14 16:37:26.978893,  2]
smbd/reply.c:565(reply_special)
Nov 14 16:37:27 hostname smbd[18542]:   netbios connect: local=zerver 
remote=7test1, name type = 0
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.575662,  2]
smbd/sesssetup.c:1391(setup_new_vc_session)
Nov 14 16:37:34 hostname smbd[18542]:   setup_new_vc_session: New VC == 
0, if NT4.x compatible we would close all old resources.
Nov 14 16:37:34 hostname smbd[18542]: [2010/11/14 16:37:34.589383,  2]
smbd/sesssetup.c:1391(setup_new_vc_session)
Nov 14 16:37:34 hostname smbd[18542]:   setup_new_vc_session: New VC == 
0, if 

Re: [Samba] A device attached to the system is not functioning.

[Adam Williams]

Gerald (Jerry) Carter wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


  

homeDirectory: /home/testuser
gecos: test user,IS,5766888,3738042
sambaSID: S-1-1-0


^^^

That's wrong.  S-1-1-0 is Everyone.  How did that SID get
assigned?
  


I was following along in the Samba3 by example book.  It doesn't talk 
about an .ldif file to use for users, so I was just guessing.  
smbldap-useradd -a -m %u doesn't work for me, just gives an error when I 
run it, so I was adding a user manually from an ldif, and objectClass: 
sambaSamAccount requires sambaSID, so I was just guessing on what to 
use.  I see that now it needs to be the sambaSID of the samba server and 
then add -UID x 2 + 1000 for it to work.  is there a way to automate the 
adding of the sambaSID to the user's ldap information?

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A device attached to the system is not functioning.

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Adam Williams wrote:
 Gerald (Jerry) Carter wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1


  
 homeDirectory: /home/testuser
 gecos: test user,IS,5766888,3738042
 sambaSID: S-1-1-0
 
 ^^^

 That's wrong.  S-1-1-0 is Everyone.  How did that SID get
 assigned?
   
 is there a way to automate the adding of the sambaSID to the 
 user's ldap information?

smbpasswd -a :-)





jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHOmHfIR7qMdg1EfYRAjhOAJwI/LNIPt8p6Z61R5sMQUEX4BBTPwCgxBaP
PUG4HjzjHzsDlJ1tdZCWysU=
=PNZL
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A device attached to the system is not functioning.

[Gerald (Jerry) Carter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Adam,

 Windows XP w/ SP2 is giving me that error message when I'm trying to log
 into my domain:
 
 A device attached to the system is not functioning.

This is always the result of returning NT_STATUS_UNSUCCESSUL
from smbd (which is wrong anyways).

 error log:
 
 [2007/11/09 10:21:01, 1]
 rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004)
  _net_sam_logon: user TEST\testuser has user sid S-1-1-0
   but group sid S-1-5-21-3536689092-529281149-710501220-513.
  The conflicting domain portions are not supported for NETLOGON calls
...
 # testuser, People, gomer.mdah.state.ms.us
 dn: uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
...
 homeDirectory: /home/testuser
 gecos: test user,IS,5766888,3738042
 sambaSID: S-1-1-0
^^^

That's wrong.  S-1-1-0 is Everyone.  How did that SID get
assigned?





cheers, jerry
=
Samba--- http://www.samba.org
Centeris ---  http://www.centeris.com
What man is a man who does not make the world better?  --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHNmFgIR7qMdg1EfYRArAnAKDbbLL3QVsNI4Kbo9nht4O4ENsEQQCg0sn5
PaaEjW9hF1rVLO7g0SVMxm0=
=X5aU
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] A device attached to the system is not functioning.

[Adam Williams]

Windows XP w/ SP2 is giving me that error message when I'm trying to log 
into my domain:


A device attached to the system is not functioning.

error log:

[2007/11/09 10:21:01, 1] 
rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004)

 _net_sam_logon: user TEST\testuser has user sid S-1-1-0
  but group sid S-1-5-21-3536689092-529281149-710501220-513.
 The conflicting domain portions are not supported for NETLOGON calls

[EMAIL PROTECTED] ~]# cat /etc/samba/smb.conf
[global]
 unix charset = LOCALE
  workgroup = TEST
 netbios name = GOMER
 server string = Samba Server %v on gomer
#  interfaces = eth0, lo
 interfaces = 10.8.3.37/24 127.0.0.1/8
 bind interfaces only = Yes
 hosts allow = 10.8.
 passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us
 enable privileges = Yes
 username map = /etc/samba/smbusers
 log level = 1
 syslog = 0
 log file = /var/log/samba/%m
 max log size = 50
 name resolve order = wins bcast hosts
 time server = Yes
 printcap name = CUPS
 show add printer wizard = no
 add user script = /usr/sbin/smbldap-useradd -a -m %u
 delete user script = /usr/sbin/smbldap-userdel %u
 add group script = /usr/sbin/smbldap-groupadd -p %g
 delete group script = /usr/sbin/smbldap-groupdel %g
 add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
 delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
 set primary group script = /usr/sbin/smbldap-groupmod -g %g %u
 add machine script = /usr/sbin/smbldap-useradd -w %u
 logon script = scripts\logon.bat
 logon path = \\%L\profiles\%U
 logon drive = X:
 domain logons = Yes
 preferred master = Yes
 wins support = Yes
 ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
 ldap machine suffix = ou=People
 ldap user suffix = ou=People
 ldap group suffix = ou=Groups
 ldap idmap suffix = ou=Idmap
 ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
 idmap backend = ldap:ldap://gomer.mdah.state.ms.us
  idmap uid = 1-2
  idmap gid = 1-2
 map acl inherit = Yes
 printing = cups
 printer admin = root, awilliam
 ldap passwd sync = yes
  winbind separator = +
# use uids from 1 to 2 for domain users
  idmap uid = 1-2
# use gids from 1 to 2 for domain groups
  idmap gid = 1-2
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes
# give winbind users a real shell (only needed if they have telnet access)
  template homedir = /home/winnt/%D/%U
  template shell = /bin/bash

winbind enum users = yes
winbind enum groups = yes

  winbind use default domain = no
[homes]
 comment = Home Directories
 valid users = %S
 read only = no
 browseable = No

[accounts]
 comment = Accounting Files
 path = /data/accounts
 read only = No

[netlogon]
 comment = network logon service
 path = /var/lib/samba/netlogon
 guest ok = Yes
 locking = No

[profiles]
 comment = Profile Share
 path = /var/lib/samba/profiles
 read only = No
 profile acls = Yes

[print$]
 comment = Printer Drivers
 path = /var/lib/samba/drivers
 browseable = yes
 guest ok = no
 read only = yes
 write list = root, awilliam

and the user exists in ldap:

ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b 
uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us -w x -x

# extended LDIF
#
# LDAPv3
# base uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us 
with scope subtree

# filter: (objectclass=*)
# requesting: ALL
#

# testuser, People, gomer.mdah.state.ms.us
dn: uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
uid: testuser
cn: test user
telephoneNumber: 5766888
roomNumber: IS
homePhone: 3738042
givenName: test
sn: user
mail: [EMAIL PROTECTED],dc=state,dc=ms,dc=us
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: sambaSamAccount
loginShell: /bin/bash
uidNumber: 501
gidNumber: 101
homeDirectory: /home/testuser
gecos: test user,IS,5766888,3738042
sambaSID: S-1-1-0
sambaLMPassword: xxx
sambaAcctFlags: [U]
sambaNTPassword: xxx
sambaPwdMustChange: 1194624706
shadowLastChange: 0
shadowMax: 9
shadowWarning: 7
sambaPasswordHistory: 



sambaPwdLastSet: 1194624832
userPassword:: xx

# search result
search: 2
result: 0 Success

any ideas?
# numResponses: 2
# numEntries: 1




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A device attached to the system is not functioning

[MaTT]

Hi, doesn't seems to be a samba related problem. did you check the 
logs?? anything there?? increase log level ?? check the XP event viewer

regards
MRB
www.lionix.com
Linux
Hiu Yen Onn wrote:
hi,
i have a samba-ldap pdc. from the windows xp client. i hardly logon to 
the network.
the windows popup a box stating A device attached to the system is not 
functioning.
.but however, i tested the account from windows 98. it worked perfectly.
can someone give me some pointers? thanks


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A device attached to the system is not functioning

[Hiu Yen Onn]

hi matt,
this is the log file that i retrieve from /var/log/samba/log.machinename
[2004/11/17 15:17:02, 0] lib/util_sock.c:get_peer_addr(952)
 getpeername failed. Error was Transport endpoint is not connected
[2004/11/17 15:17:02, 0] lib/util_sock.c:write_socket_data(388)
 write_socket_data: write failure. Error = Connection reset by peer
[2004/11/17 15:17:02, 0] lib/util_sock.c:write_socket(413)
 write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection 
reset by peer
[2004/11/17 15:17:02, 0] lib/util_sock.c:send_smb(605)
 Error writing 4 bytes to client. -1. (Connection reset by peer)

together i attached by smb.conf file. (actually i copied from a 
reference from internet)

# Global parameters
[global]
   workgroup = SHINYANG
   netbios name = SYPDC
   interfaces = 172.16.0.222
   username map = /etc/samba/smbusers
   server string = Samba Server %v
   security = domain
   encrypt passwords = yes
   min passwd length = 3
   #obey pam restriction = no
   ldap passwd sync = yes
   log level = 0
   syslog = 0
   log file = /var/log/samba/log.%m
   max log size = 10
   time server = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   mangling method = hash2
   Dos charset  = 850
   Unix charset = ISO8859-1
  
   logon script = STARTUP.BAT
   logon drive = H:
   logon home =
   logon path =

   domain logons = yes
   os level = 65
   preferred master  = yes
   domain master  = yes
   wins support = yes
   passdb backend = ldapsam:ldap://127.0.0.1/
   #ldap admin dn = cn=samba,ou=DSA,cn=root,dc=shinyang,dc=com,dc=my
   ldap admin dn = cn=root,dc=shinyang,dc=com,dc=my
   ldap suffix = cn=root,dc=shinyang,dc=com,dc=my
   ldap group suffix = ou=Groups
   ldap user suffix = ou=Users
   ldap machine suffix = ou=Computers
   ldap idmap suffix = ou=USers
   #ldap ssl = start tls
   add user script = /usr/local/sbin/smbldap-useradd -m %u
   ldap delete dn = yes
   add machine script = /usr/local/sbin/smbldap-useradd -w %u
   add group script = /usr/local/sbin/smbldap-groupadd -p %g
   add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g
   delete user from group script = /usr/local/sbin/smbldap-groupmod -x 
%u %g
   set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u

   # printers configuration
   printer admin = @Print Operators
   load printers = yes
   create mask = 0640
   directory mask = 0750
   nt acl support = no
   printing = cups
   printcap name = cups
   deadtime = 10
   guest account = nobody
   map to guest = Bad User
   dont descend = /proc/,/dev/,/etc/,/lib/,/lost+found,/initrd
   show add printer wizard = yes
   preserve case = yes
   short preserve case = yes
   case sensitive = no
[homes]
   comment = Home directory %U, %u
   read only = no
   create mask = 0664
   directory mask = 0775
   browseable = no
[netlogon]
   path = /home/samba/netlogon/
   browseable = no
   read only = yes
[doc]
   path = /usr/share/doc
   public = yes
   writable = no
   read only = no
   create mask = 0750
   guest ok = yes
[profiles]
   path = /home/samba/profiles
   read only = no
   create mask = 0600
   directory mask = 0700   
   browseable = no
   guest ok = yes
   profile acls = yes
   csc policy = disable
   force user = %U
   valid users = %U @Domain Admins

[printers]
   comment = Network Printers
   printer admin = @Print Operators
   guest ok = yes
   printable = yes
   path = /home/spool
   browseable = no
   read only = yes
   printable = yes
   print command = /usr/sbin/lpr -P%p -r %s
   lpq command = /usr/bin/lpq -P%p
   lprm command = /usr/bin/lprm -P%p %j
[print$]
   path = /home/samba/printers
   guest ok = no
   browseable = yes
   read only = yes
   valid users = @Print Operators
   write list = @Print Operators
   create mask = 0664
   directory mask = 0775
[public]
   comment = Public
   path = /home/public
   browseable = yes
   guest ok = yes
   read only = no
   directory mask = 0775
   create mask = 0664
  
At this moment, all i can get the information from the linux box is as 
much. later on, i will repost a better log information from windows xp 
professional client in a much detail manner. pls enlight me, bcz i am 
really a newbie to samba.

anyway, can a samba 3 susbtitute a windows NT PDC machines?
thanks
cheers,
yenonn
MaTT wrote:
Hi, doesn't seems to be a samba related problem. did you check the 
logs?? anything there?? increase log level ?? check the XP event viewer

regards
MRB
www.lionix.com
Linux
Hiu Yen Onn wrote:
hi,
i have a samba-ldap pdc. from the windows xp client. i hardly logon 
to the network.
the windows popup a box stating A device attached to the system is 
not functioning.
.but however, i tested the account from windows 98. it worked perfectly.
can someone give me some pointers? thanks




--
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A device attached to the system is not functioning

[Hiu Yen Onn]

hi,
i have this in my log file, after i have raise the log level.
--
[2004/11/18 09:59:32, 0] lib/util_sock.c:get_peer_addr(952)
 getpeername failed. Error was Transport endpoint is not connected
[2004/11/18 09:59:32, 0] lib/util_sock.c:write_socket_data(388)
 write_socket_data: write failure. Error = Connection reset by peer
[2004/11/18 09:59:32, 0] lib/util_sock.c:write_socket(413)
 write_socket: Error writing 4 bytes to socket 17: ERRNO = Connection 
reset by peer
[2004/11/18 09:59:32, 0] lib/util_sock.c:send_smb(605)
 Error writing 4 bytes to client. -1. (Connection reset by peer)
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 2] smbd/server.c:exit_server(558)
 Closing connections
[2004/11/18 09:59:32, 3] smbd/connection.c:yield_connection(69)
 Yielding connection to
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] auth/auth.c:check_ntlm_password(219)
 check_ntlm_password:  Checking password for unmapped user 
[EMAIL PROTECTED] with the new password interface
[2004/11/18 09:59:32, 3] auth/auth.c:check_ntlm_password(222)
 check_ntlm_password:  mapped user is: [EMAIL PROTECTED]
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/server.c:exit_server(601)
 Server exit (process_smb: send_smb failed.)
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/uid.c:push_conn_ctx(287)
 push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(235)
 fetch sid from gid cache 99 - 
S-1-5-21-3447136413-2320333403-873454024-1199
[2004/11/18 09:59:32, 3] auth/auth.c:check_ntlm_password(268)
 check_ntlm_password: guest authentication for user [] succeeded
[2004/11/18 09:59:32, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
 NTLMSSP Sign/Seal - Initialising with flags:
[2004/11/18 09:59:32, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
 Got NTLMSSP neg_flags=0x60088215
[2004/11/18 09:59:32, 3] smbd/password.c:register_vuid(221)
 User name: nobodyReal name: nobody
[2004/11/18 09:59:32, 3] smbd/password.c:register_vuid(240)
 UNIX uid 99 is UNIX user nobody, and will be vuid 100
[2004/11/18 09:59:32, 3] smbd/process.c:process_smb(890)
 Transaction 3 of length 80
[2004/11/18 09:59:32, 3] smbd/process.c:switch_message(685)
 switch message SMBtconX (pid 8110)
[2004/11/18 09:59:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/11/18 09:59:32, 3] smbd/service.c:make_connection_snum(543)
 Connect path is '/tmp' for service [IPC$]
[2004/11/18 09:59:32, 3] lib/util_seaccess.c:se_access_check(251)
[2004/11/18 09:59:32, 3] lib/util_seaccess.c:se_access_check(252)
 se_access_check: user sid is S-1-5-21-3447136413-2320333403-873454024-501
 se_access_check: also S-1-5-21-3447136413-2320333403-873454024-514
 se_access_check: also S-1-1-0
 se_access_check: also S-1-5-2
 se_access_check: also S-1-5-32-546
 se_access_check: also S-1-5-21-3447136413-2320333403-873454024-1199
[2004/11/18 09:59:32, 3] smbd/vfs.c:vfs_init_default(203)
 Initialising default vfs hooks
[2004/11/18 09:59:32, 3] lib/util_seaccess.c:se_access_check(251)
[2004/11/18 09:59:32, 3] lib/util_seaccess.c:se_access_check(252)
 se_access_check: user sid is S-1-5-21-3447136413-2320333403-873454024-501
 se_access_check: also S-1-5-21-3447136413-2320333403-873454024-514
 se_access_check: also S-1-1-0
 se_access_check: also S-1-5-2
 se_access_check: also S-1-5-32-546
 se_access_check: also 

[Samba] A device attached to the system is not functioning

[Hiu Yen Onn]

hi,
i have a samba-ldap pdc. from the windows xp client. i hardly logon to 
the network.
the windows popup a box stating A device attached to the system is not 
functioning.
.but however, i tested the account from windows 98. it worked perfectly.
can someone give me some pointers? thanks

--
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] A device attached to the system is not functioning

[Frode Lillerud]

Hello, 
 
Samba 3.0.2a, Debian linux, 2.6.x kernel, PDC server, WinXP clients.
 
When I try to log in on a XP client I get this message:
A device attached to the system is not functioning
 
I have tried google'ing for the error, but to no avail.
 
I have earlier created a user (anna), which can successfully log in from
my laptop. When I try to log in with anna on my workstation, I get the
error above.
 
If I type the wrong password, I get the normal password-error message,
so it seems like it's able to recognize the user and password.
If I log in with my local adminstrator, and open the share \\server
file:///\\server , I get a box for username and password. Typing anna,
and her password here gives me access to the samba shares, so also here
it looks like the user is functioning properly.
 
The log-file says something about schannel. I've tried having default
schannel settings, and also the ones I have in the smb.conf below, but
no change.
The log-file also talks about conflicting domain portions, but I'm not
sure what that means.
 
The samba_workstation.log file (debug level 1) says:
[2004/04/14 15:42:32, 0]
rpc_server/srv_pipe.c:api_pipe_netsec_process(1371)
  failed to decode PDU
[2004/04/14 15:42:32, 0]
rpc_server/srv_pipe_hnd.c:process_request_pdu(605)
  process_request_pdu: failed to do schannel processing.
[2004/04/14 15:42:33, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(705)
  _net_sam_logon: user ISENGARD\anna has user sid
S-1-5-21-2641962930-4089608471-2571597100-3032
   but group sid S-1-5-21-481718812-4177942570-2152560252-513.
  The conflicting domain portions are not supported for NETLOGON calls
[2004/04/14 15:42:45, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(705)
  _net_sam_logon: user ISENGARD\anna has user sid
S-1-5-21-2641962930-4089608471-2571597100-3032
   but group sid S-1-5-21-481718812-4177942570-2152560252-513.
  The conflicting domain portions are not supported for NETLOGON calls
 
My smb.conf looks like this:
[global]
# Server settings
netbios name = server
workgroup = ISENGARD
server string = Testing PDC
security = user
encrypt passwords = yes
 
# PDC settings
domain logons = yes
logon script = newlog.bat
server schannel = yes
server signing = no
 
# Browser and WINS settings
domain master = yes
local master = yes
preferred master = yes
os level = 255
wins support = yes
 
# Other services
time server = yes
 
# Debugging and Logging
log level = 1
log file = /tmp/samba_%m.log
max log size = 1000 #1MB
debug timestamp = yes
syslog = 1
 
[netlogon]
path = /var/lib/samba/netlogon
browseable = yes
writable = no
 
[homes]
comment = Home for %u
writeable = yes
browseable = no
 
An extract from the /etc/samba/smbpasswd, where Frodo is the NETBIOS
name of the workstation.
 
Frodo$:1013:B5A740276D3ECCA304D5DCD03D39A27A:A719EC89B9D1ADDBA2899135EF3
AB859:[W  ]:LCT-4064A7C0:
anna:1016:17355B639265D301AAD3B435B51404EE:80261BBFF0568C419F3B657EA8BBA
5C1:[U  ]:LCT-4062F759:
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A device attached to the system is not functioning

[Andrew Bartlett]

On Wed, Apr 14, 2004 at 04:01:56PM +0200, Frode Lillerud wrote:
 Hello, 
  
 Samba 3.0.2a, Debian linux, 2.6.x kernel, PDC server, WinXP clients.
  
 When I try to log in on a XP client I get this message:
 A device attached to the system is not functioning

 [2004/04/14 15:42:33, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(705)
   _net_sam_logon: user ISENGARD\anna has user sid
 S-1-5-21-2641962930-4089608471-2571597100-3032
but group sid S-1-5-21-481718812-4177942570-2152560252-513.
   The conflicting domain portions are not supported for NETLOGON calls
 [2004/04/14 15:42:45, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(705)
   _net_sam_logon: user ISENGARD\anna has user sid
 S-1-5-21-2641962930-4089608471-2571597100-3032
but group sid S-1-5-21-481718812-4177942570-2152560252-513.
   The conflicting domain portions are not supported for NETLOGON calls

Remove your 'group_mapping.tdb' and re-add any mappings that were
intentional.

Andrew Bartlett
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] A device attached to the system is not functioning

[trogl]

(sorry if this is a duplicate,  I sent this out on a different email address and it 
appears to have disappeared of the face of the earth, or I'm blind and/or stupid)

I'm attempting to do a network neighbourhood browse of a server called bart.

I get a windows box that says 

\\Bart is not available

A device attached to the system is not functioning.

log.smbd reports

open_sockets_smbd: accept:  Software caused connection abort

log.192.168.1.103 reports (fake IP)

lib/util_sock.c:get_peer_addr(940)
getpeername failed.  Error was Transport endpoint is not connected



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] A device attached to the system is not functioning.

[Bruce Shaw]

I'm attempting to access a Solaris server (bart) which was previously a
member of an NT resource domain running SAMBA 2.2.1a after it has been
upgraded to SAMBA 3.0.1pre3.  When I attempt to browse it with a Windows
2000 workstation, I get a box saying:

\\bart is not accessible.

A device attached to the system is not functioning.

if a do smbclient -U (my account) -L bart

it returns

session setup failed:  NT_STATUS_UNSUCCESSFUL.

smbd.log reports

open_sockets_smbd: accept:  Software caused connection abort.

I get a logfile for my IP address that reports

lib/util_sock.c:get_peer_addr(940)
getppername failed.  Error was Transport endpoint is not connected

What's wrong?

This communication is intended for the use of the recipient to which it is
addressed, and may contain confidential, personal and or privileged
information. Please contact us immediately if you are not the intended
recipient of this communication, and do not copy, distribute, or take action
relying on it. Any communication received in error, or subsequent reply,
should be deleted or destroyed.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba