LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 05-08-2003, 11:18 PM   #1
Vishi
LQ Newbie
 
Registered: May 2003
Location: Hong Kong
Distribution: Redhat/Fedora, Suse, Debian, openBSD
Posts: 4

Rep: Reputation: 0
Unhappy Samba - Joining Domain on Windows 2000/XP


Hello, I cant seem to get my Windows 2000/XP client machine to join the domain. Come with this Following error after I enter the DOMAIN administrator user name and password "The specified domain does not exist or could not be contacted"

Here is the contents of my smb.conf file. Any help would be greatly appreciated.

#======================= Global Settings =====================================
[global]
workgroup = DOMAIN_STUDENT
server string = Island School Server
hosts allow = 192.168.1. 192.168.2. 192.168.3. 192.168.4. 192.168.5. 127
log file = /var/log/samba/%m.log
max log size = 0
security = user
password server = DOMAIN_STUDENT
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain master = no
domain logons = yes
add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u
delete user script = /usr/sbin/deluser %U
domain admin group = admin
logon script = logon.bat
wins server = 192.168.1.5
dns proxy = no

#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775


Thank you very much for any help

Vishi
 
Old 05-09-2003, 05:33 AM   #2
ckone
Member
 
Registered: Mar 2003
Location: el paso
Distribution: Redhat, Suse, and freebsd
Posts: 90

Rep: Reputation: 15
hello,


The answer I'm getting from the book "Samba unleashed" is as follows.


With the parameters local master, preferred master, domain master set to yes and os level set to 32, Samba is guaranteed that it will win all browser elections to become a domain master browser over all windows clients except Windows 2000 domain controllers.


Examples,

Workgroup = MyDomain
encrypt password = yes
annouce version =4.0
domain logons = yes
preferred master = yes
local master =yes domain = yes
os level = 32

Adding the Windows 2000 Client to a Samba Domain

Having correctly configured your Samba server for domain control and to become both a domain member and the PDC for the domain, you now need to add a machine account for your windows 2000 client to join the domain. This time, however, you only need to add the machine account using the UNIX useraddd command, and a Windows 2000 client is able to add its own workstation trust account and produce a random-based password.

Example:
% useradd -c 'Windows 2000 workstation' -M -s /.bin/false -n W2KWKS -3$

Know for troubleshooting in Windows 2000 client use some of the following commands.

net view displays info on Netbios connections.

Example:
c:\>net view

net use use this command to connect or disconnect from the Samba server

Example: Connecting
c:\>net use p: \\SambaServername\sharedfolder /persistent:yes /yes

Example: Disconnecting
c:\>net use p: /delete

nbtstat used display the Netbios name resolution

Exampe:
c:\>nbtstat -r

for more help just type a question mark after each command

Example
net view?

Now I'm the book goes into the hole setup but I cut out the parts I figured you needed for the windows client.

I am not sure which one you are more experienced in using. I myself am a windows administrator first and linux Redhat 8.0 is running a very close second know.....

What I'm trying to point out is I've learned on DOS 6.0 and Windows machines. Not on Unix machine so we may have different points of view about how the computer works or is setup to run.....

Know I have Samba setup at home with 5 computers but I use Linieghborhood to handle the mount and unmount of directory's or folders. I'm not truely running a Windows Server in order to take full advantage of connecting the Samba Server to the Windows Server....

I'm running a workgroup or small lan.....

Hopefully that helped.....

Remember this book was produced around a year ago with
Samba 2.1.0 version. I know that Samba is at 2.7 so there might be some differences.....

bye good luck....


Last edited by ckone; 05-09-2003 at 06:23 AM.
 
Old 05-09-2003, 09:16 AM   #3
0bi-Wan
LQ Newbie
 
Registered: May 2003
Posts: 4

Rep: Reputation: 0
if you need to control your domain with your linux SAMBA PDC, the following smb.conf is worn and treaded by windoz clients of all types and breeds 98,2K,XP.

# Date: 2001/05/04 08:42:11
###########################
# Global parameters
[global]
workgroup = Dagobah
netbios name = Magpie
server string = Send NO MO Money to Bill!
encrypt passwords = Yes
null passwords = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *password* %n\n *password* %n\n *successful*
password level = 8
username level = 8
unix password sync = Yes
debug level = 3
log file = /var/log/samba/log.%m
domain admin group = @elec
printer admin = @users
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
local master = Yes
security = user
add user script = /usr/sbin/useradd -d /dev/null -g winNT -c 'Machine Account' -s /bin/false -M %u
writeable = Yes
hosts allow = 192.168.20.
short preserve case = No
locking = No
logon script = logon.bat
hosts allow = 192.168.20.0/255.255.255.0

[netlogon]
comment = NETLOGON service
path = /home/netlogon
writeable = No

[homes]
comment = Home directories for Dagobah Domain Users
path = %H/pub
create mask = 0600
directory mask = 0700
browseable = No

;[admin]
; comment = office administration area
; path = /usr1/admin/
; valid users = @adm
; guest ok = Yes

[public]
comment = public directory free for all
path = /usr1/public
guest ok = Yes
create mode = 0664

[DomainAdmins]
comment = domain resources
path = /usr1/public/AdminStuff
valid users = @elec
writeable = No

[hplaser81]
comment = HPLaser 8K in the IT Staff Lounge
path = /tmp
printable = Yes
printer = lp

[hplaser5]
comment = HpLaser 5 in Admin Area
path = /tmp
printable = Yes
printer = lp0

[hplaser4]
comment = HpLaser 4 at SOO WorkStation
path = /tmp
printable = Yes
printer = lp1

[hpcolor1]
comment = HpColorLaser 4500 in Operations Area
path = /tmp
printable = Yes
printer = lp2

[hplaser8]
comment = HPLaser 8K in Operations Area
path = /tmp
printable = Yes
printer = lp3

[neclaser]
comment = NecLaser in the IT Lounge
path = /tmp
printable = Yes
printer = lp4

[hpcolor]
comment = HpColorJet 1600CM in Operations Area
path = /tmp
printable = Yes
printer = lp5
################ end #

there are a few things you must know to make the winNT, win2K & XP clients dance in your domain.


NT Machines.
__________________
Every NT that will participate in the domain must have its own passwd entry in both /etc/passwd and /etc/samba/smbpasswd . The /etc/passwd entry is really only to reserve a user ID, the other one stores the NT encrypted password. (Note that win95/98 machines don't need an account as they don't do any security aware things.) Add the machine account like this:

(root)# adduser -g winNT -c NTWkStations -d /dev/null -s /bin/false -n flamingo$
(root)# smbpasswd -a -m flamingo$


Windoz 2K & XP clients.
-------------------------------------------
With the addition of Win2K and XP Clients you need to add user 'root' to the game, the smbpasswd file that is. This is required, these clients will generate their machine account on the fly. The user 'root' is added just like the normal users, smbpasswd -a root. You will be prompted for a password which can and should be different from your unix password for 'root' on the PDC, security concern. As of Samba-2.2.2 Windows XP is supported as a domain member after applying this change to the registry on Windows XP boxes.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"requiresignorseal"=dword:00000000

____________________________________

ensure there are no old machine accounts for the client in the /etc/passwd & smbpasswd before attempting to creat new or rejoin the domain.
 
Old 05-12-2003, 02:13 AM   #4
Vishi
LQ Newbie
 
Registered: May 2003
Location: Hong Kong
Distribution: Redhat/Fedora, Suse, Debian, openBSD
Posts: 4

Original Poster
Rep: Reputation: 0
Talking Good Stuff it works

Thank you very much ckone and Obi-Wan, your help was very grateful.

Vishi
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows XP joining Samba 3 domain looks for LDAP in DNS dlublink Linux - Networking 3 08-10-2005 06:52 PM
Windows 2000 Workstations on a Samba Domain MurrayL Linux - Networking 1 11-18-2004 05:59 AM
Joining Samba 3.0 Linux machine to a Windows AD Domain markham82 Linux - Networking 1 10-08-2004 03:21 AM
Samba 3.0 in Windows 2000 Domain ccarpinteri Linux - Networking 3 03-12-2004 12:07 AM
Joining a Windows 2000 domain w/ Samba linux_pioneer Linux - Networking 4 11-24-2003 02:31 PM


All times are GMT -5. The time now is 10:41 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration