LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 07-14-2004, 10:22 PM   #1
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Rep: Reputation: 30
Can't join my Samba Domain


Below is my smb.conf file.

Code:
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/07/15 14:27:06

# Global parameters
[global] 
	workgroup = COLLIN_DOMAIN
	netbios name = COLLIN_PDC
	log file = /var/log/samba/samba-log.%U
	logon drive = F:
	domain logons = Yes
	os level = 65
	preferred master = Yes
	domain master = Yes
	local master = yes 
	encrypt passwords = yes 
	admin users = root
	add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u

[homes]
	read only = No
	browseable = No

[Opt]
	comment = this is a comment
	path = /opt
	write list = @bubbledream
	read only = No
	guest only = Yes

[everyone]
	path = /usr/src
	guest ok = Yes

[profiles]
	comment = Roaming profiles directory
	path = /home/%U/samba/profiles
	read only = No
	create mask = 0600
	directory mask = 0700
	
[netlogon]
   	comment = Network Logon Service
	path = /home/samba/netlogon
	guest ok = yes
	writable = no
Logon on to WinXP as "subaruwrx" without password. change from workgroup to domain, login as my linux root account, it say user name could not be found.

- Already did "smbpasswd -a root". But when "useradd root", it say user already exit.
- Already did "smbpasswd -a subaruwrx" and "useradd subaruwrx"
- Also tried the registry hack from this url.

Last edited by subaruwrx; 07-15-2004 at 03:36 AM.
 
Old 07-15-2004, 03:28 AM   #2
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Just added the machinename from this [url=http://www-jerry.oit.duke.edu/linux/docs/samba/samba_pdc_setup_create_machine_accounts_howto]url]/url]

The specified user does not exist.
 
Old 07-15-2004, 04:28 AM   #3
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Successfully joined the domain after some user and group issue in linux.

Anyway, got a few questions to ask.

Currently, I only have global section in smb.conf and the roaming profile works.

Code:
[global] 
	workgroup = COLLIN_DOMAIN
	netbios name = COLLIN_PDC
	log level = 2 
	log file = /var/log/samba/samba-log.%U
	domain logons = Yes
	os level = 65
	preferred master = Yes
	domain master = Yes
	local master = yes 
	encrypt passwords = yes 
	add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
	logon path = \\%L\profile\%U
	logon home = \\%L\%U
	logon drive = F:
	logon script = logon.bat
But I see from webby that there are 2 more sections to add.
1) May I know whats their roles?

Code:
;[profiles]
;	path = /home/%U/profile
;	read only = No
;	create mask = 0600
;	directory mask = 0700
;	
;[netlogon]
;	path = /home/samba/netlogon
;	read only = yes
2) Where is the roaming profile stored at? I can't find it.

Last edited by subaruwrx; 07-15-2004 at 04:38 AM.
 
Old 07-15-2004, 09:18 PM   #4
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
bump
 
Old 07-15-2004, 11:34 PM   #5
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
It seems the my roaming profile doesn't works all the while. Its using local profile.

Anyway, I got this error in my samba log.

get_domain_user_groups: primary gid of user [subaruwrx] is not a Domain group !
get_domain_user_groups: You should fix it, NT doesn't like that

Also, when I tried logging in with a new user. It say server cannot locate the roaming profile. Error was something to do with the machine name. Below is my logon path

logon path = \\%L\home\%U\Profile

P.S Please ignore all my previous post. I had them figured out.
 
Old 07-16-2004, 02:31 AM   #6
andrewdodsworth
Member
 
Registered: Oct 2003
Location: United Kingdom
Distribution: SuSE 10.0 - 11.4
Posts: 347

Rep: Reputation: 30
I think it could be due to how you joined your XP machine to the domain - you haven't told us what version of Samba you're using but for Samba 2.2.x you need a line in smb.conf like:

add user script = /usr/sbin/useradd -c Machine -d /dev/null -s /bin/false %m$

for Samba 3.x I think there's a parameter called add machine script (but I'm not sure so check!). This then sets the machine account up automatically if it doesn't exist and is what the Samba docs recommend.

What you could do is to remove the XP machine from the domain and then rejoin using the XP join a domain stuff. It will ask for a user name and password which will have to be your Samba user name and password and also it will ask for an administrator name and password to enable you to join your machine to the domain. This has to be theSamba user root - so you have to use 'smbpasswd -a -e root' on the linux box but choose a password totally different from your linux root password for security reasons!

If successful your XP box will say it's joined the domain and you're good to go.

I'm afraid I can't tell you exactly how in XP to join the domain because my XP machines are XP Home which don't have the domain stuff but I've don this with W2K Pro on my network using Samba 2.2.8a as PDC.

Good luck.
 
Old 07-16-2004, 03:14 AM   #7
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Quote:
Originally posted by andrewdodsworth
I think it could be due to how you joined your XP machine to the domain - you haven't told us what version of Samba you're using but for Samba 2.2.x you need a line in smb.conf like:

add user script = /usr/sbin/useradd -c Machine -d /dev/null -s /bin/false %m$

for Samba 3.x I think there's a parameter called add machine script (but I'm not sure so check!). This then sets the machine account up automatically if it doesn't exist and is what the Samba docs recommend.

What you could do is to remove the XP machine from the domain and then rejoin using the XP join a domain stuff. It will ask for a user name and password which will have to be your Samba user name and password and also it will ask for an administrator name and password to enable you to join your machine to the domain. This has to be theSamba user root - so you have to use 'smbpasswd -a -e root' on the linux box but choose a password totally different from your linux root password for security reasons!

If successful your XP box will say it's joined the domain and you're good to go.

I'm afraid I can't tell you exactly how in XP to join the domain because my XP machines are XP Home which don't have the domain stuff but I've don this with W2K Pro on my network using Samba 2.2.8a as PDC.

Good luck.
I'm using Samba Version 3.0.3-5.

When I log on, it say cannot find my roaming profile. Error was "Network path not found"



Thought of redoing all over again including adding of the users, groups.

I heard that you need to add the machine name of the client os, with a & at the back of the machine name.

So do I use your add user script to do that or the below add machine script?

Code:
add machine script = /usr/sbin/useradd -g domainmac -c

Last edited by subaruwrx; 07-16-2004 at 03:45 AM.
 
Old 07-16-2004, 02:20 PM   #8
andrewdodsworth
Member
 
Registered: Oct 2003
Location: United Kingdom
Distribution: SuSE 10.0 - 11.4
Posts: 347

Rep: Reputation: 30
Have a look at this document - it's a walk through setting up whatever you want on Samba 3 but it's got such a lot of good stuff in it that it's an invaluable reference. The Appendix has lots of tips and tricks - including dos and don'ts on joining XP to a domain.
http://samba.org/samba/docs/man/Samba-Guide/
 
Old 07-19-2004, 04:23 PM   #9
tbeehler
Member
 
Registered: Aug 2003
Location: Washington State, USA
Distribution: Mainly RH 9.0
Posts: 226

Rep: Reputation: 30
I had the exact same problem, (specified user does not exist) and here's what I did to fix it. I found that my machine name "test2k" without the quotes, was already set up as a samba user (I was fiddling with it for quite a while) Once I removed it, and tried to re-add my machine to the domain, it worked fine. Just make sure you have the add script line be something like "add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u" without the quotes. I mistakenly made it "add user script" instead of machine, and that was another problem I ran into. Hope that helps you out!! If you have ANY problems or questions, feel free to post and let me know! Linux is worth it, it just takes some time getting it all set up the way you want.

Travis Beehler
 
Old 07-19-2004, 11:26 PM   #10
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Quote:
Originally posted by tbeehler
I had the exact same problem, (specified user does not exist) and here's what I did to fix it. I found that my machine name "test2k" without the quotes, was already set up as a samba user (I was fiddling with it for quite a while) Once I removed it, and tried to re-add my machine to the domain, it worked fine. Just make sure you have the add script line be something like "add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u" without the quotes. I mistakenly made it "add user script" instead of machine, and that was another problem I ran into. Hope that helps you out!! If you have ANY problems or questions, feel free to post and let me know! Linux is worth it, it just takes some time getting it all set up the way you want.

Travis Beehler
If I were to put the add machine script into my smb.conf, how does it work automatically? Whenever it detect a new machine, it will auto add it?

And now I want to manually add the machine, I use this command? -> adduser -n -g machines -c Machine -d /dev/null -s /bin/false "machinename"

Thanks for the help dude
 
Old 07-19-2004, 11:36 PM   #11
tbeehler
Member
 
Registered: Aug 2003
Location: Washington State, USA
Distribution: Mainly RH 9.0
Posts: 226

Rep: Reputation: 30
Not a problem. When you put that line in your smb.conf file, it will automatically add the machine name to the database if it can't find it when you go to add it to the domain. It won't add a machine to it if the machine is merely on the network. It's VERY handy. Trust me on this one (I have about 40 users and climbing.) I noticed a lot of people use this command, but do it as the add user script instead of machine. I don't think that's correct. At least according to the docs. And yes, I believe that you can manually type out that command and it will put the machine name in if you want to go that route. You will still have to manually add the person through the smbpasswd command, but having that line in the smb.conf file will save you a step. On a side note, I have webmin installed on that machine and you can configure it so that when you add a normal user, it will automatically create them with the smbpasswd command for you. You can make linux do all sorts of neat things for you automatically if you get it config'd right (depending on how high end you want to go. ) I had a samba pdc set up a while back and just recently got back into it as I want to remove windows 2000 server from my server farm. This is my last machine that I can convert. I have 3 others that HAVE to be windows. Oh well, 13 out of 16 server's isn't bad. The nice thing is I can count my linux machine uptimes in terms of months instead of days or hours. (I had to shut them down when I got a new rack, so that doesn't count. ) Anyways, if you have ANY problems or questions, feel free to give us a buzz!

Travis Beehler
 
Old 07-19-2004, 11:54 PM   #12
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Thats pretty cool.

Can I shoot a few more questions?

1) useradd client account, smbpasswd -a account
a - What group do we add them to? Does it matters?
2) Adding of machine account
a - Do I need to add it to the samba? (Using smbpasswd)
b - Again, does it matter if what group i assign it to? Or both client and machine account must be in same group?
3) Do we need to create the directory/folder manually and assign the permission for profiles and netlogon folders?
4) Whats the difference between create mode and create mask?

Thanx!!
 
Old 07-20-2004, 12:18 AM   #13
tbeehler
Member
 
Registered: Aug 2003
Location: Washington State, USA
Distribution: Mainly RH 9.0
Posts: 226

Rep: Reputation: 30
Absolutely my friend.

1: You can add them to any group you'd like or create your own groups.

2: A. If you have that useradd line in the previous posts, you won't have to add it through smbpasswd. I think that it won't let you join the domain if you don't have that line in there OR if you haven't added it manually prior to trying to join the domain. B. The client and machine accounts can be in different groups. (Mine are. )

3: You'll have to create the folder and share of netlogon for logon scripts to run at logon. If you have set up groups, it's much easier to assign permissions to this folder/share. The profiles option: I think you have to create a share that's accessable and writable to your users so that this may be automatically created with the one \\%N\%p or something like that. I don't remember the syntax of it off the top of my head.

4: I don't know the answer to that one, but I'll check my samba book when I get to work in the morning. I believe that the create mode is when you create a new file or folder, it will give it certain permissions that you specify. But that's a stab in the dark and I'll have to check that in the morning. Don't quote me on it.

Anyways, I'm off to bed. I'll check on you in about 9 hours or so and see how things are coming along. Have a good night!

Travis Beehler
 
Old 07-20-2004, 03:45 AM   #14
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
hmm........ I tried re-adding the users and machines but I can't join the domain w/o first adding the machine. I thought the add machine script supposed to add new machine automatically?

Anyway, I still can't get my roaming profile to work. It still doesn't appear in the Samba Server.

smb.conf as below.

Quote:
# Global parameters
[global]
workgroup = COLLIN_DOMAIN
netbios name = COLLIN_PDC
server string = %h server (Samba %v)
encrypt passwords = yes
security = user
add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u

;Log
log level = 3
log file = /var/log/samba/samba-log.%U

; Domain Management
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
local master = yes

; WinXP and WinNT Profiles
logon path = \\%L\profiles\%u

logon drive = H:
logon script = Start.bat

;Printer
printcap name = cups
disable spoolss = Yes
show add printer wizard = No
printing = cups

[homes]
read only = No
browseable = No
create mask = 0777
directory mask = 0777

[profiles]
path = /home/samba/profiles
read only = no
create mask = 0600
directory mask = 0700

[netlogon]
path = /home/samba/netlogon
read only = yes

[Everyone]
path = /opt
read only = no
writable = yes
browseable = yes

[printers]
comment = All Printers
path = /var/spool/samba
guest ok = Yes
printable = Yes
use client driver = Yes
browseable = No
Even chmod 777 /home/samba

Last edited by subaruwrx; 07-20-2004 at 03:55 AM.
 
Old 07-20-2004, 10:11 AM   #15
andrewdodsworth
Member
 
Registered: Oct 2003
Location: United Kingdom
Distribution: SuSE 10.0 - 11.4
Posts: 347

Rep: Reputation: 30
Quote:
Originally posted by subaruwrx
hmm........ I tried re-adding the users and machines but I can't join the domain w/o first adding the machine. I thought the add machine script supposed to add new machine automatically?

Anyway, I still can't get my roaming profile to work. It still doesn't appear in the Samba Server.

smb.conf as below.



Even chmod 777 /home/samba
When joining the domain on the Windows machine - when asked for the name of the administrator user that had permissions to join the domain, what user name did you use?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba - Cannot join domain m4rk Linux - Software 6 06-27-2007 08:40 AM
samba 3 problem - samba PDC can not join to the domain ananthak Linux - Networking 1 05-21-2006 10:39 AM
Cannot join Samba domain. codedv Linux - Networking 0 10-12-2004 05:33 PM
join samba domain! egyptian Linux - Networking 1 07-29-2004 10:18 AM
Join Domain in SAMBA Server radixiz Linux - Software 3 11-28-2003 02:09 PM


All times are GMT -5. The time now is 03:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration