LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Samba PDC: unable to logon to XP client (https://www.linuxquestions.org/questions/linux-networking-3/samba-pdc-unable-to-logon-to-xp-client-592444/)

Astol 10-17-2007 03:35 AM
Samba PDC: unable to logon to XP client
 
hey all,

i know this is a often repeated thread, but i have read thru baout 15 threads and no luck.

Server OS: RHEL5
Client OS: XP Pro

running samba as a PDC (with BDC). users and machines added to samba and local machine. no firewalls.

ERROR message: Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later
(I.E, ask LQ!)

smb.conf:
Code:
#
#                           
#
#======================= Global Settings =====================================
[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
  workgroup = somedomain

# server string is the equivalent of the NT Description field
  server string = serv01

# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the Samba-HOWTO-Collection for details.
  security = user

# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
  hosts allow = 192.168.1. 127.

# this tells Samba to use a separate log file for each machine
# that connects
  log file = /var/log/samba/%m.log

# Put a capping on the size of the log files (in Kb).
  max log size = 500

# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
  local master = yes

# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
  os level = 255

# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
  domain master = yes

# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
  preferred master = yes

# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
  domain logons = yes

#  logon script = logon.bat
  name resolve order = wins lmhosts bcast

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
  wins support = yes

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
  dns proxy = no

add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

admin users = @sysadmin root administrator
smb ports = 137 138 139 445

#for win98 profiles
preserve case = yes
short preserve case = yes
case sensitive = no

#tuning options
deadtime = 15
keepalive = 1
socket options = TCP_NODELAY IPTOS_LOWDELAY



#============================ Share Definitions ==============================
[homes]
  comment = Home Directories
  browseable = no
  writable = yes

# Un-comment the following and create the netlogon directory for Domain Logons
 [netlogon]
  comment = Network Logon Service
  path = /etc/samba/netlogon
  guest ok = yes
  browseable = no
  writable = yes

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
[Profiles]
  path = /home/%U
  browseable = no 
  guest ok = no 
  read only = no
  create mask = 0777
  directory mask = 0777
  writable = yes
  level2 oplocks = yes
  dos filetimes = yes

# This one is useful for people to share files
[temp]
  comment = Temporary file space
  path = /temp
  read only = no
  public = yes
  create mask = 0777
  directory mask = 0777
i have tried re-joining the domain, restarting entire server (and samba service), removing and re-adding user/machine to samba...

many thanks for your help, if you need me to post more conf's etc, let me know

ray_80 10-17-2007 10:31 PM
Common problem on the Windows client side. I laugh whenever I see the error spit out "please try again later". Nice. Very nice.

Anyway this should help you:

http://www.annoyances.org/exec/forum/winxp/r1009126072

Regards

Astol 10-18-2007 12:28 AM
thanks, but didnt help. i seriously think this is a machine account problem. has MS put out any security patches that affect samba access? im not a green samba user (aka n00b), but this has me stumped

ray_80 10-18-2007 08:56 AM
Have you tried connecting from another machine? How about smbmount locally:

man smbmount

to isolate the problem. Let's make sure it is a problem just on the Windows box. If you don't have another computer to try this, you can boot a live cd on the XP machine and connect from there for testing. Just a thought.

Regards

Astol 10-18-2007 07:26 PM
yeah, i have a bunch of PC's at my disposal. the easiest assess i have is to a Dell Optiplex 320 and a Sony VAIO Z1GP. i have tried joining and leaving the domain, restarting them, using different user names and machine names... i actually think its a samba problem. i reinstalled the server yesterday before i went home, so i'll see what happens with a clean install. anyone care to run thru it with me so i dont miss anything?

fotoguy 10-18-2007 07:43 PM
Have you added the root user to samba?

smbpasswd -a root

Root needs to be added to samba so it can create the machine account.

Astol 10-18-2007 08:30 PM
ok, maybe not... im still getting the same error. it worked for about 5 minutes... seems its not authenticating properly, but there needs to be some kind of auth before logon... i belie4ve that is the problem, but i dont know how to fix it.

[scrap]
yea, done all that.

but now i have a SOLUTION!!!

***you need to make sure that the guest account is ON***

samba needs to be able to write to the client machine, and unless you called your default user "root", you will probably run into this problem (just a theory).

hope this helps all those out there with a similar problem. perhaps someone could make a sticky thread or put it in a HOWTO or something? i know i spent ages trying to find a solution
[/scrap]


All times are GMT -5. The time now is 05:50 AM.