LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 09-23-2003, 10:23 AM   #1
tstephens
LQ Newbie
 
Registered: Sep 2003
Posts: 5

Rep: Reputation: 0
Samba PDC - XP client, Access is denied


I am running Samba 2.2.7 on Linux 9. I have configured Samba to be a PDC and trying to connect a Windows XP Pro client to the domain.

I enter the domain name in throught the XP System Properties/Computer Name Changes screen and click OK.

I then enter my the name and password of and account with permission to join the domain. I keep getting an error box stating "The following error occured attempting to join the domain "TESTGROUP": Access denied"

I am so close to getting this to work but no cigar.
I have followed many documents and I can't find any errors on the client or server side but I still cannot get the two to link together.

ANYBODY HAVE ANY IDEAS......

Here are the entries for the passwd file:
tms:x:506:100::/home/tms:/bin/bash
ip-152$:*:508:201:Trust Account:/home/ip-152$:/sbin/nologin
ig72$:x:511:511:Trust Account:/nonexistent:/bin/false

Here are some entries for in the smbpasswd file:
tms:506:24A97CBE0KLPD896B25KL3B83GA6627C7:731B61AFF70C5812B8C5C5D637A2641E:[U]:LCT-3F70521F:

ip-152$:508:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXX:[DU ]:LCT-4F707ADF:Trust Account

ig72$:511:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:Trust Account

Here is my smb.conf
[global]
;Print Specs
load printers = yes
printing = bsd
printcap name = /etc/printcap

;basic server settings
workgroup = testgroup
netbios name = ig72
server string = Samba PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

;security and logging settings
security = user
encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 3
max log size = 50
hosts allow = 127.0.0.1 214.125.113.0/255.255.255.0

smb passwd file = /etc/samba/smbpasswd
domain logons = yes

;user profiles and home directory
; logon home = \\%L\%U\.bash_profile
logon drive = I:
logon path = \\%L\profiles\%U
; logon script = netlogon.bat

;sync UNIX passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *
Enter* new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all* au
thentication*tokens*updated*successfully*


;===Shares===

[homes]
comment = Home Directories
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
comment = profiles
guest ok = yes
directory mask = 0700

[printers]
comment = All printers
browseable = yes
printable = yes
guest ok = yes
writeable = yes
create mode = 0700

Last edited by tstephens; 09-23-2003 at 10:24 AM.
 
Old 09-23-2003, 11:01 AM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Welcome to LQ.

Try adding root as a samba user and use root to join the computer to the domain.
 
Old 09-23-2003, 11:59 AM   #3
tstephens
LQ Newbie
 
Registered: Sep 2003
Posts: 5

Original Poster
Rep: Reputation: 0
I added root as a samba user and tried to log into the domain using root with the same results, "access denied".

smbpasswd entry for root:
root:0:B8A08C86E3EDE97EAAD3B435B51404EE:CD248A8F854DE6B223A81F20A2AF5242:[U ]:LCT-3F705234:root


I can ping the Samba server from the client and even map a share & printer to the Samba server. I just cant get it to accept any domain clients.

It is driving me nuts. The Samba software was pre-installed before I got to it. I have run testparm, "smbclient -U% -L localhost" and dont have any errors. However, I am missing something. I have been an Oracle DBA for many years and this is the first time I have gotten in on the network/OS side of things. My experience with networking/OS concepts is somewhat limited right now.
 
Old 09-23-2003, 03:00 PM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
What are you using as the name of the domain?
 
Old 09-24-2003, 08:02 AM   #5
tstephens
LQ Newbie
 
Registered: Sep 2003
Posts: 5

Original Poster
Rep: Reputation: 0
I am using TESTGROUP as the name of the domain. I have included the below mentioned info. I talked with another dude here in the office and he might think it has something to do with the "firewall". I dont know much about that but it seems that if am not getting past the firewall, I would not be able to map to a share or printer on the Samba server. The guy that administrates the firewall will be in tomorrow to see if that is the problem.

[root@ig72 root]# smbclient -U% -L localhost

added interface ip=214.125.113.149 bcast=214.125.113.255 nmask=255.255.255.0
Domain=[TESTGROUP] OS=[Unix] Server=[Samba 2.2.7a]

Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba PDC running 2.2.7a)
ADMIN$ Disk IPC Service (Samba PDC running 2.2.7a)
Laser3_IG72 Printer

Server Comment
--------- -------
IG72 Samba PDC running 2.2.7a

Workgroup Master
--------- -------
CWI IP-247
HEIMNET BKH2
MSHOME IP-154
SCANDOCS IMAGINE
TESTGROUP IG72
WORKGROUP IP-246-DUAL
 
Old 09-25-2003, 01:56 PM   #6
tstephens
LQ Newbie
 
Registered: Sep 2003
Posts: 5

Original Poster
Rep: Reputation: 0
Well I finally figured this one out.

I set my log level = 3 and found that I was getting some password errors such as:

rpc_server/srv_netlog_nt.c:get_md4pw(188) get_md4pw: Workstation

Anyway, after doing some searching, I set
"unix password synch = no" and bounce the Samba services.

I was then able to join the domain without any problems. Once I set my client to the domain, I went back and reset the "unix password synch = yes" and had no further problems.

Thanks for your help.
 
Old 10-04-2007, 12:59 AM   #7
arupdutta1234
LQ Newbie
 
Registered: Oct 2007
Posts: 1

Rep: Reputation: 0
Question ples give me solution

plese give me the solution of this
Quote:
Originally Posted by tstephens View Post
I am running Samba 2.2.7 on Linux 9. I have configured Samba to be a PDC and trying to connect a Windows XP Pro client to the domain.

I enter the domain name in throught the XP System Properties/Computer Name Changes screen and click OK.

I then enter my the name and password of and account with permission to join the domain. I keep getting an error box stating "The following error occured attempting to join the domain "TESTGROUP": Access denied"

I am so close to getting this to work but no cigar.
I have followed many documents and I can't find any errors on the client or server side but I still cannot get the two to link together.

ANYBODY HAVE ANY IDEAS......

Here are the entries for the passwd file:
tms:x:506:100::/home/tms:/bin/bash
ip-152$:*:508:201:Trust Account:/home/ip-152$:/sbin/nologin
ig72$:x:511:511:Trust Account:/nonexistent:/bin/false

Here are some entries for in the smbpasswd file:
tms:506:24A97CBE0KLPD896B25KL3B83GA6627C7:731B61AFF70C5812B8C5C5D637A2641E:[U]:LCT-3F70521F:

ip-152$:508:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXX:[DU ]:LCT-4F707ADF:Trust Account

ig72$:511:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:Trust Account

Here is my smb.conf
[global]
;Print Specs
load printers = yes
printing = bsd
printcap name = /etc/printcap

;basic server settings
workgroup = testgroup
netbios name = ig72
server string = Samba PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

;security and logging settings
security = user
encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 3
max log size = 50
hosts allow = 127.0.0.1 214.125.113.0/255.255.255.0

smb passwd file = /etc/samba/smbpasswd
domain logons = yes

;user profiles and home directory
; logon home = \\%L\%U\.bash_profile
logon drive = I:
logon path = \\%L\profiles\%U
; logon script = netlogon.bat

;sync UNIX passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *
Enter* new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all* au
thentication*tokens*updated*successfully*


;===Shares===

[homes]
comment = Home Directories
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
comment = profiles
guest ok = yes
directory mask = 0700

[printers]
comment = All printers
browseable = yes
printable = yes
guest ok = yes
writeable = yes
create mode = 0700
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
samba client Access denied unable to connect Systest7 Linux - Networking 11 12-12-2010 08:45 PM
XP Client Returns 'Access is Denied' Error When Trying to Connect to a Samba Server BuckRogers01 Linux - Networking 1 05-25-2005 11:55 AM
Problems with Samba as a PDC; non-root logins denied Mr.47 Linux - Networking 0 07-11-2004 01:18 PM
Samba PDC client Problem ah_shades Linux - Networking 5 01-17-2003 07:49 PM
access is denied : samba PDC, win2k client dkodegwc Linux - Networking 6 12-14-2002 11:02 AM


All times are GMT -5. The time now is 11:06 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration