Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am getting desperated, since I cannot setup SAMBA as PDC and join Windows 7 machine into domain. Can someone explain me, why? Here is error (after command clear && net rpc join -d10 -S PDC -U root:
Quote:
[2012/02/03 14:58:12, 5] lib/debug.c:405(debug_dump_status)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
registry: False/0
[2012/02/03 14:58:12, 3] param/loadparm.c:9169(lp_load_ex)
lp_load_ex: refreshing parameters
[2012/02/03 14:58:12, 3] param/loadparm.c:4939(init_globals)
Initialising global parameters
[2012/02/03 14:58:12, 2] param/loadparm.c:4798(max_open_files)
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
[2012/02/03 14:58:12.980251, 3] ../lib/util/params.c:550(pm_process)
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2012/02/03 14:58:12.980270, 3] param/loadparm.c:7853(do_section)
Processing section "[global]"
doing parameter protocol = NT1
doing parameter domain master = yes
doing parameter winbind trusted domains only = yes
doing parameter winbind use default domain = yes
doing parameter wins support = true
doing parameter netbios name = KILIMANJARO
[2012/02/03 14:58:12.980343, 4] param/loadparm.c:7215(handle_netbios_name)
handle_netbios_name: set global_myname to: KILIMANJARO
doing parameter server string = Zenit MS Real Samba PDC
doing parameter writable = no
doing parameter path = /var/spool/samba
doing parameter workgroup = MOUNTAINS
doing parameter os level = 33
doing parameter winbind enum groups = no
doing parameter security = domain
doing parameter preferred master = yes
doing parameter domain logons = yes
doing parameter password server = KILIMANJARO
[2012/02/03 14:58:12.980425, 4] param/loadparm.c:9204(lp_load_ex)
pm_process() returned Yes
[2012/02/03 14:58:12.980435, 7] param/loadparm.c:9410(lp_servicenumber)
lp_servicenumber: couldn't find homes
[2012/02/03 14:58:12.980444, 1] param/loadparm.c:8387(set_server_role)
Server's Role (logon server) NOT ADVISED with domain-level security
[2012/02/03 14:58:12.980451, 10] param/loadparm.c:8414(set_server_role)
set_server_role: role = ROLE_DOMAIN_BDC
[2012/02/03 14:58:12.980463, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UCS-2LE
[2012/02/03 14:58:12.980471, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UCS-2LE
[2012/02/03 14:58:12.980478, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF-16LE
[2012/02/03 14:58:12.980487, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF-16LE
[2012/02/03 14:58:12.980494, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UCS-2BE
[2012/02/03 14:58:12.980501, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UCS-2BE
[2012/02/03 14:58:12.980508, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF-16BE
[2012/02/03 14:58:12.980515, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF-16BE
[2012/02/03 14:58:12.980521, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF8
[2012/02/03 14:58:12.980528, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF8
[2012/02/03 14:58:12.980535, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF-8
[2012/02/03 14:58:12.980541, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF-8
[2012/02/03 14:58:12.980548, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset ASCII
[2012/02/03 14:58:12.980556, 5] lib/iconv.c:112(smb_register_charset)
Registered charset ASCII
[2012/02/03 14:58:12.980562, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset 646
[2012/02/03 14:58:12.980570, 5] lib/iconv.c:112(smb_register_charset)
Registered charset 646
[2012/02/03 14:58:12.980577, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset ISO-8859-1
[2012/02/03 14:58:12.980589, 5] lib/iconv.c:112(smb_register_charset)
Registered charset ISO-8859-1
[2012/02/03 14:58:12.980596, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UCS2-HEX
[2012/02/03 14:58:12.980604, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UCS2-HEX
[2012/02/03 14:58:12.980621, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980795, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980822, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980835, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980850, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980862, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980874, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980891, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980905, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980917, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980943, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.980983, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.981006, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.981031, 5] lib/charcnv.c:98(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2012/02/03 14:58:12.981063, 5] lib/util.c:276(init_names)
Netbios name list:-
my_netbios_names[0]="KILIMANJARO"
[2012/02/03 14:58:12.981221, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=fe80::219:66ff:feef:2559%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2012/02/03 14:58:12.981309, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=192.168.100.101 bcast=192.168.100.255 netmask=255.255.255.0
lp_load_ex: refreshing parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
doing parameter protocol = NT1
doing parameter domain master = yes
doing parameter winbind trusted domains only = yes
doing parameter winbind use default domain = yes
doing parameter wins support = true
doing parameter netbios name = KILIMANJARO
handle_netbios_name: set global_myname to: KILIMANJARO
doing parameter server string = Zenit MS Real Samba PDC
doing parameter writable = no
doing parameter path = /var/spool/samba
doing parameter workgroup = MOUNTAINS
doing parameter os level = 33
doing parameter winbind enum groups = no
doing parameter security = domain
doing parameter preferred master = yes
doing parameter domain logons = yes
doing parameter password server = KILIMANJARO
pm_process() returned Yes
lp_servicenumber: couldn't find homes
Server's Role (logon server) NOT ADVISED with domain-level security
set_server_role: role = ROLE_DOMAIN_BDC
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Substituting charset 'UTF-8' for LOCALE
Netbios name list:-
my_netbios_names[0]="KILIMANJARO"
added interface eth0 ip=fe80::219:66ff:feef:2559%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.100.101 bcast=192.168.100.255 netmask=255.255.255.0
Opening cache file at /var/run/samba/gencache.tdb
tdb(/var/run/samba/gencache.tdb): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: Permission denied
gencache_init: Opening cache file /var/run/samba/gencache.tdb read-only.
Opening cache file at /var/run/samba/gencache_notrans.tdb
Cache entry with key = AD_SITENAME/DOMAIN/ couldn't be found
sitename_fetch: No stored sitename for
internal_resolve_name: looking up PDC#20 (sitename (null))
Cache entry with key = NBT/PDC#20 couldn't be found
no entry for PDC#20 found.
resolve_lmhosts: Attempting lmhosts lookup for name PDC<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
resolve_wins: Attempting wins lookup for name PDC<0x20>
Cache entry with key = WINS_SRV_DEAD/127.0.0.1,0.0.0.0 couldn't be found
wins_srv_is_dead: 127.0.0.1 is alive
resolve_wins: using WINS server 127.0.0.1 and tag '*'
bind succeeded on port 0
Sending a packet of len 50 to (127.0.0.1) on port 137
read_udp_v4_socket: ip 127.0.0.1 port 35072 read: 56
parse_nmb: packet id = 11724
Received a packet of len 56 from (127.0.0.1) port 137
nmb packet from 127.0.0.1(137) header: id=11724 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
header: rcode=3 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=PDC<20> rr_type=10 rr_class=1 ttl=0
Negative name query response, rcode 0x03: The name requested does not exist.
resolve_hosts: Attempting host lookup for name PDC<0x20>
resolve_hosts: getaddrinfo failed for name PDC [No address associated with hostname]
name_resolve_bcast: Attempting broadcast lookup for name PDC<0x20>
bind succeeded on port 0
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 1
SO_BROADCAST = 1
Could not test socket option TCP_NODELAY.
Could not test socket option TCP_KEEPCNT.
Could not test socket option TCP_KEEPIDLE.
Could not test socket option TCP_KEEPINTVL.
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 126976
SO_RCVBUF = 126976
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
Could not test socket option TCP_QUICKACK.
Sending a packet of len 50 to (192.168.100.255) on port 137
Sending a packet of len 50 to (192.168.100.255) on port 137
Sending a packet of len 50 to (192.168.100.255) on port 137
Unable to resolve server name
lang_tdb_init: /usr/share/samba/en_US:en.msg: No such file or directory
Unable to find a suitable server for domain MOUNTAINS
failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
Cache entry with key = AD_SITENAME/DOMAIN/ couldn't be found
sitename_fetch: No stored sitename for
internal_resolve_name: looking up PDC#20 (sitename (null))
Cache entry with key = NBT/PDC#20 couldn't be found
no entry for PDC#20 found.
resolve_lmhosts: Attempting lmhosts lookup for name PDC<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
resolve_wins: Attempting wins lookup for name PDC<0x20>
Cache entry with key = WINS_SRV_DEAD/127.0.0.1,0.0.0.0 couldn't be found
wins_srv_is_dead: 127.0.0.1 is alive
resolve_wins: using WINS server 127.0.0.1 and tag '*'
bind succeeded on port 0
Sending a packet of len 50 to (127.0.0.1) on port 137
read_udp_v4_socket: ip 127.0.0.1 port 35072 read: 56
parse_nmb: packet id = 23382
Received a packet of len 56 from (127.0.0.1) port 137
nmb packet from 127.0.0.1(137) header: id=23382 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
header: rcode=3 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=PDC<20> rr_type=10 rr_class=1 ttl=0
Negative name query response, rcode 0x03: The name requested does not exist.
resolve_hosts: Attempting host lookup for name PDC<0x20>
resolve_hosts: getaddrinfo failed for name PDC [No address associated with hostname]
name_resolve_bcast: Attempting broadcast lookup for name PDC<0x20>
bind succeeded on port 0
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 1
SO_BROADCAST = 1
Could not test socket option TCP_NODELAY.
Could not test socket option TCP_KEEPCNT.
Could not test socket option TCP_KEEPIDLE.
Could not test socket option TCP_KEEPINTVL.
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 126976
SO_RCVBUF = 126976
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
Could not test socket option TCP_QUICKACK.
Sending a packet of len 50 to (192.168.100.255) on port 137
Sending a packet of len 50 to (192.168.100.255) on port 137
Sending a packet of len 50 to (192.168.100.255) on port 137
Unable to resolve server name
Unable to find a suitable server for domain MOUNTAINS
return code = 1
tdb(/var/run/samba/gencache.tdb): tdb_transaction_start: cannot start a transaction on a read-only or internal db
Could not start transaction on gencache.tdb: Invalid parameter
Chapter 7 addresses Windows Domains. I haven't read it and have no way of testing it, not having a Windows Domain, but I have found Samba by Example to be an excellent reference.
The most important part is the by Example. The book is illustrated with sample configuration files.
Chapter 7 addresses Windows Domains. I haven't read it and have no way of testing it, not having a Windows Domain, but I have found Samba by Example to be an excellent reference.
The most important part is the by Example. The book is illustrated with sample configuration files.
it might pop out something you need/missed to configure
(I don't know it so I'm just suggesting)
good luck
I have been looking those damn examples (and many other) for 3 months, SAMBA PDC still does not work. I am desperate.
Question one:
If computer acts as SAMBA PDC, is it automaticly member of domain or it must be joined into domain, whose "seeder" is itself?
Question two:
Is kerberos mandatory to be installed and configured with SAMBA if I want to join Windows 7 Pro & Windows 7 Ult boxes into domain (The Official Samba-3 Referemce Guide and Linux Samba Server Administrator BOOKS say IT IS NOT MANDATORY)?
No experience with Win7 (yet, but that is next) or using Samba as a PDC but Windoze uses encrypted passwords since version Win2000. To get samba to work with Windoze machines you either need to use kerberos or configure Windoze to use plain text passwords. I considered plain text passwords to be a non-acceptable answer so didn't try but my understanding is doing so involves a registery hack (on the Windoze boxes) that involves telling Windoze to use plain test passwords instead of encrypted ones. These are then stored in a file on the Linux box in plain text form which obviously isn't to secure. Getting kerberos to work didn't seem to difficult to me although my project only involves using Samba to join the domain using security = ads as a member server. Basically it involved loading the packages up and configuring Samba to use winbind.
I agree with your decision to not use SWAT and learn to write the smb.conf yourself, learning how in the process, that is how I did it and it can be done although like I said, I am just trying to do a member server, not PDC and have yet to tackle Win7 although that must happen for this to work in my situation. I'm not at the site so can't post my config file but will do so tommorow if it would help. I found that actually, a lot of the files online in these tutorials everyone is giving links to had a bunch of unnecessary stuff in them. The more I learned about what each parameter does, the more stuff I deleted out of the file. I lot of the examples are rather old and are for earlier versions. Ultimately this is the one I used to accomplish my task (not a PDC) http://justlinux.com/forum/archive/i.../t-118288.html
It is from 2003 but it worked. Followed the instructions exactly and it worked (for Win XP machines) This one was also helpful http://justlinux.com/forum/archive/i.../t-118512.html
getting the Win clients to log on without having to enter credentials
Good Luck!!!
Let us know if you get it working
Are you using Samba 4?
No experience with Win7 (yet, but that is next) or using Samba as a PDC but Windoze uses encrypted passwords since version Win2000. To get samba to work with Windoze machines you either need to use kerberos or configure Windoze to use plain text passwords. I considered plain text passwords to be a non-acceptable answer so didn't try but my understanding is doing so involves a registery hack (on the Windoze boxes) that involves telling Windoze to use plain test passwords instead of encrypted ones. These are then stored in a file on the Linux box in plain text form which obviously isn't to secure. Getting kerberos to work didn't seem to difficult to me although my project only involves using Samba to join the domain using security = ads as a member server. Basically it involved loading the packages up and configuring Samba to use winbind.
I agree with your decision to not use SWAT and learn to write the smb.conf yourself, learning how in the process, that is how I did it and it can be done although like I said, I am just trying to do a member server, not PDC and have yet to tackle Win7 although that must happen for this to work in my situation. I'm not at the site so can't post my config file but will do so tommorow if it would help. I found that actually, a lot of the files online in these tutorials everyone is giving links to had a bunch of unnecessary stuff in them. The more I learned about what each parameter does, the more stuff I deleted out of the file. I lot of the examples are rather old and are for earlier versions. Ultimately this is the one I used to accomplish my task (not a PDC) http://justlinux.com/forum/archive/i.../t-118288.html
It is from 2003 but it worked. Followed the instructions exactly and it worked (for Win XP machines) This one was also helpful http://justlinux.com/forum/archive/i.../t-118512.html
getting the Win clients to log on without having to enter credentials
Good Luck!!!
Let us know if you get it working
Are you using Samba 4?
Thanks for you encouraging reply and, first, I am not using Samba 4. Now, here is my /etc/samba/smb.conf:
Quote:
[global]
protocol = NT1
socket options = TCP_NODELAY
domain master = yes
winbind trusted domains only = yes
winbind use default domain = yes
wins support = true
netbios name = KILIMANJARO
server string = Zenit MS Real Samba PDC
writable = no
password server = KILIMANJARO
path = /var/spool/samba
workgroup = MOUNTAINS
os level = 33
winbind enum groups = no
security = user
preferred master = yes
domain logons = yes
passdb backend = smbpasswd
[netlogon]
comment = "Zenit MS Real Samba PDC Logon Scripts and other profile data"
path = /etc/samba/netlogon
guest ok = no
read only = yes
share modes = no
[homes]
comment = "Home directory for U%"
writable = yes
browseable = no
read only = no
create mask = 0700
directory mask = 0700
valid users = %S
[share]
comment = "Zenit MS Real Samba File Server Share"
path = /srv/samba/share
guest ok = no
read only = no
create mask = 0777
[printers]
browsable = yes
guest ok = no
printable = yes
available = yes
Now, I did not get answer to my 2nd question: Does my machine with Ubuntu Server Samba (as PDC) needs to be joined into domain, since if I try to testjoin it into domain, I get:
Quote:
installer@kilimanjaro:~$ net rpc testjoin
Failed to open /var/lib/samba/secrets.tdb
Failed to open /var/lib/samba/secrets.tdb
Failed to open /var/lib/samba/secrets.tdb
Failed to open /var/lib/samba/secrets.tdb
get_schannel_session_key: could not fetch trust account password for domain 'MOUNTAINS'
net_rpc_join_ok: failed to get schannel session key from server KILIMANJARO for domain MOUNTAINS. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Join to domain 'MOUNTAINS' is not valid: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
installer@kilimanjaro:~$
If is sudo testjoin, I get:
Quote:
installer@kilimanjaro:~$ sudo net rpc testjoin
[sudo] password for installer:
get_schannel_session_key: could not fetch trust account password for domain 'MOUNTAINS'
net_rpc_join_ok: failed to get schannel session key from server KILIMANJARO for domain MOUNTAINS. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Join to domain 'MOUNTAINS' is not valid: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
installer@kilimanjaro:~$
Well, at step 2, adding Linux to Windows domain, I get:
Code:
installer@kilimanjaro:~$ net rpc join -S KILIMANJARO -Uroot
Failed to open /var/lib/samba/secrets.tdb
error storing domain sid for MOUNTAINS
Enter root's password:
Creation of workstation account failed
Unable to join domain MOUNTAINS.
Then I tried to sudo mentioned command and I get:
Code:
installer@kilimanjaro:~$ sudo net rpc join -S KILIMANJARO -Uroot
Enter root's password:
Creation of workstation account failed
Unable to join domain MOUNTAINS.
installer@kilimanjaro:~$
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
