Hello all,
I've been asked to look into a problem with a client's samba server. The server is to be accessed over the network by Windows machines, and the server is to authenticate the users using a Windows domain controller. I've happily used Samba many times before but this is new territory.
I did some testing at the client's location and upon restarting Samba I get errors in log.nmbd similar to this:
Code:
[2009/07/21 09:57:21, 0] nmbd/nmbd_nameregister.c:register_name_response(129)
register_name_response: server at IP 10.0.2.53 rejected our name registration of FUSED<00> IP 10.0.2.22 with error code 6.
[2009/07/21 09:57:21, 0] nmbd/nmbd_mynames.c:my_name_register_failed(35)
my_name_register_failed: Failed to register my name FUSED<00> on subnet 10.0.2.22.
[2009/07/21 09:57:21, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(307)
standard_fail_register: Failed to register/refresh name FUSED<00> on subnet 10.0.2.22
One strange part of the error is the IP 10.0.2.53 which is another Domain Controller but some the specified in smb.conf as shown below.
The smb.conf looks like this:
Code:
[global]
security = domain
netbios name = FUSED
realm = FUSED
password server = 10.0.2.54
workgroup = fused
idmap uid = 5000-10000000
idmap gid = 5000-10000000
winbind separator = +
; winbind enum users = no
; winbind enum groups = no
winbind use default domain = yes
; template homedir = /home/%d/%u
template shell = /bin/bash
; client use spnego = yes
domain master = no
; server string = samba 3.2.3
; encrypt passwords = yes
; guest ok = yes
; guest account = nobody
[user01]
comment = Test User
path = /home/FUSED/user01
writeable = yes
browseable = yes
guest ok = yes
I also found an old smb.conf within /etc/samba which doesn't seem to fail like the existing file, but it doesn't work either. The old config looks like this:
Code:
[global]
security = ads
password server = 10.0.2.54
workgroup = FUSED
server string = %h server (Samba, Ubuntu)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
winbind use default domain = yes
restrict anonymous = 2
winbind refresh tickets = yes
usershare allow guests = yes
And this gives this in log.nmbd:
Code:
[2009/07/21 16:00:40, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(395)
*****
Samba name server SAMBABOX is now a local master browser for workgroup FUSED on subnet 10.0.2.22
*****
Just to clarify, the IPs are these:
10.0.2.54 = Domain Controller
10.0.2.53 = Another Domain Controller
10.0.2.20 = Samba server
10.0.2.22 = Windows machine trying to access Samba
I'm also trying to create a test bed in the office of a similar environment to try and help understand what's happening and where it might be failing but then there's the hurdle of not having the experience of setting up a domain controller in Windows before.
I have followed online documentation to create a domain server but I'm currently unsure if it's setup or working correctly. The only consistency currently being that on the Samba server I'm testing with is producing similar errors to those at the client but I'm thinking this is due to that the Domain Controller is probably configured incorrectly.
Thanks in advance.
OS