Samba PDC (username not found error)
Hi all,
I have just installed and configured samba on FC5 as a PDC and created a root password using smbpasswd. But when I tried to join WinXP to the domain, when I type in the username root and the password that was created using smbpasswd, I get the error message: "username not found" Here is the output from testparm: Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[netlogon]" Processing section "[Profiles]" Processing section "[printers]" Processing section "[myshare]" Processing section "[cdrom]" Loaded services file OK. WARNING: passdb expand explicit = yes is deprecated Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions [global] server string = Adonai passwd program = /usr/bin/passwd %u username map = /etc/samba/smbusers unix password sync = Yes log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap add user script = /usr/bin/useradd -d /dev/null -g 100 -s /bin/false -M %u logon script = %U.bat logon path = \\%L\Profiles\%U logon drive = H: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes cups options = raw [homes] comment = Home Directories read only = No browseable = No [netlogon] path = /home/netlogon browseable = No [Profiles] path = /home/samba-ntprof read only = No create mask = 0600 directory mask = 0700 browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [myshare] comment = Mary's and Fred's stuff path = /home read only = No create mask = 0765 guest ok = Yes [cdrom] comment = Samba server's CD-ROM path = /media locking = No root preexec = /bin/mount /dev/hdc /media root postexec = /bin/umount /media Please, what am I doing wrong? Thanks |
what's the name of your domain?
[global] workgroup=yourdomainname did you create the machine accounts (MachineName$)? getting rid of that deprecated parameter (expand explicit) is also worth a shot. I'll give you the global part of my smb.conf, which works fine with WindowsXP clients: [global] workgroup = imnottelling server string = nottellingthateither encrypt passwords = true update encrypted = Yes hosts allow = 192.168.9.0/24 hosts deny = 0.0.0.0/0 log level = 1 deadtime = 15 socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 unix charset = iso8859-15 display charset = iso8859-15 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u logon script = scripts\%U.bat domain logons = Yes os level = 33 preferred master = True domain master = True kernel oplocks = No |
Maybe there's something here to help you....
On your Samba server, try:
pdbedit -Lv username ...to see if the user shows up in Samba (omit the username to see all users). (substitute your username, i.e. "ronald" for the example below) If it says "Username not found!" you have a problem. It should say: Unix username: ronald NT username: Account Flags: [U ] User SID: S-1-5-21-3994888730-2450523879-3362949512-3002 Primary Group SID: S-1-5-21-3994888730-2450523879-3362949512-3005 Full Name: Ronald McDonald Home Directory: \\not-gonna-tell\ronald HomeDir Drive: H: Logon Script: logon.cmd Profile Path: Domain: MCDONALDS Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 20:14:07 MST Kickoff time: Mon, 18 Jan 2038 20:14:07 MST Password last set: Tue, 13 Jun 2006 00:22:54 MST Password can change: Tue, 13 Jun 2006 00:22:54 MST Password must change: Mon, 18 Jan 2038 20:14:07 MST Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF A very good resource for initially configuring a Samba PDC set up is here: http://www.howtoforge.com/samba_setup_ubuntu_5.10_p3 (I started you at the part where the config starts). And here's my (very nicely working) smb.conf: [global] workgroup = NOT-TELLING netbios name = NOT-GONNA-TELL server string = Ubuntu Dapper Samba Server passdb backend = tdbsam security = user username map = /etc/samba/smbusers name resolve order = wins bcast hosts domain logons = yes preferred master = yes os level = 65 wins support = yes # Set CUPS for printing printcap name = CUPS printing = CUPS # Default logon logon drive = H: logon script = logon.cmd # logon path = \\server1\profile\%U ### Note from me: the following line means no roaming profiles: logon path = # Useradd scripts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u idmap uid = 15000-20000 idmap gid = 15000-20000 # sync smb passwords with linux passwords passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . passwd chat debug = yes unix password sync = yes # set the loglevel log level = 3 [homes] comment = Home valid users = %S root read only = no browsable = no inherit permissions = yes inherit owner = yes [netlogon] comment = Network Logon Service path = /home/samba/netlogon admin users = root valid users = %U read only = no [allusers] comment = Non-admins can put files here to be accessible by others path = /home/shares/allusers valid users = @users force group = users create mask = 0770 directory mask = 0771 writable = yes [storage] comment = Programs accessible to all domain users path = /home/shares/storage admin users = @share-write inherit permissions = yes writable = yes [media] comment = Music and videos accessible to all domain users path = /home/shares/media admin users = @share-write inherit permissions = yes writable = yes [photos] comment = Photos accessible to all domain users path = /home/shares/photos admin users = @share-write inherit permissions = yes writable = yes |
I have the same problem. Perhaps I have a few more clues.
In the samba log /var/log/samba it says that access to the password file is denied. The log files are worth investigating and the level of detail in the logs can be altered in the smb.conf. I tried making the password file read write execute to everyone just to get a login and after trying to log in again the permissions were changed back to restricted |
S/he's right-you're going to need this for starters:
Quote:
Code:
encrypt passwords = true Code:
pdbedit -Lv yourusername Code:
root = Administrator |
Hi all,
I still get the same error after following the configuration posted herein, and also tried the pdbedit command and here is the output: [root@ADONAI ~]# pdbedit -z root Unix username: root NT username: Account Flags: [U ] User SID: S-1-5-21-3508971718-3262276311-2618561440-1000 Primary Group SID: S-1-5-21-3508971718-3262276311-2618561440-1001 Full Name: root Home Directory: \\adonai\root HomeDir Drive: H: Logon Script: root.bat Profile Path: \\adonai\Profiles\root Domain: YAHWEH Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Tue, 19 Jan 2038 04:14:07 WAT Kickoff time: Tue, 19 Jan 2038 04:14:07 WAT Password last set: Thu, 14 Dec 2006 06:38:32 WAT Password can change: Thu, 14 Dec 2006 06:38:32 WAT Password must change: Tue, 19 Jan 2038 04:14:07 WAT Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF Adonai is the name of the PDC. Also I checked the /etc/samba/smbpasswd and there's an entry for both the Administrator and root. Also here's my /etc/samba/smbusers file # Unix_name = SMB_name1 SMB_name2 ... root = root Administrator nobody = guest pcguest smbguest homepage what seems to be the problem, can anyone help me point out what i'm doing wrong? thanks. |
All times are GMT -5. The time now is 05:37 PM. |