Tags Tags

[Samba] New unexpected behaviour when joining a domain

May 06th, 2012 - 11:20 am ET by J.F.Gratton | Report spam
Help Create a new topic
Good morning,

I'm running Samba 3.6.5 on a Fedora 16 box, where I configured Samba to act as a PDC. A few weeks ago everything went smoothly; I then had to change the -physical- box running linux + samba, and everything went weird since then.

First, I'm using the same smb.conf file from the previous box. The OS hasn't changed, Samba packages might have been updated, but since I update that box on a almost-daily basis, not sure it could be a factor.

Some basic info :
Linux box is called oslo (10.2.1.1 / 13), domain name is devnet
A Win7 box (helsinki, 10.3.2.1 / 13) has to join the domain
A Win2K8R2 box (bergen, 10.2.1.101 / 13, VM running on oslo) has to join the domain.

I've applied the registry patch (as provided on http://wiki.samba.org/index.php/Windows7) on all machines awhile back; those machines were on the domain before I changed the linux box. Everything was fine then.

Now, the Win7 machine had to be rebuilt, too, from scratch. I applied the registry patch, made sure that 10.2.1.1 was present as a WINS server in its ip config and so on.

I joined the domain the usual way, and allowed all domain users to use the win7 box. Funny thing now is that I see those things in the samba server logs:
_netr_ServerAuthenticate3: netlogon_creds_server_checkj failed. Rejecting auth request from client HELSINKI machine account HELSINKI$ (which exists in /etc/passwd and the samba backend, as shown with pdbedit -L). Not sure if this error message is valuable.

The next funny thing that shows up now is that on my windows box, the users' domain accounts on the boxes appear as c:\users\USERNAME.oslo (the linux box hostname), instead of c:\users\USERNAME.devnet (devnet being the domain name).

I'm not sure what is going on. DNS issues ? WINS issues ? I can provide any info you might ask. I did not include my smb.conf file yet as I did not want to clutter this mailing list, especially if someone thought of something before me posting the file.

Regards,

To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
email Follow the discussionReplies 2 repliesReplies Make a reply

Replies

#1 J.F.Gratton
May 08th, 2012 - 03:00 pm ET | Report spam
I've noticed something that is bothersome.

As mentionned in previous post, the linux fileserver where Samba runs is
called OSLO, the domain is DEVNET.

I mentionned that my (windows) users all reside in c:\users
\USERNAME.oslo instead of c:\users\USERNAME.devnet

All my windows boxes are confusing the linux box hostname with the
domain-name, and it shows when, for instance I try to authenticate on an
SQL Server using domain\username.

There is something wrong in my samba config. I can't figure what. Any
help would be appreciated.

(below: a part of my smb.conf; note that users don't authenticate
against an LDAP or anything.)

<snip>
[global]
workgroup = DEVNET
server string = oslo
log file = /var/log/samba/smbd.log.%m
max log size = 5120
add user script = /usr/sbin/useradd %u
delete user script = /usr/sbin/userdel %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add machine script = /usr/sbin/useradd -g machines -c Machine_CHANGEME
-d /dev/null -s /bin/false %u
logon path =
logon home =
domain logons = Yes
os level = 33
preferred master = Auto
domain master = Yes
dns proxy = No
wins support = Yes
idmap config * : backend = tdb
hosts allow = 10.0.0.0/255.248.0.0, 127.0.0.1

<snip>

Thanks,


To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

Similar topics

Make your own search :