| View previous topic :: View next topic |
| Author |
Message |
adelante
Tux's lil' helper
Joined: 19 Apr 2003
Posts: 133
Location: South Africa - Johannesburg
|
 Posted: Sun Apr 04, 2004 11:16 am Post subject: Samba PDC Problem |
 |
|
HI.
I have tried to setup a samba PDC, now in windowsXP I select my domain, and it gives me thing where u enter your username and password, I enter root and my password, and it tells me
"user name cannot be found"
and if i enter username dave and my password, i get told:
"Access Denied"
now here is my adelante zone in my named.conf file:
| Quote: |
zone "adelante" IN {
type master;
file "pri/adelante.zone";
allow-update { none; };
notify no;
};
|
and my pri/adelante.zone file:
| Quote: |
; Zone File for adelante
;
;
$TTL 3D
@ IN SOA adelante. hostmaster.adelante. (
200207301 ; serial, todays date + serial
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
NS gentoo ; inet address of name server
; MX 10 name ; mx records
;
;
localhost A 127.0.0.1
ns A 192.168.0.20
ftp A 192.168.0.20
pop3 A 192.168.0.20
smtp A 192.168.0.20
gentoo A 192.168.0.20
www A 192.168.0.20
auth A 192.168.0.20
@ A 192.168.0.20
_ldap._tcp 1D IN SRV 0 0 389 adelante.
_ldap._udp 1D IN SRV 0 0 389 adelante.
_ldap._tls._tcp 1D IN SRV 0 0 389 adelante.
_ldap._tcp.dc._msdcs 1D IN SRV 0 0 389 adelante.
|
My smb.conf:
| Quote: |
[global]
workgroup = ADELANTE
netbios name = adelante
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
server string = Samba PDC %v %h
log file = /var/log/samba3/log.%m
max log size = 50
hosts allow = 192.168.0., 127.0.0.1/255.255.255.0
map to guest = bad use
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/private/smbpasswd
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Re*ype*new*UNIX*password* %n\n \
*passwd:*all*authentication*tokens*updated*successfully*
local master = yes
os level = 64
domain master = yes
preferred master = yes
domain logons = yes
logon path = \\%L\Profiles\%U
logon home = \\%L\%U
logon drive = H:
logon script = logon.bat
domain admin group = root dave
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
writable = no
share modes = no
[Profiles]
path = /home/samba/profiles
browseable = no
writable = yes
create mask = 0600
directory mask = 0700
|
and in my smbpassword file:
| Quote: |
test$:1004:01FC5A6BE7BC6929AAD3B435B51404EE:0CB6948805F797BF2A82807973B89537:[W ]:LCT-40705A85:
home$:1009:F6F80F542DC59993D2D0F0B445A4742F:A6AE137EAB29CB566F948708ADBC331F:[W ]:LCT-4070EC52:
root:0:2E2F207B05BDDD2DAAD3B435B51404EE:469AA63669FBFA9789B65E0541D7E420:[U ]:LCT-40713DD3:
dave:1000:C60DF303A2CB4E5FAAD3B435B51404EE:EA0676EA59A4927F4766F138427E992D:[U ]:LCT-40713E26:
|
What am I doing wrong? or can someone please maybe show how to do the whole samba_ldap thing 
-Thanks- |
|
| Back to top |
|
 |
aaronjb
Tux's lil' helper
Joined: 25 May 2003
Posts: 106
Location: Berkshire, UK
|
| Posted: Mon Apr 05, 2004 1:32 pm Post subject: |
|
|
I could be way off track, as I haven't used Samba in an ldap environment yet (mine is just running as a classic NT4 PDC)..
But have you applied the reg hacks (I presume you still need to, even with ldap running) to XP to disable it's requirement for encryption etc on the authentication? I can dig out the reg keys if you need them..
Aaron
_________________
#my gentoo farm |
|
| Back to top |
|
|
slartibardfast
n00b
Joined: 02 Apr 2004
Posts: 15
Location: Ireland
|
| Posted: Sat Apr 10, 2004 12:21 am Post subject: |
|
|
I am converting to ldap at the moment(total disaster  ) but here are the regi keys for xp:
(from http://www.ccs.uky.edu/docs/samba.htm)
| Quote: |
STEPS:
1) Make sure that the workstation belonged to the same workgroup as the server and have a fixed IP address and hostname assigned.
2) Change the registry entry, run the command regedt32 and do the below
a) RequireSignOrSeal Registry hack
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters
"RequireSignOrSeal"=dword:00000000
b) Use the Registry Editor and edit the
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\CompatibleRUPSecurity to have the DWORD value of 1
3) Use the Group Policy Editor (gpedit.msc) and enable "Computer Configuration\Administrative Templates\System\User Profiles\Do not check for user ownership of Roaming Profile Folders".
4) Go to MyComputer right click Properties. Go to Change and click on Domain and enter the domain-name you want to join. When joining the domain for the First time enter userid as root and give the samba password. Make sure there is an entry for the root in the smbpasswd (samba password) file.
5) Reboot and then the changes will be effective. |
Good Luck!
_________________
"Six by nine. Forty-two." |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
