Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Problem with samba PDC [solved]
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Harris
n00b
n00b


Joined: 18 May 2004
Posts: 54
PostPosted: Thu Mar 17, 2005 2:14 am    Post subject: Problem with samba PDC [solved] Reply with quote
Ok, i'm trying to set an samba PDC, but i can't join my domain.
looking at logs, i see that my user autenticated, but i receive an access denied error.
this is the log of my session:
Quote:

[2005/03/16 22:14:07, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2005/03/16 22:14:07, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2005/03/16 22:14:07, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [harris] -> [harris] -> [harris] succeeded
[2005/03/16 22:14:07, 2] smbd/server.c:exit_server(571)
Closing connections
[2005/03/16 22:14:08, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2005/03/16 22:14:08, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2005/03/16 22:14:08, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [harris] -> [harris] -> [harris] succeeded
[2005/03/16 22:14:08, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
Returning domain sid for domain OLIMPO -> S-1-5-21-3664685165-2108279895-18801854
[2005/03/16 22:14:08, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93)
_samr_open_domain: ACCESS DENIED (requested: 0x00000211)
[2005/03/16 22:14:08, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
Returning domain sid for domain OLIMPO -> S-1-5-21-3664685165-2108279895-18801854
[2005/03/16 22:14:08, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115)
_samr_create_user: ACCESS DENIED (granted: 0x00000201; required: 0x00000010)
[2005/03/16 22:14:08, 2] smbd/server.c:exit_server(571)
Closing connections


and here is my smb.conf
Quote:

[global]
workgroup = olimpo
netbios name = tekila
server string = tekila Samba %v
log file = /var/log/samba/log.%m
max log size = 50
debug level = 2
security = USER
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
username map = /etc/samba/smbusers
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add machine script = /usr/sbin/adduser -n -r -g machines -c
"Samba machine" -d /dev/null -s /bin/false %u
passdb backend = smbpasswd
interfaces = eth0
bind interfaces only = yes
unix charset = iso8859-1
display charset = cp850
domain logons = Yes
os level = 100
preferred master = Yes
domain master = Yes
logon script = logon.bat
logon path =
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no

[homes]
comment = Diretorio do Usuario
browseable = no
writable = yes
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = yes
write list = harris
[public]
comment = Public
path = /home/samba/public
writeable = yes

and a second question, i also read somewhere, that it was possible to use linuxusers for samba, with no need to "smbpasswd" for each user. it was a simple line to add on smb.conf but i lost the URL where i found it.

tkz alot!
_________________
UP THE IRONS!

Last edited by Harris on Thu Mar 17, 2005 5:18 am; edited 1 time in total
Back to top
View user's profile Send private message
smasher
Tux's lil' helper
Tux's lil' helper


Joined: 15 Nov 2003
Posts: 95
PostPosted: Thu Mar 17, 2005 2:35 am    Post subject: Reply with quote
What are OS are you trying to add to the domain? To join machines to the domain. The user you login in as has to have admin rights, ie root or administrator.
Back to top
View user's profile Send private message
Harris
n00b
n00b


Joined: 18 May 2004
Posts: 54
PostPosted: Thu Mar 17, 2005 2:39 am    Post subject: Reply with quote
smasher wrote:
What are OS are you trying to add to the domain? To join machines to the domain. The user you login in as has to have admin rights, ie root or administrator.

the machine i'm adding is a windowsxp and the user have admin powers on the machine o.0 :(
_________________
UP THE IRONS!
Back to top
View user's profile Send private message
smasher
Tux's lil' helper
Tux's lil' helper


Joined: 15 Nov 2003
Posts: 95
PostPosted: Thu Mar 17, 2005 2:54 am    Post subject: Reply with quote
If you're trying to join the domain using the user of harris he probably doesn't have rights to join. His primary group would have to be listed in your smb.conf file, the global section on the line:
Code:
domain admin group = @adm

I can't say that is the root of your problem but I would definitely try using root when trying to join the domain. Do you have the user group 'machines' already setup?

Also my add machine line I use is a little different. I'm not saying yours won't work but here's what I'm using:
Code:
add machine script = /usr/sbin/useradd -g machines -c Machine -s /bin/false -d /dev/null -M %u
Back to top
View user's profile Send private message
Harris
n00b
n00b


Joined: 18 May 2004
Posts: 54
PostPosted: Thu Mar 17, 2005 4:02 am    Post subject: Reply with quote
smasher wrote:
If you're trying to join the domain using the user of harris he probably doesn't have rights to join. His primary group would have to be listed in your smb.conf file, the global section on the line:
Code:
domain admin group = @adm

I can't say that is the root of your problem but I would definitely try using root when trying to join the domain. Do you have the user group 'machines' already setup?

Also my add machine line I use is a little different. I'm not saying yours won't work but here's what I'm using:
Code:
add machine script = /usr/sbin/useradd -g machines -c Machine -s /bin/false -d /dev/null -M %u

tkz tkz tkz!!! omg i love you :D :D :D

for every pray i make, i will add your name on it :D
TKZZZZZZZZZZZZZZZZZZZZZZZ :D

(i dont pray to often lolz) :D
_________________
UP THE IRONS!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy