Find the answer to your Linux question:
Results 1 to 10 of 10
hi i have just upgraded two sites to fedora core 3 with samba 3 (all off the fedora disks, i rewrote the smb.conf to suit the changes for samba 3) ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2005
    Posts
    3

    problems with windows xp on fc3 samba domain


    hi
    i have just upgraded two sites to fedora core 3 with samba 3 (all off the fedora disks, i rewrote the smb.conf to suit the changes for samba 3) by replacing the servers from red hat 8 and now i have windows xp clients that lose their access to the domain appartently at random. they can log on for a week or so then they will be unable to contact the domain, i check the machine accounts in samba and linux, all there, i check the machine log file, no apparent problem, same as other machines, bit stumped now, any help greatly appreciated.

    (first posting so let me know if i need to put more / less info)

  2. #2
    Linux Newbie
    Join Date
    Apr 2005
    Posts
    113
    Firewall settings ok? Does the samba machine have a static IP? Can you post your smb.conf?

    I run samba too but not a domain . . .
    You dont need a pocket protector or thick glasses to be a geek.

  3. #3
    Just Joined!
    Join Date
    May 2005
    Posts
    3
    firewall is turned off, it gets stranger it appears to be just a couple of computers that are affected, but they are all imaged with the same image so i am not sure what is wrong, i thought maybe a samba problem but not so sure now.
    i do get lots of these errors in the log which i have googled and go tno fix for yet.

    [2005/05/15 07:42:11, 0] lib/util_sock.c:get_peer_addr(1000)
    getpeername failed. Error was Transport endpoint is not connected
    [2005/05/15 13:10:17, 0] lib/util_sock.c:get_peer_addr(1000)
    getpeername failed. Error was Transport endpoint is not connected
    [2005/05/15 13:10:17, 0] lib/util_sock.c:get_peer_addr(1000)
    getpeername failed. Error was Transport endpoint is not connected
    [2005/05/16 15:11:03, 0] smbd/server.c:main(760)
    smbd version 3.0.8pre1-0.pre1.3 started.
    Copyright Andrew Tridgell and the Samba Team 1992-2004
    [2005/05/16 15:11:03, 0] printing/nt_printing.c:nt_printing_init(383)
    nt_printing_init: error checking published printers: WERR_ACCESS_DENIED


    the smb.conf is huge but here is the gen section.

    [global]

    # workgroup = NT-Domain-Name or Workgroup-Name
    workgroup = ******

    # server string is the equivalent of the NT Description field
    server string = Samba Server

    # This option is important for security. It allows you to restrict
    # connections to machines which are on your local network. The
    # following example restricts access to two C class networks and
    # the "loopback" interface. For more examples of the syntax see
    # the smb.conf man page
    ; hosts allow = 192.168.1. 192.168.2. 127.

    # if you want to automatically load your printer list rather
    # than setting them up individually then you'll need this
    printcap name = /etc/printcap
    load printers = yes

    # It should not be necessary to spell out the print system type unless
    # yours is non-standard. Currently supported print systems include:
    # bsd, sysv, plp, lprng, aix, hpux, qnx
    ; printing = cups

    # This option tells cups that the data has already been rasterized
    cups options = raw

    # Uncomment this if you want a guest account, you must add this to /etc/passwd
    # otherwise the user "nobody" is used
    ; guest account = pcguest

    # this tells Samba to use a separate log file for each machine
    # that connects
    log file = /var/log/samba/%m.log
    # all log information in one file
    # log file = /var/log/samba/smbd.log

    # Put a capping on the size of the log files (in Kb).
    max log size = 1000

    # Security mode. Most people will want user level security. See
    # security_level.txt for details.
    security = user
    # Use password server option only with security = server
    ; password server = <NT-Server-Name>

    # Password Level allows matching of _n_ characters of the password for
    # all combinations of upper and lower case.
    ; password level = 8
    ; username level = 8

    # You may wish to use password encryption. Please read
    # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
    # Do not enable this option unless you have read those documents
    ; encrypt passwords = yes
    smb passwd file = /etc/samba/smbpasswd

    # The following are needed to allow password changing from Windows to
    # update the Linux system password also.
    # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
    # NOTE2: You do NOT need these to allow workstations to change only
    # the encrypted SMB passwords. They allow the Unix password
    # to be kept in sync with the SMB password.
    unix password sync = Yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*success fully*

    # Unix users can map to different SMB User names
    ; username map = /etc/samba/smbusers

    # Using the following line enables you to customise your configuration
    # on a per machine basis. The %m gets replaced with the netbios name
    # of the machine that is connecting
    ; include = /etc/samba/smb.conf.%m

    # Most people will find that this option gives better performance.
    # See speed.txt and the manual pages for details
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

    # Configure Samba to use multiple interfaces
    # If you have multiple network interfaces then you must list them
    # here. See the man page for details.
    ; interfaces = 192.168.12.2/24 192.168.13.2/24

    # Configure remote browse list synchronisation here
    # request announcement to, or browse list sync from:
    # a specific host or from / to a whole subnet (see below)
    ; remote browse sync = 192.168.3.25 192.168.5.255
    # Cause this host to announce itself to local subnets here
    ; remote announce = 192.168.1.255 192.168.2.44

    # Browser Control Options:
    # set local master to no if you don't want Samba to become a master
    # browser on your network. Otherwise the normal election rules apply
    ; local master = no

    # OS Level determines the precedence of this server in master browser
    # elections. The default value should be reasonable
    ; os level = 33

    # Domain Master specifies Samba to be the Domain Master Browser. This
    # allows Samba to collate browse lists between subnets. Don't use this
    # if you already have a Windows NT domain controller doing this job
    domain master = yes

    # Preferred Master causes Samba to force a local browser election on startup
    # and gives it a slightly higher chance of winning the election
    preferred master = yes

    # Enable this if you want Samba to be a domain logon server for
    # Windows95 workstations.
    domain logons = yes

    # if you enable domain logons then you may want a per-machine or
    # per user logon script
    # run a specific logon batch file per workstation (machine)
    ; logon script = %m.bat
    # run a specific logon batch file per username
    ; logon script = %U.bat
    logon script = logon.bat

    # Where to store roving profiles (only for Win95 and WinNT)
    # %L substitutes for this servers netbios name, %U is username
    # You must uncomment the [Profiles] share below
    logon path = \\%L\Profiles\%U

    # All NetBIOS names must be resolved to IP Addresses
    # 'Name Resolve Order' allows the named resolution mechanism to be specified
    # the default order is "host lmhosts wins bcast". "host" means use the unix
    # system gethostbyname() function call that will use either /etc/hosts OR
    # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf
    # and the /etc/resolv.conf file. "host" therefore is system configuration
    # dependant. This parameter is most often of use to prevent DNS lookups
    # in order to resolve NetBIOS names to IP Addresses. Use with care!
    # The example below excludes use of name resolution for machines that are NOT
    # on the local network segment
    # - OR - are not deliberately to be known via lmhosts or via WINS.
    ; name resolve order = wins lmhosts bcast

    # Windows Internet Name Serving Support Section:
    # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
    wins support = yes

    # WINS Server - Tells the NMBD components of Samba to be a WINS Client
    # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
    ; wins server = w.x.y.z

    # WINS Proxy - Tells Samba to answer name resolution queries on
    # behalf of a non WINS capable client, for this to work there must be
    # at least one WINS Server on the network. The default is NO.
    ; wins proxy = yes

    # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
    # via DNS nslookups. The built-in default for versions 1.9.17 is yes,
    # this has been changed in version 1.9.18 to no.
    dns proxy = no

    # Case Preservation can be handy - system default is _no_
    # NOTE: These can be set on a per share basis
    ; preserve case = no
    ; short preserve case = no
    # Default case is normally upper case for all DOS files
    ; default case = lower
    # Be very careful with case sensitivity - it can break things!
    ; case sensitive = no

    # machine account creation script
    add machine script = /usr/sbin/useradd -d /dev/null -g 100 \-s /bin/false -M %u



    any help would be great.
    thanks.

  4. #4
    Linux Newbie
    Join Date
    Apr 2005
    Posts
    113
    You said that they are all from the same image. Did you go and change the username's on the clients so there aren't any conflicts? Two users with the same username on the domain could be bad.

    Un-comment 'encrypt passwords = yes,' it's supposed to be enabled by default in Samba 3 but it couldn't hurt to have it there. Make sure you used smbpasswd to add the usernames and passwords.

    Did you setup the clients to use the Samba server as the wins server? It's in the network settings on the clients.

    I'm not sure but the error " getpeername" might be an error having to deal with the browsing on the network.

    This is what I would have for my browsing options
    Code:
    wins support = yes
    local master = yes
    preferred master = yes
    os level = 255
    Good luck.
    You dont need a pocket protector or thick glasses to be a geek.

  5. #5
    Just Joined!
    Join Date
    May 2005
    Posts
    11
    Others seem to be having the same issue:
    http://forums.fedoraforum.org/archiv...p/t-28371.html

    But, looking at your smb.conf the os level is low. I think I saw that XP is higher than 33. So, the XP machines may be forcing a browser election and loosing connectivity becuase of it. Do the event logs show something like this:

    Source: MRxSmb
    Category: None
    Event ID: 8003

    If so, that probably the problem.

    Shane

  6. #6
    Linux Newbie
    Join Date
    Apr 2005
    Posts
    113
    Windows NT/2000 server, running as PDC = 32
    Windows NT/2k/XP, if not PDC = 16
    Windows 9x/ME = 1
    Windows for Workgroups = 1

    That's from the O'Reaily book. Wouldnt hurt to have it high though.
    You dont need a pocket protector or thick glasses to be a geek.

  7. #7
    Just Joined!
    Join Date
    May 2005
    Posts
    11
    LBmtb,


    Your certainly are right. After posting this I looked it up and thats what it says, but that is M$.

    I had a problem on a Win2k domain with a Workstation dropping network connectivity weekly because of this.

    If memory severs me correct I etiher set something in the Registry, or used TweakUI to config it. I'll have a look at my notes for that client and see if I can find it.

    This might help out friend since all 3 machines were ghosted from the same image.

    shane

  8. #8
    Just Joined!
    Join Date
    Jun 2004
    Posts
    78
    I had this EXACT same problem. Fixed it by restoring the DNS on the Linux DNS server (those IPV6 and loopback tables should be left alone in your conf file). I also had to edit a laptop's HOSTS file and add the Linux DNS server's IP>host because it had multiple roaming profiles on it.

  9. #9
    Linux Newbie
    Join Date
    Apr 2005
    Posts
    113
    Registry? One of the last paragraphs in the section for configuring Windows XP for the domain speaks of a registry change.

    Says. . .
    " . . . When the system comes up again, the machine will automatically present you with a Log On to Windows dialog box similar to the one shown in Figure 4-11" (it's the logon box with an area for username, password, log on to
    "If you get a dialog box at this point that tells you the domain controller cannot be found, the solution is to change a registry setting as follows."

    I'll post it here anyways, maybe this is his solution.

    1) key: HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > NetLogon
    2) then click the parameters folder
    3) double-click "reguiresignorseal"
    4) dialog box opens . . . in Value data: text area, change "1" to "0" and click OK.
    5) close registry and restart

    As always editing the registry should be a last resort. But if nothing else works it's worth a try.
    You dont need a pocket protector or thick glasses to be a geek.

  10. #10
    Just Joined!
    Join Date
    May 2005
    Posts
    3
    hi guys
    thanks for all the replies , to answer a few questions...

    i changed the os level to 67, my mistake, all my red hat 8 servers are set to 67 and have no probs.

    yes we change the names of the computers before joining the domain - although i did find a couple of duplicate "build" computers.

    the problem hasnt occured at my other fc3 site so i think maybe it's the computer name problem.

    i have an engineer on site tomorrow checking all the computer names and i will update the list if we find anything.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •