Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    linux w/samba pdc & xp clients; users problem

    I'm having a problem connecting my Windows client to my Samba PDC. I currently have several Windows XP pro machines connected as a workgroup (so users logon locally, no AD) and i'm setting up a Samba PDC to have them connect as a domain. I've looked around on the net and I'm pretty sure I've set up smb.conf as it should be (no problems with testparm). Anyway I'm at a stage where I'm trying to connect an XP machine to the domain but when it prompts me for a username/password with permission to join the domain, it comes up with 'user not found', even though the users that i'm trying do exist on Samba and ubuntu. Also, I created a samba group called Admin with these users in and included the line 'admin users = @Admin' in smb.conf so the users i'm trying should definitely have access.
    Any ideas?
    Is it something to do with windows local user accounts?
    Is it something to do with winbind?
    does the xp machine i'm trying on need to be added manually to samba?

    thanks in advance

  2. #2
    I've come across very similar problems when working with the setup I administrate. XP can have difficulty being added to a domain, and I've found that doing the following help. Here is what I would check (in some semblance of an order)

    1.) Did you create a machine account for the computer you are adding to the domain? If not, you must do the following:

    Adding a Machine to Samba:
    To add machine to smbpasswd,
    find smbpasswd, default in /usr/local/samba/bin/ and run:
    # smbpasswd -a -m machinename

    To add a machine to /etc/passwd,
    find useradd, default in /usr/sbin/ and run:

    # useradd -g groupname -d /dev/null -c "comment about machine" -s /bin/false machinename$

    *on some systems (I'm not positive which distros use these and which don't), you may need to add the -m flag and /bin/false may be capital: /bin/False Also, you NEED the $ after machinename

    2.) I know it seems strange, but I've run into several instances where the ONLY way to connect to the domain is to feed the "Give a user who has permissions to add this machine to the domain" prompt

    Server\root and the linux root password.

    3.) If you want roaming profiles, there are a bunch of registry changes which need to be made on the XP machine.

    Roaming User Profiles:
    In order for network-wide user profiles and logins to work on this local machine (especially for XP), you must first perform two steps:
    1. Go to Start - Run and type gpedit.msc
      Expand the tree as follows:

      Computer Configuration
      -->Adminstrative Templates
      ------>User Profiles
      -------->Setting called: Do not check for user ownership of roaming profile folders - should be enabled
    2. Go to Start - Run and type secpol.msc
      Expand the tree as follows:
      Local Policies
      --->Security Options
      ----->Find each of these and disable (or set to 0) (5):
      ------->Domain Member: *
    After restarting, roaming profiles should work.

    4.) One last piece that can elude even the best admin is a strange one that I don't really understand:

    NT Machines:
    Some NT machines have another key that may need to be changed. Go to Start - Run and type regedit:
    Right click and Add new DWORD with name "requires sign or seal" value 0

    These are all from personal experience, so depending on your setup you may not need all of them for it to work. However, I have not had a situation where I needed to do more than these 4 steps (some don't require all 4).

    Good Luck!
    Last edited by sdimhoff; 01-23-2008 at 12:57 AM. Reason: Cleaned up some formatting
    Linux since: 2001
    Gentoo since: 2004
    - - - - - - - -
    I fix things until they break.

  3. #3
    thanks for the reply, i've got it sorted now. it did just mean adding the client pc to samba

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts