Find the answer to your Linux question:
Results 1 to 5 of 5
Hi all. Over the past few days I have been trying to configure samba as a primary domain controller, I have followed multiple how-tos but the result is always the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2010
    Location
    /North_America/US/NY
    Posts
    16

    Need help with a samba domain controler


    Hi all.
    Over the past few days I have been trying to configure samba as a primary domain controller, I have followed multiple how-tos but the result is always the same. When i try to join the domain from a windows 2000 computer I receive the message "The following error occurred validating the name "MYDOMAIN". The specified domain either does not exist or could not be contacted.

    smb.conf
    Code:
    [global]
    domain logons = Yes
    password level = 8
    username level = 8
    encrypt passwords = yes
    smb passwd file = /etc/samba/smbpasswd
    unix password sync = yes
    pam password change = yes
    obey pam restrictions = yes
    workgroup = mydomain
    netbios name = debian-Domain-Controller
    server string = Samba Primary Domain Controller
    socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
    os level = 64
    preferred master = yes
    local master = yes
    domain master = yes
    security = user
    encrypt passwords = yes
    log file = /var/log/samba/log.%m
    log level = 2
    # max log size = 50
    # hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0
    logon home = \\%L\%U\
    logon drive = H:
    logon path = \\%L\profiles\%U
    #logon script = netlogon.bat
    unix password sync = yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n  *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:         *all*authentica$
    add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u
    wins support = yes
    username map = /etc/samba/smbusers
    # ==== shares ====
    
    [homes]
    comment = Home Directories
    browseable = no
    writeable = yes
    
    [profiles]
    path = /home/samba/profiles
    writeable = yes
    browseable = no
    create mask = 0600
    smbclient -L localhost -U%
    Code:
    Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.5.6]
    
    	Sharename       Type      Comment
    	---------       ----      -------
    	IPC$            IPC       IPC Service (Samba Primary Domain Controller)
    Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.5.6]
    
    	Server               Comment
    	---------            -------
    	DEBIAN-DOMAIN-CO     Samba Primary Domain Controller
    	W2K-VM               
    
    	Workgroup            Master
    	---------            -------
    	MYDOMAIN             DEBIAN-DOMAIN-CONTROLLER
    	WORKGROUP            DEBIAN
    ifconfig
    Code:
    eth0      Link encap:Ethernet  HWaddr 08:00:27:e1:3c:c7  
              inet addr:192.168.0.177  Bcast:192.168.0.255  Mask:255.255.255.0
              inet6 addr: fe80::a00:27ff:fee1:3cc7/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:343239 errors:0 dropped:0 overruns:0 frame:0
              TX packets:141928 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:88627580 (84.5 MiB)  TX bytes:11763644 (11.2 MiB)
    
    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:3073 errors:0 dropped:0 overruns:0 frame:0
              TX packets:3073 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:283341 (276.7 KiB)  TX bytes:283341 (276.7 KiB)
    Screenshot attached shows ipconfig /all on the client.

    Thanks in advance.
    Steven.
    Attached Images Attached Images

  2. #2
    Just Joined!
    Join Date
    Oct 2012
    Posts
    3
    Hi Steven,

    I'm not specialist at all but I have some tricks for you.
    First clean up you smb.conf. Indeed you have two times
    Code:
    encrypt passwords = yes
    You also have
    Code:
    obey pam restrictions = yes
    which is ignored when encrypt passwords is set to yes.
    Run testparm to see if everything is ok then restart samba.
    In order to be able to join the domain you have to add the machine name. To proceed
    Code:
    smbpasswd -a -m machine_name$
    and don't forget the $ sign. If you already added a root user to your smbusers you should be able to join the domain otherwise add the root user
    Code:
    smbpasswd -a root
    and join the domain.

    Good luck,
    Tom

  3. #3
    Just Joined!
    Join Date
    Jun 2010
    Location
    /North_America/US/NY
    Posts
    16
    Good afternoon.
    I agree, I need to reorganize my smb.conf, and I will as soon as I get this working.
    I removed the second instance of
    Code:
    encrypt passwords = yes
    and commented
    Code:
    obey pam restrictions = yes
    And just for the heck of it tried joining again, with the same results.
    I forgot to say in my first post I did run [CODEsmbpasswd -a -m machine_name$][/CODE] and
    Code:
    smbpasswd -a root
    Thanks for the reply
    Steven

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Oct 2012
    Posts
    3
    Last idea I can have is modifying the following registry key on your windows client:
    Code:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters "RequireSignOrSeal"
    from 1 to 0.

    Hope it helps !

  6. #5
    Just Joined!
    Join Date
    Jun 2010
    Location
    /North_America/US/NY
    Posts
    16
    The registry key was already set to 0.
    Thanks for the help.
    Steven

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •