Find the answer to your Linux question:
Results 1 to 5 of 5
We have set up Samba and I have included the smb.conf below. When we try to log in we are immediately rejected with this message: "Windows cannot connect to the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2006
    Posts
    24

    Samba - Can't log into domain


    We have set up Samba and I have included the smb.conf below.

    When we try to log in we are immediately rejected with this message:

    "Windows cannot connect to the domain, either because the domain controller is down or otherwise available, or because your computer account was not found, etc."

    Below is the information about the machine account:
    ----------------
    [root@tatiana ~]# finger sal$
    Login: sal$ Name: (null)
    Directory: /dev/null Shell: /bin/false
    Never logged in.
    No mail.
    No Plan.
    [root@tatiana ~]#
    -------------------

    Below is the info about the user name:
    -------------
    [root@tatiana ~]# finger jallen
    Login: jallen Name: (null)
    Directory: /home/jallen Shell: /bin/bash
    Never logged in.
    No mail.
    No Plan.
    [root@tatiana ~]#
    ---------------

    As far as I can tell, they have both been added to samba correctly.

    Below are the results of a testparm:
    -------------------------

    [root@tatiana ~]# testparm
    Load smb config files from /etc/samba/smb.conf
    Processing section "[netlogon]"
    Processing section "[homes]"
    Processing section "[profiles]"
    Processing section "[test]"
    Loaded services file OK.
    Server role: ROLE_DOMAIN_PDC
    Press enter to see a dump of your service definitions

    # Global parameters
    [global]
    workgroup = MSBMEDIA
    logon path = \\%n\profiles\%u
    logon home = \\%n\%ulogon drive = H:
    domain logons = Yes
    os level = 65
    preferred master = Yes
    domain master = Yes

    [netlogon]
    path = /home/netlogon
    guest ok = Yes
    share modes = No

    [homes]
    read only = No
    browseable = No

    [profiles]
    path = /home/samba/profiles
    read only = No
    create mask = 0600
    directory mask = 0700
    browseable = No

    [test]
    comment = test share
    path = /test
    write list = jallen
    [root@tatiana ~]#

    -----------------------------------



    Below is my Samba config file:

    ---------------------------

    # /etc/samba/smb.conf
    # samba configuration file
    # last updated: 11/21/2006 by jda

    [global]

    ;basic server settings
    workgroup = MSBMEDIA
    netbios name = tatiana
    encrypt passwords = yes
    ;server string = Samba PDC running %v
    ;socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
    security = user

    ;PDC and master browser settings
    os level = 65
    preferred master = yes
    local master = yes
    domain master = yes
    domain logons = yes

    ;security and logging settings
    ;log file = /var/log/samba/log.%m
    ;log level = 2
    ;max log size = 50

    ;user profiles and home directory
    logon home = \\%n\%u\
    logon drive = H:
    logon path = \\%n\profiles\%u
    ;logon script = netlogon.bat

    # ==== shares ====

    [netlogon]
    ;comment = Network Logon Service
    path = /home/netlogon
    guest ok = yes
    writeable = no
    ;read only = yes
    ;browseable = no
    ;write list = jallen
    share modes = no

    [homes]
    ;comment = Home Directories
    read only = no
    browseable = no
    ;writeable = yes

    [profiles]
    path = /home/samba/profiles
    writeable = yes
    browseable = no
    create mask = 0600
    directory mask = 0700

    [test]
    comment = test share
    path = /test
    read only = yes
    browseable = yes
    write list = jallen

    ------------------------------------

  2. #2
    Just Joined!
    Join Date
    Nov 2006
    Posts
    16
    Hi

    In windows XP you need to perform this ---

    Use
    Window's Group Policy Editor (gpedit.msc) to make the following
    changes in the Local Computer Policy\ Computer Configuration\
    Windows Settings\ Security Settings\ Local Policies\ Security
    Options branch: Domain member: Digitally encrypt or sign secure
    channel data (DISABLE) andDomain member: Digitally sign secure
    channel data when possible (DISABLE)

    Once done try logging in. Shld do the trick

    Regards
    ashok

  3. #3
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,929
    Before you go setting group policies (and you'll still need to do that, btw) make sure that your windows users are registered in the domain and have samba passwords allocated.

    Do this by making sure each domain user has a linux account, then add their samba account and set their password using 'smbpasswd -a <user>'. For computers in the domain, I believe you have to add a linux dummy user for the machine, with the username set to the netbios name of the machine with a '$' appended.
    Linux user #126863 - see http://linuxcounter.net/

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Oct 2003
    Location
    USA
    Posts
    5
    http://samba.netfirms.com/index.htm is an awesome place for getting a simple domain setup without ldap or anything just using the linux users and smbpasswd

    ~mdevilz

  6. #5
    Just Joined!
    Join Date
    Apr 2006
    Posts
    24

    Fixed

    Thanks. It was a dumb mistake. Fixed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •