SAMBA NT PDC problem
David Demland
ddemland@cadtel.com
Tue, 14 Nov 2000 13:47:47 -0700
I have added the line:
password server = NTSQLSRVR ACCTSRVR_1
This points to both the primary and backup PDCs.
This is what is in the log:
[2000/11/14 13:39:22, 0] lib/util_sock.c:set_socket_options(151)
Failed to set socket option SO_KEEPALIVE (Error Bad file descriptor)
[2000/11/14 13:39:22, 0] lib/util_sock.c:set_socket_options(151)
Failed to set socket option TCP_NODELAY (Error Bad file descriptor)
[2000/11/14 13:39:22, 1] lib/util_sock.c:client_name(1007)
Gethostbyaddr failed for 192.168.1.57
[2000/11/14 13:39:24, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_NO_SUCH_USER
[2000/11/14 13:39:24, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user cjg in domain
CJG to Domain controller NTSQLSRVR. Error was NT_STATUS_NO_SUCH_USER.
[2000/11/14 13:39:24, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 13:39:24, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 13:39:24, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'cjg': authentication failed
[2000/11/14 13:39:24, 1] lib/util_sock.c:client_name(1007)
Gethostbyaddr failed for 192.168.1.57
[2000/11/14 13:39:26, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_NO_SUCH_USER
[2000/11/14 13:39:26, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user cjg in domain
CJG to Domain controller NTSQLSRVR. Error was NT_STATUS_NO_SUCH_USER.
[2000/11/14 13:39:26, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 13:39:26, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 13:39:26, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'cjg': authentication failed
Question: By this log it looks like it never goes to the backup PDC. Why is
this?
Thank You,
David Demland
Qa/Testing Manager
CADTEL Systems, Inc.
11201 N. Tatum Ste. 200
Phoenix, AZ 85028
(602) 953-4888
Fax: (602) 953-4833
ddemland@cadtel.com
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Mark
Peoples
Sent: Tuesday, November 14, 2000 1:11 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: SAMBA NT PDC problem
try changing:
password server = <FQDN of an NT DC>
marco
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of David
Demland
Sent: Tuesday, November 14, 2000 1:13 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: SAMBA NT PDC problem
Here is the output from testparm. It all looks good to me. This also shows
it is read the smb.conf I would expect.
[root@cadtel1 samba]# testparm | more
Load smb config files from /etc/smb.conf
Processing section "[sys]"
Processing section "[soft]"
Processing section "[vol2]"
Processing section "[vol3]"
Loaded services file OK.
Press enter to see a dump of your service definitions
# Global parameters
[global]
coding system =
client code page = 850
workgroup = NTSRVR
netbios name = CADTEL2
netbios aliases =
netbios scope =
server string = Samba 2.0.7
interfaces =
bind interfaces only = No
security = DOMAIN
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min password length = 5
map to guest = Never
null passwords = No
password server = *
smb passwd file = /etc/smbpasswd
root directory = /
passwd program = /bin/passwd
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
username map =
password level = 0
username level = 0
unix password sync = No
restrict anonymous = No
use rhosts = No
debug level = 2
syslog = 1
syslog only = No
log file =
max log size = 5000
debug timestamp = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
nt acl support = Yes
announce version = 4.2
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = lmhosts host wins bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max disk size = 0
max open files = 10000
read prediction = No
read size = 16384
shared mem size = 1048576
socket options = TCP_NODELAY
stat cache size = 50
load printers = Yes
printcap name = /etc/printcap
printer driver file = /etc/printers.def
strip dot = No
character set =
mangled stack = 50
stat cache = Yes
domain groups =
domain admin group =
domain guest group =
domain admin users =
domain guest users =
machine password timeout = 604800
add user script =
delete user script =
logon script =
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
domain logons = No
os level = 0
lm announce = Auto
lm interval = 60
preferred master = No
local master = No
domain master = No
browse list = Yes
dns proxy = Yes
wins proxy = No
wins server =
wins support = Yes
wins hook =
kernel oplocks = Yes
ole locking compatibility = Yes
oplock break wait time = 10
smbrun = /usr/bin/smbrun
config file =
auto services =
lock directory = /var/lock/samba
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map = auto.home
time offset = 0
unix realname = No
NIS homedir = No
source environment =
panic action =
comment =
path =
revalidate = No
username =
guest account = nobody
invalid users =
valid users =
admin users =
read list =
write list =
force user =
force group =
writeable = No
create mask = 0744
force create mode = 00
security mask = -1
force security mode = -1
directory mask = 0755
force directory mode = 00
directory security mask = -1
force directory security mode = -1
inherit permissions = No
guest only = No
guest ok = No
only user = No
hosts allow = 192.168.1.
hosts deny =
status = Yes
max connections = 0
min print space = 0
strict sync = No
sync always = No
write cache size = 0
printable = No
postscript = No
printing = bsd
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer =
printer driver = NULL
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = No
oplock contention limit = 2
strict locking = No
share modes = Yes
copy =
include =
preexec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
[sys]
comment = Old Novell Sys Drive
path = /SharedDrives/sys
writeable = Yes
guest ok = Yes
[soft]
comment = Old Novell Soft Drive
path = /SharedDrives/soft
writeable = Yes
guest ok = Yes
[vol2]
comment = Old Novell Vol2 Drive
path = /SharedDrives/vol2
writeable = Yes
guest ok = Yes
[vol3]
comment = Old Novell Vol3 Drive
path = /SharedDrives/vol3
writeable = Yes
guest ok = Yes
Thank You,
David Demland
Qa/Testing Manager
CADTEL Systems, Inc.
11201 N. Tatum Ste. 200
Phoenix, AZ 85028
(602) 953-4888
Fax: (602) 953-4833
ddemland@cadtel.com
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Mark
Peoples
Sent: Tuesday, November 14, 2000 12:39 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: SAMBA NT PDC problem
When you run testparm, does it give you any noise? Also, it says its reading
the config from the right smb.conf, right?
marco
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of David
Demland
Sent: Tuesday, November 14, 2000 12:09 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: SAMBA NT PDC problem
The security is set to domain and the Samba box is part of the NT domain.
Thank You,
David Demland
Qa/Testing Manager
CADTEL Systems, Inc.
11201 N. Tatum Ste. 200
Phoenix, AZ 85028
(602) 953-4888
Fax: (602) 953-4833
ddemland@cadtel.com
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Mark
Peoples
Sent: Tuesday, November 14, 2000 11:52 AM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: RE: SAMBA NT PDC problem
1. What is security set to? <g>
2. Did you get the samba box added into the NT domain?
marco
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of David
Demland
Sent: Tuesday, November 14, 2000 11:09 AM
To: Plug-Discuss
Subject: SAMBA NT PDC problem
I have a Samba 2.0.7 Red Hat 6.1 box. We use an WindBlose Nice Try box for
the PDC. I can not get any of the Windblose boxes to log onto the Samba
server. There seems to be a problem. The Samba log file has the following
messages:
[2000/11/14 11:01:05, 1] lib/util_sock.c:client_name(1007)
Gethostbyaddr failed for 192.168.1.57
[2000/11/14 11:01:07, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_NO_SUCH_USER
[2000/11/14 11:01:07, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user cjg in domain
CJG
to Domain controller NTSQLSRVR. Error was NT_STATUS_NO_SUCH_USER.
[2000/11/14 11:01:07, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 11:01:07, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 11:01:07, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'cjg': authentication failed
[2000/11/14 11:01:07, 1] lib/util_sock.c:client_name(1007)
Gethostbyaddr failed for 192.168.1.57
[2000/11/14 11:01:09, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_NO_SUCH_USER
[2000/11/14 11:01:09, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user cjg in domain
CJG to Domain controller NTSQLSRVR. Error was NT_STATUS_NO_SUCH_USER.
[2000/11/14 11:01:09, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 11:01:09, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'cjg' in UNIX password database.
[2000/11/14 11:01:09, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'cjg': authentication failed
By these messages it would seem that the Samba server is not talking the
PDC. Yet when I use smbclient with the same user I log on just fine. The log
has these messages:
[2000/11/14 10:53:30, 1] smbd/service.c:make_connection(550)
cadtel2 (127.0.0.1) connect to service sys as user nobody (uid=99, gid=99)
(pid 5086)
[2000/11/14 10:56:03, 1] smbd/service.c:close_cnum(583)
cadtel2 (127.0.0.1) closed connection to service sys
This would lead to the believe that the Samba server is talking to the PDC.
Any ideas on what the problem might be?
Thank You,
David Demland
Qa/Testing Manager
CADTEL Systems, Inc.
11201 N. Tatum Ste. 200
Phoenix, AZ 85028
(602) 953-4888
Fax: (602) 953-4833
ddemland@cadtel.com
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.
Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss