samba problem; member server can't authenticate
- From: Henrik Hudson <rhavenn@xxxxxxxxxxx>
- Date: Sun, 3 Sep 2006 13:46:04 -0500
Hey List-
I tried the Samba lists...but didn't get any tips there..so possibly a freebsd
issue? Dunno, anyways....
I have a Samba PDC and a Samba Member Server.
The Samba PDC works fine, but the problem is that the Member Server can't
authenticate users and let me browse file shares and i always get the error:
NT_STATUS_NO_LOGON_SERVERS
the wierd thing is that sometimes: SMBCLIENT -L ECWTEST
will work and list my shares. However, the first time I actually try to
authenticate a user to browse a share the whole shebang stops and I get the
above error. I'm using Konqueror and smb://ecwtest/sharename to connect.
I don't need to make any PAM changes to allow just file / share authentication
do I?
One thing, the member server is a new rebuild of a machine with the same name
and the PDC is a upgrade using the TDBs, etc.. from backup. I did remove the
machine account from the PDC and then re-added it using net join and that
worked fine.
I ran through the test at the back of the "offical book" and all of them work
except the actual sharing and the nmblookup -d 2 '*' on the member server
and of course the smbclient specific ones.
wbinfo -u and wbinfo -g work on the member server and i can chown files to
users only in the PDC in the samba users file. I just can't authenticate.
the only error I'm seeing is in log.wb-ECW and its:
[2006/09/03 12:54:12, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine ECWSERVER pipe \lsarpc fnum 0x70a8!
[2006/09/03 13:17:04, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine ECWSERVER pipe \NETLOGON fnum 0x7549!
[2006/09/03 13:38:05, 0] nsswitch/winbindd_dual.c:child_read_request(49)
Got invalid request length: 0
[2006/09/03 13:38:12, 1]
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR
received from remote machine ECWSERVER pipe \lsarpc fnum 0x7104!
Here is my setup:
PDC: ECWSERVER ; FreeBSD 6-stable and samba-3.0.23b,1
member: ECWTEST ; freeBSD 6-stable and samba-3.0.23b,1
Both servers are on the same network and have static IPs. i am able to ping,
etc.. using the netbios names
my /etc/nssswitch.conf is the same on both:
group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
PDC smb.conf:
# Global parameters
[global]
workgroup = ECW
netbios name = ECWSERVER
passdb backend = tdbsam:/usr/local/etc/samba/private/passwd.tdb
os level = 65
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
wins support = yes
#server string = Samba %v on %L
server string =
security = USER
encrypt passwords = yes
disable spoolss = Yes
guest ok = yes
follow symlinks = no
case sensitive = no
idmap uid = 15000-20000
idmap gid = 15000-20000
username map = /usr/local/etc/samba/smbusers
name resolve order = hosts wins bcast
time server = Yes
#printing options
#printing = cups
#printcap name = cups
#load printers = yes
#show add printer wizard = Yes
#printer admin = @ecwadmins,@wheel
#user scripts
add user script = /usr/sbin/pw useradd -n %u -g
ecwusers -s /usr/sbin/nologin -c ""
delete user script = /usr/sbin/pw userdel -n %u
add group script = /usr/sbin/pw groupadd -n %g
delete group script = /usr/sbin/pw groupdel -n %g
add user to group script = /usr/sbin/pw usermod -n %u -g %g
#add machine script = /usr/sbin/pw useradd -n %u -g
100 -s /usr/sbin/nologin -d /dev/null
#user directories
logon home = \\%N\%U\
logon drive = H:
#roaming profiles
logon path =
#############################
the member server smb.conf:
# Global parameters
[global]
workgroup = ECW
netbios name = ECWTEST
#server string = Samba %v on %L
server string =
security = domain
password server = ECWSERVER
wins server = 10.0.0.6
encrypt passwords = yes
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind use default domain = yes
guest ok = yes
follow symlinks = no
case sensitive = no
os level = 33
preferred master = no
domain master = no
#bind interfaces only = yes
#interfaces = fxp0 lo0
#hosts deny = ALL
#hosts allow = 10.0.0.0/24 127.
name resolve order = hosts wins bcast
Thanks.
henrik
--
Henrik Hudson
rhavenn@xxxxxxxxxxx
------------------------------
"There are 10 kinds of people in the world: Those who
understand binary and those who don't..."
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: samba problem; member server can't authenticate
- From: Henrik Hudson
- Re: samba problem; member server can't authenticate
- From: Atom Powers
- Re: samba problem; member server can't authenticate
- Prev by Date: Re: Having trouble getting ppp configured on my 6.1 box
- Next by Date: Re: samba problem; member server can't authenticate
- Previous by thread: man page bug in mv(1) ?
- Next by thread: Re: samba problem; member server can't authenticate
- Index(es):
Relevant Pages
|
