[Samba] windows 7 unable to join domain
in [Samba]
|
Prev: group permissions broken after upgrade 3.2.5 -> 3.4.8: deleting of files denied
Next: windows 7 unable to join domain
From: delpheye on 14 Jun 2010 21:10 Hi, I'm currently running Samba3x-3.3.8-0.51 on CentOS 5.5. I currently have many Windows XP clients associated with the domain and behaving correctly. However, I am unable to join a Windows 7 PC. I receive "The specified network name is no longer available." I've verified that DNS is configured correctly, and as stated XP machines have no problem joining. Per some googling, I've turned off both: *- Network security:Minimum session security for NTLM SSP (including RPC based) Clients* - *Network security:Minimum session security for NTLM SSP (including RPC based) Servers* and changed "*Network Security LAN Manager authentication level*" to "*Send LM & NTLM use NTLMv2 session security if negotiated*" in the Local Security Policies. These are the errors I receive at log level 5: -- from log.winbindd-idmap [2010/06/14 19:56:29, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2481) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=0)) [2010/06/14 19:56:29, 4] winbindd/winbindd_dual.c:fork_domain_child(1439) child daemon request 53 [2010/06/14 19:56:29, 3] winbindd/winbindd_idmap.c:winbindd_dual_gid2sid(508) [ 9876]: gid 99 to sid [2010/06/14 19:56:29, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2481) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=99)) -- from log.wb-DOMAIN [2010/06/14 19:57:04, 2] winbindd/winbindd.c:remove_client(744) final write to client failed: Broken pipe -- from log.smbd [2010/06/14 19:57:04, 3] smbd/process.c:smbd_process(1952) receive_message_or_smb failed: NT_STATUS_ACCESS_DENIED, exiting My smb.conf is as follows: [global] workgroup = DOMAIN.COM netbios name = domain-fs passdb backend = ldapsam:ldap://127.0.0.1 printcap name = cups printing = cups security = domain log level = 5 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 name resolve order = wins bcast hosts ldap ssl = off ldap admin dn = cn=root,dc=domain,dc=com ldap suffix = dc=domain,dc=com ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap delete dn = Yes add user script = /usr/sbin/smbldap-useradd -m "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" delete user script = /usr/sbin/smbldap-userdel "%u" delete group script = /usr/sbin/smbldap-groupdel "%g" logon path = \\domain-fs\profiles\%u logon drive = H: logon home = \\domain-fs\%U #logon script = %U.bat logon script = logon.bat domain master = Yes domain logons = Yes os level = 35 preferred master = Yes idmap uid = 10000-20000 idmap gid = 10000-20000 passwd program = /usr/bin/passwd '%u' unix password sync = yes passwd chat = "*New UNIX password*" %n\n "*Retype new UNIX password*" %n\n "*updated successfully*" enable privileges = yes username map = /etc/samba/smbusers wins support = Yes [homes] comment = Home Directories valid users = %S browseable = no writable = yes [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = Yes writable = no [profiles] comment = Network Profiles Share path = /data/profiles read only = No store dos attributes = Yes create mask = 0600 directory mask = 0700 browseable = no guest ok = no printable = no hide files = /desktop.ini/outlook*.lnk/*Briefcase*/ In LDAP, the Domain Computers GID is 515 and not 99 as suggested by the above error but I do not know why it is looking for that particular GID. Any ideas? My google-fu has become ineffective on this problem. Thanks, Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |