Win7 client, Samba PDC
in [Samba]
|
From: Evan Ingram on 6 May 2010 11:20 On Thu, 2010-05-06 at 08:59 -0600, Steve Wolfe wrote: > > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon > \Parameters] > âRequireSignOrSealâ=dword:00000000 > âRequireStrongKeyâ=dword:00000000 on my win2008 server joined to samba domain these are ...01 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Bastien Semene on 6 May 2010 11:20 The samba wiki tolds to only modify DomainCompatibilityMode and DNSNameResolutionRequired keys : http://wiki.samba.org/index.php/Windows7 Le 06/05/2010 16:59, Steve Wolfe a écrit : > I'm trying to set up Samba as a PDC for some Win7 clients, and could use > some help. I can successfully join the domain, with the message "Changing > the primary domain DNS name of this computer to "" failed.", but I am still > told that it was successful. > > However, when I try to log in, I am told "The trust relationship between > this workstation and the primary domain failed". Looking in > /var/log/samba/pi-69.log, I see: > > [2010/05/06 08:45:45, 0] > rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) > _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting > auth request from client PI-69 machine account PI-69$ > [2010/05/06 08:45:45, 0] > rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) > _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting > auth request from client PI-69 machine account PI-69$ > > Trying: > > smbpasswd -x pi-69$ > userdel -r pi-69$ > useradd pi-69$ > smbpasswd -a -m pi-69$ > > does no good. > > Client has : > > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] > RequireSignOrSeal=dword:00000000 > RequireStrongKey=dword:00000000 > > and > > [HKLM\System\CCS\Services\LanmanWorkstation\Parameters] > DWORD DomainCompatibilityMode = 1 > DWORD DNSNameResolutionRequired = 0 > > Config/specs: > > Samba version 3.4.7-58.fc12 > Widows 7 64-bit professional clients > > smb.conf: > [global] > netbios name = PinnacleFS > workgroup = PinnacleDom > logon drive= P: > logon home = \\PinnacleFS\%u > locking = yes > server string = PDC > hosts allow=10.0.0.0/255.255.255.0 > load printers = no > log file = /var/log/samba/%m.log > security=user > encrypt passwords=yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > local master = yes > os level = 128 > domain master = yes > prefered master = yes > domain logons = yes > logon script = login.bat > dns proxy = no > > idmap uid = 16777216-33554431 > idmap gid = 16777216-33554431 > template shell = /bin/false > winbind use default domain = no > > [homes] > comment = Home Directories > browseable = no > writable = yes > create mode = 0700 > directory mode = 0700 > > # Un-comment the following and create the netlogon directory for Domain > Logons > [netlogon] > comment = Network Logon Service > path = /home/netlogon > guest ok = yes > writable = no > share modes = no > [Profiles] > browseable = no > guest ok = yes > create mode = 0700 > directory mode = 0700 > default case = lower > case sensitive = no > > [Apps] > path=/home/apps > force user=apps > force group=apps > -- Bastien Semene Administrateur Réseau& Système Cyanide Studio - FRANCE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Bastien Semene on 6 May 2010 11:20 Le 06/05/2010 17:13, Bastien Semene a écrit : > The samba wiki tolds to only modify DomainCompatibilityMode and > DNSNameResolutionRequired keys : http://wiki.samba.org/index.php/Windows7 > > Le 06/05/2010 16:59, Steve Wolfe a écrit : >> I'm trying to set up Samba as a PDC for some Win7 clients, and could use >> some help. I can successfully join the domain, with the message >> "Changing >> the primary domain DNS name of this computer to "" failed.", but I am >> still >> told that it was successful. >> >> However, when I try to log in, I am told "The trust relationship >> between >> this workstation and the primary domain failed". Looking in >> /var/log/samba/pi-69.log, I see: >> >> [2010/05/06 08:45:45, 0] >> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) >> _netr_ServerAuthenticate3: netlogon_creds_server_check failed. >> Rejecting >> auth request from client PI-69 machine account PI-69$ >> [2010/05/06 08:45:45, 0] >> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) >> _netr_ServerAuthenticate3: netlogon_creds_server_check failed. >> Rejecting >> auth request from client PI-69 machine account PI-69$ >> >> Trying: >> >> smbpasswd -x pi-69$ >> userdel -r pi-69$ >> useradd pi-69$ >> smbpasswd -a -m pi-69$ >> >> does no good. >> >> Client has : >> >> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] >> >> RequireSignOrSeal=dword:00000000 >> RequireStrongKey=dword:00000000 >> >> and >> >> [HKLM\System\CCS\Services\LanmanWorkstation\Parameters] >> DWORD DomainCompatibilityMode = 1 >> DWORD DNSNameResolutionRequired = 0 >> >> Config/specs: >> >> Samba version 3.4.7-58.fc12 >> Widows 7 64-bit professional clients >> >> smb.conf: >> [global] >> netbios name = PinnacleFS >> workgroup = PinnacleDom >> logon drive= P: >> logon home = \\PinnacleFS\%u >> locking = yes >> server string = PDC >> hosts allow=10.0.0.0/255.255.255.0 >> load printers = no >> log file = /var/log/samba/%m.log >> security=user >> encrypt passwords=yes >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >> local master = yes >> os level = 128 >> domain master = yes >> prefered master = yes >> domain logons = yes >> logon script = login.bat >> dns proxy = no >> >> idmap uid = 16777216-33554431 >> idmap gid = 16777216-33554431 >> template shell = /bin/false >> winbind use default domain = no >> >> [homes] >> comment = Home Directories >> browseable = no >> writable = yes >> create mode = 0700 >> directory mode = 0700 >> >> # Un-comment the following and create the netlogon directory for Domain >> Logons >> [netlogon] >> comment = Network Logon Service >> path = /home/netlogon >> guest ok = yes >> writable = no >> share modes = no >> [Profiles] >> browseable = no >> guest ok = yes >> create mode = 0700 >> directory mode = 0700 >> default case = lower >> case sensitive = no >> >> [Apps] >> path=/home/apps >> force user=apps >> force group=apps > -- Bastien Semene Administrateur Réseau& Système Cyanide Studio - FRANCE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Steve Wolfe on 6 May 2010 12:00 Doh! Thank you. Setting those back fixed the problem. On Thu, May 6, 2010 at 9:10 AM, Evan Ingram <evan.ingram(a)cariss.co.uk>wrote: > On Thu, 2010-05-06 at 08:59 -0600, Steve Wolfe wrote: > > > > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon > > \Parameters] > > RequireSignOrSeal=dword:00000000 > > RequireStrongKey=dword:00000000 > > on my win2008 server joined to samba domain these are ...01 > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
|
Pages: 1 Prev: [Samba] sync Samba4 with Samba3 users? Next: [Samba] non-windows behavior of samba |