Dear all,
___Setup: - several wINDOWS 2000 workstations on SP4 (reg-patches applied, they worked on 2.x-stable) - Samba PDC (CVS 3.0.0rc2) (machine accounts added aswell as users in unix & samba) - OpenLDAP (2.1.12) <-- (Not really relevant since I tried without ldap too, so no info about that from this point) - Linux <HOSTNAME> 2.4.19 #1 Fri Jun 13 15:22:09 UTC 2003 i686 unknown (debian) (- also tried Samba PDC (2.x.stable)) _________ ___My Problem: Since attempting to upgrade to Samba 3.0 clients are unable to logon to my samba-domain. ______________ ___Scenario: at server side(linux samba PDC): - 'testparm' command succeeds. - Samba PDC started with all systems up and running (smbd/nmbd/winbindd) - Tests through 'net join' command succeeds. - Test through 'smbclient -L <my samba PDC>' succeeds aswell. *- Test through 'smbclient -L <a windows 200 machine>' FAILS<partial>! Result: <snip> Sharename Type Comment --------- ---- ------- E$ Disk Default share IPC$ IPC Remote IPC ADMIN$ Disk Remote Admin C$ Disk Default share session request to <w2kmachine> failed (Called name not present) session request to *SMBSERVER failed (Called name not present) NetBIOS over TCP disabled -- no workgroup available </snip> *quite strange error since it returns the shares?! ---> going on anyway ---> at client side(w2k): - login on client with local administrator-account. - browsing network IFS results in seeing only the windows-2000 machines in the network and NOT the samba PDC. - if I attempt to connect to '\\<my samba pdc>' I do get a request for my login and password. Login works and I can browse shares. - I use 'net use * /d /yes' to be able to join the domain with a clean-sheet. - if I attempt to join the domain IFS I get the following error: <snip> The following error ocurred validating the name "IFS". This condition may be caused by a DNS lookup problem. For information about troubleshooting common DNS lookup problems, please see the following Microsoft web site: http://go.microsoft.com/fwlink/?LinkId=5171 The specified domain either does not exist or could not be contacted. [ OK ] </snip> went to the link and followed instruction in how far possible with Samba and saw something about the _ldap._tcp.dc_msdcs record. added that (_tcp._ldap.dc._msdcs.ifs. SRV 0 0 0 .) to my config, but still no succes (thought that wouldn't do much anyway, since the link says it's only to reduce unneccessary traffic). Samba show's _only changes in nmbd-logfile_: <snip> [2003/08/25 14:30:00, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet 10.21.32.1: found. [2003/08/25 14:30:00, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet UNICAST_SUBNET: found. [2003/08/25 14:30:00, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet UNICAST_SUBNET: found. [2003/08/25 14:30:05, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet 10.21.32.1: found. [2003/08/25 14:30:05, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(284) dump_workgroups() dump workgroup on subnet 10.21.32.1: netmask= 255.255.255.0: IFS(1) current master browser = <sambaserver> <sambaserver> 400c992b (Samba CVS 3.0.0rc2) [2003/08/25 14:30:05, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(284) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.21.32.1: IFS(1) current master browser = UNKNOWN <sambaserver> 4009992b (Samba CVS 3.0.0rc2) [2003/08/25 14:30:05, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet UNICAST_SUBNET: found. [2003/08/25 14:30:05, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet UNICAST_SUBNET: found. [2003/08/25 14:30:10, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet 10.21.32.1: found. [2003/08/25 14:30:10, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(284) dump_workgroups() dump workgroup on subnet 10.21.32.1: netmask= 255.255.255.0: IFS(1) current master browser = <sambaserver> <sambaserver> 400c992b (Samba CVS 3.0.0rc2) [2003/08/25 14:30:10, 4] nmbd/nmbd_workgroupdb.c:dump_workgroups(284) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.21.32.1: IFS(1) current master browser = UNKNOWN <sambaserver> 4009992b (Samba CVS 3.0.0rc2) [2003/08/25 14:30:10, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet UNICAST_SUBNET: found. [2003/08/25 14:30:10, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(156) find_workgroup_on_subnet: workgroup search for IFS on subnet UNICAST_SUBNET: found. </snip> and in tcpdump: <snip> 14:27:21.179535 <w2kmachine>.ifs.1700 > <sambaserver>.ifs.domain: 25834+ SRV ? _ldap._tcp.dc._msdcs.ifs. (42) 14:27:21.179702 <sambaserver>.ifs.domain > <w2kmachine>.ifs.1700: 25834 NXDomain* 0/1/0 (105) (DF) 14:27:21.180559 <w2kmachine>.ifs.netbios-dgm > <sambaserver>.ifs.netbios-dgm: >>> NBT UDP PACKET(138) Res=0x110E ID=0x81A9 IP=10 (0xa).21 (0x15).32 (0x20).238 (0xee) Port=138 (0x8a) Length=229 (0xe5) Res2= 0x0 SourceName=<w2kmachine> NameType=0x00 (Workstation) DestName=IFS NameType=0x1C (Unknown) SMB PACKET: SMBtrans (REQUEST) 14:27:26.180442 <w2kmachine>.ifs.netbios-dgm > <sambaserver>.ifs.netbios-dgm: >>> NBT UDP PACKET(138) Res=0x110E ID=0x81AA IP=10 (0xa).21 (0x15).32 (0x20).238 (0xee) Port=138 (0x8a) Length=229 (0xe5) Res2=0x0 SourceName=<w2kmachine> NameType=0x00 (Workstation) DestName=IFS NameType=0x1C (Unknown) SMB PACKET: SMBtrans (REQUEST) 14:27:26.181114 <sambaserver>.ifs.netbios-dgm > 10.21.32.255.netbios-dgm: >>> NBT UDP PACKET(138) Res=0x110A ID=0x7EE4 IP=10 (0xa).21 (0x15).32 (0x20).1 (0x1) Port=138 (0x8a) Length=205 (0xcd) Res2=0x0 SourceName=<sambaserver> NameType=0x00 (Workstation) DestName=IFS NameType=0x1D (Master Browser) SMB PACKET: SMBtrans (REQUEST) (DF) 14:27:27.459152 205.188.12.20.5190 > <w2kmachine>.ifs.1104: P 1912445612:1912445720(108) ack 2118659303 win 16384 (DF) 14:27:27.599945 <w2kmachine>.ifs.1104 > 205.188.12.20.5190: . ack 108 win 64767 (DF) 14:27:31.180328 <w2kmachine>.ifs.netbios-dgm > <sambaserver>.ifs.netbios-dgm: >>> NBT UDP PACKET(138) Res=0x110E ID=0x81AB IP=10 (0xa).21 (0x15).32 (0x20).238 (0xee) Port=138 (0x8a) Length=229 (0xe5) Res2=0x0 SourceName=<w2kmachine> NameType=0x00 (Workstation) DestName=IFS NameType=0x1C (Unknown) SMB PACKET: SMBtrans (REQUEST) </snip> - Now for the suprise... - I was at home and still wanting to try to get this up and running last weekend, so I logged on into our VPN from a Windows 2000 (Service Pack 2!!) machine and attempted to logon to our domain. And suprise... it worked. So i try it again now (monday), at my work, and I get the "The specified domain either does not exist or could not be contacted."-error again. ____________ ___Conclusion: - somewhere from Service Pack 3 (I believe but not sure since I upgraded directly from 2 to 4) and on, Windows starts looking for an Active Directory when login on to a domain. I don't know what it does afterwards, but it won't talk to my Samba PDC. I've been looking around for the past few days and I could not find ANYTHING with a solution. ______________ __My configuration file: - smb.conf <snip> # Global parameters [global] dos charset = ISO8859-15 unix charset = CP850 display charset = CP850 workgroup = IFS netbios name = FILESERVER interfaces = lo, 127.0.0.0/255.0.0.0, eth0, 10.21.32.0/255.255.255.0 bind interfaces only = Yes auth methods = sam server schannel = Yes password server = 10.21.32.1 passdb backend = ldapsam:ldap://10.21.32.1 unix password sync = No client lanman auth = No client plaintext auth = No log level = 4 syslog = 10 log file = /var/log/samba/%m name resolve order = bcast wins hosts time server = Yes keepalive = 255 socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No printcap name = cups logon drive = z: logon home = \\%L\%U domain logons = Yes os level = 64 preferred master = Yes domain master = Yes wins support = Yes ldap suffix = o=ifs,c=nl ldap machine suffix = sambaDomainName=IFS,ou=Server Services,o=ifs,c=nl ldap user suffix = ou=People,o=ifs,c=nl ldap group suffix = ou=People Groups,o=ifs,c=nl ldap idmap suffix = o=ifs,c=nl ldap admin dn = cn=root,o=ifs,c=nl remote announce = 10.21.32.255/IFS idmap uid = 10000-20000 idmap gid = 10000-20000 admin users = adminisrtator [homes] comment = Home Directory read only = No browseable = No [netlogon] comment = Network Logon Service path = /home/services/samba/netlogon guest ok = Yes share modes = No [Profiles] path = /home/services/samba/profiles guest ok = Yes browseable = No [data] comment = IFS's shared files path = /home/ifs/data read only = No force create mode = 0771 force directory mode = 0775 </snip> _________________________ I also tried to install the older version again (samba 2.x.stable (standard debian-package) without LDAP and with smbpasswd file), but no luck... I am completely out of ideas and believe I tried everything possible.... Hope someone can explain me this mystical behaviour all of a sudden... Kind Regards, Bjorn Padding IFS Audio Visuals -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba