Hi, what os does the client have? W98?
in the system-controll folder there should be a icon (in german called Verwaltung) whre the local policies , the settings for odbc ...and mor are... there should be also an icon called eventmanager / display... maybe there is a log entry? Did you see some errrors on the samba side (instead of the connection reset by peer) if you try a higher debug-/log-level? the other way is, that you back-up the users home-directory, and his roaming-profile and completely remove him and (from windows / ldap / samba ...) and readd him as a new user with a empty home and profile-directory... and then just put the saved-files (from the profile / homedirectory in the new created profile / home-directory in. it could be that there are some settings in the profile are wrong. -----Ursprungliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 28. Juli 2004 08:23 An: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Betreff: Re: AW: AW: AW: [Samba] Samba - LDAP - User cannot loginfrom 1 workstation Yes, I have checked the LDAP entry; I even recreated it; I tried the user/pwd on 3 other machines : 2000 Prof. Wks; 2000 Server and XP Prof. The local permissions on the machine are OK; I can add the domain user to the local admin. group, so that should be ok. I agree that it is not a server-side issue; but where on the client can I start searching for errors ? Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be "Arno Seidel" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 27/07/2004 17:56 Please respond to [EMAIL PROTECTED] To <[EMAIL PROTECTED]> cc Subject AW: AW: AW: [Samba] Samba - LDAP - User cannot loginfrom 1 workstation Hi, did you check the ldap-entry for that user?? maybe there is a mistake... are the other workstations you tried w2k too? are the "local" permissions on the workstation for that user correct??? maybe there is a local-policy... maybe there is a user-workstation entry in the ldapaccount... i don?t think that it has something to do with the configuration of the samba /ldap servers, because other pc?s on the same segment have no problems. > -----Ursprungliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Auftrag von > [EMAIL PROTECTED] > Gesendet: Dienstag, 27. Juli 2004 16:51 > An: Umberto Zanatta > Cc: [EMAIL PROTECTED] > Betreff: Re: AW: AW: [Samba] Samba - LDAP - User cannot loginfrom 1 > workstation > > > Yes, but I hadn't included that in my previous post; I tried to trim the > message > > winbind uid = 100-20000 > winbind gid = 100-20000 > winbind separator = + > winbind use default domain = Yes > > I am not using password server, because i want Samba to think it's on the > same server; however the LDAP on that server is a slave, so updates are > sent to our master LDAP server. (and back to the slave via the replicator > off course) > > I can use the shares via smbclient on the server; I really don't think > there is an error on the server; since everything works when changing all > other conditions (switch pc or another user on that pc); it's just that > one user when working on that one machine. > > > Bert De Ridder > > > > > > Umberto Zanatta <[EMAIL PROTECTED]> > Sent by: [EMAIL PROTECTED] > 27/07/2004 15:28 > > To > [EMAIL PROTECTED] > cc > [EMAIL PROTECTED] > Subject > Re: AW: AW: [Samba] Samba - LDAP - User cannot login from 1 > workstation > > > > > > > Have you tried configuring winbind? Of course, it's very important on > Samba PDC+BDC+File Server. > > Perhaps, you've forgotten 'password server': it hasn't to be the ip of > bdc, but the ip of pdc > and 'security = domain'; > > You should as well (for name resolver) add bcast to 'name resolve > order'. > > > Il mar, 2004-07-27 alle 15:15, [EMAIL PROTECTED] ha scritto: > > > Ok, so the getpeername was a coincidence; I haven't seen it more than > > once, that's true. > > > > smb.conf: > > [global] > > domain master = No > > domain logons = Yes > > map to guest = never > > netbios name = FATTY > > workgroup = PEOPLEWARE > > server string = Linux BDC > > encrypt passwords = Yes > > log level = 2 > > name resolve order = lmhosts wins > > time server = Yes > > socket options = SO_SNDBUF=8192 SO_RCVBUF=8192 > > guest account = nobody > > logon script = login.bat > > logon path = > > logon drive = H: > > os level = 99 > > preferred master = No > > wins support = Yes > > wins server = 192.168.0.22 > > remote browse sync = 192.168.0.22 > > remote announce = 192.168.3.255/PEOPLEWARE > > printing = cups > > local master = yes > > load printers = yes > > printcap name = cups > > passwd program =/usr/local/sbin/smbldap-passwd %u > > passwd chat = *new*password* %n\n *new*password:* %n\ > > *successfully* > > add machine script = /usr/local/sbin/smbldap-useradd -w u% > > add user script = /usr/local/sbin/smbldap-useradd -a %u > > delete user script = /usr/local/sbin/smbldap-userdel %u > > add group script = /usr/local/sbin/smbldap-groupadd %g > > delete group script = /usr/local/sbin/smbldap-groupdel %g > > add user to group script = /usr/local/sbin/smbldap-groupmod -m > > %u %g > > delete user from group script = > > /usr/local/sbin/smbldap-groupmod -x %u %g > > set primary group script = /usr/local/sbin/smbldap-usermod -G > > %g %u > > passdb backend = ldapsam:ldap://127.0.0.1 > > ldap suffix = dc=peopleware,dc=be > > ldap admin dn = cn=Manager,dc=peopleware,dc=be > > ldap user suffix = ou=Users > > ldap group suffix = ou=Groups > > ldap machine suffix = ou=Computers > > ldap idmap suffix = ou=Users > > ldap passwd sync = Yes > > ldap ssl = off > > > > [netlogon] > > path = /var/lib/samba/netlogon > > read only = No > > create mask = 0600 > > directory mask = 0700 > > browseable = No > > [homes] > > comment = Home directories > > path = /home/%U > > read only = No > > create mask = 0640 > > directory mask = 0750 > > browseable = Yes > > [cvs] > > path = /local/cvs > > read only = No > > create mask = 0777 > > force group = users > > public = yes > > guest ok = yes > > > > Bert De Ridder > > > > > > > > Umberto Zanatta > > <[EMAIL PROTECTED]> > > Sent by: > > [EMAIL PROTECTED] > > > > 27/07/2004 14:57 > > To > > [EMAIL PROTECTED] > > cc > > [EMAIL PROTECTED] > > Subject > > Re: AW: AW: > > [Samba] Samba - > > LDAP - User > > cannot login from > > 1 > > workstation > > > > > > > > > > No, isn't; but, there's some problems in resolvconf/hosts/dns. > > > > """ > > getpeername failed > > """ > > > > Meanwihile, should you post the smb.conf related to? > > > > Il mar, 2004-07-27 alle 14:46, [EMAIL PROTECTED] ha > > scritto: > > > > > That's true... > > > > > > The message is : > > > > > > <sharename> is not accessible > > > Network access is denied > > > <OK> > > > > > > Even if I navigate to the share CVS (which works during login - see > > my > > > original mail) I get that message. > > > > > > I don't know whether it's related, but I now notice other messages > > in the > > > log : > > > > > > [2004/07/26 14:24:32, 1] smbd/service.c:make_connection_snum(619) > > > allier (192.168.3.196) connect to service cvs initially as user > > mschijva > > > (uid=1015, gid=100) (pid 24964) > > > [2004/07/26 14:24:48, 0] lib/util_sock.c:get_peer_addr(978) > > > getpeername failed. Error was Transport endpoint is not connected > > > [2004/07/26 14:24:48, 0] lib/util_sock.c:read_socket_data(367) > > > read_socket_data: recv failure for 4. Error = Connection reset by > > peer > > > > > > > > > Do you think it's related? > > > > > > > > > > > > Bert > > > > > > > > > > > > > > > "Arno Seidel" <[EMAIL PROTECTED]> > > > Sent by: [EMAIL PROTECTED] > > > 27/07/2004 13:15 > > > Please respond to > > > [EMAIL PROTECTED] > > > > > > > > > To > > > "Samba" <[EMAIL PROTECTED]> > > > cc > > > > > > Subject > > > AW: AW: [Samba] Samba - LDAP - User cannot login from 1 workstation > > > > > > > > > > > > > > > > > > > > > Hi, > > > > > > hm i don?t think that it has something to do with the > > trus-relationship if > > > it where so than every user on that pc would get a permision denied. > > > what does the error message exactly says? > > > example: > > > Access denied, the network path was not found... > > > > > > > > > -----Ursprungliche Nachricht----- > > > Von: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > > Gesendet: Dienstag, 27. Juli 2004 12:57 > > > An: [EMAIL PROTECTED] > > > Betreff: Re: AW: [Samba] Samba - LDAP - User cannot login from 1 > > > workstation > > > > > > > > > > > > I have checked the user's permissions; I am convinced that it is > > not a > > > server setting since the error 'Access denied' (on the client - > > Win2K) > > > does > > > not happen when the user logs on to another workstation. > > > I think it has something to do with the trust relationship; but I > > > haven't > > > got a clue where to start looking for it. > > > > > > What loglevel would you suggest ? > > > > > > > > > Bert > > > > > > > > > > > > > > > > > > "Arno Seidel" <[EMAIL PROTECTED]> > > > Sent by: > > > [EMAIL PROTECTED] > > > 27/07/2004 12:30 Please respond to > > > [EMAIL PROTECTED] > > > > > > > > > To <[EMAIL PROTECTED]> > > > cc > > > Subject AW: [Samba] Samba - LDAP - User cannot login > > from 1 > > > workstation > > > > > > > > > > > > > > > > > > > > > > > > Hi, > > > > > > did you checked the users permissions?? > > > group-entrys... share/directory permissions > > > which account flags does the user have. > > > did you rise the loglevel to get some more informations? > > > what error message do you receive on the windows-pc? > > > > > > this is no a solution... but may bring you on the right way > > > > > > > -----Ursprungliche Nachricht----- > > > > Von: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] > > Auftrag > > > von > > > > [EMAIL PROTECTED] > > > > Gesendet: Dienstag, 27. Juli 2004 12:16 > > > > An: [EMAIL PROTECTED] > > > > Betreff: [Samba] Samba - LDAP - User cannot login from 1 > > workstation > > > > > > > > > > > > Hello, everyone, > > > > > > > > This is the situation : > > > > > > > > We have 2 sites; one domain; 2 samba's on every site; one is > > PDC, the > > > > other is BDC. > > > > They both use LDAP; the LDAP has a master on the site where the > > PDC > > > is; > > > > the slave LDAP is on the site where the BDC is. > > > > > > > > There is a user (ONE to be precise) that gives problems when > > working > > > on > > > a > > > > specific machine. > > > > > > > > When the user logs in using his machine; he can't access shares > > on > > > either > > > > of the servers. When he logs in on any other machine, there is > > no > > > problem > > > > whatsoever. When anybody else logs in using this user's machine, > > there > > > is > > > > no problem either. > > > > It's only when the user logs in on that specific machine. > > > > The login is fine; I can see the user in the logs: > > > > > > > > allier (192.168.3.196) connect to service netlogon initially > > as user > > > > mschijva (uid=1015, gid=100) (pid 25065) > > > > [2004/07/26 14:34:29, 1] > > smbd/service.c:make_connection_snum(619) > > > > allier (192.168.3.196) connect to service cvs initially as > > user > > > > mschijva > > > > (uid=1015, gid=100) (pid 25065) > > > > > > > > >From that point on, the shares can no longer be accessed. > > > > > > > > The machine HAS been used in the past in a domain with the same > > name, > > > but > > > > with a different ID. > > > > The user receives the 'old' sambasid from the server to avoid > > local > > > > profile loss (deleting the user's local profile is NOT an option > > BTW). > > > > > > > > Where can I start looking for this ? > > > > Any ideas anyone ? > > > > > > > > Thanks in advance > > > > > > > > Bert De Ridder > > > > > > > > > > > > > > > > -- > > > > To unsubscribe from this list go to the following URL and read > > the > > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > _______________________ > > Umberto Zanatta > > linuxDidattica > > > > tel: +39 (335) 54 71 385 > > email: [EMAIL PROTECTED] > > web: http://linuxdidattica.org > > _______________________ > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > _______________________ > Umberto Zanatta > linuxDidattica > > tel: +39 (335) 54 71 385 > email: [EMAIL PROTECTED] > web: http://linuxdidattica.org > _______________________ > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba