I'm guessing this happened:
You are using passdb backend = tdbsam.
You converted from one security mode (standalone) to another (domain controller) AFTER creating those users. The users that were created before the Samba server was configured as a domain controller exhibited the problem, and the ones created after did not. When you'd log in as a pre-domain-configuration user, you'd see the PDC listed as an empty domain in My Network Places. In addition, you probably had some strange authentication errors.
Had you done a 'pdbedit -L -v' you would have seen that some users' "logon domain" was the PDC; others had the domain SOC listed. You might have noticed that the ones listing the PDC were pre-domain users, the ones listing SOC were created post-domain configuration.
You see, this bit me once. :-) I eventually figured out what happened, but didn't know an easy way to fix it, so ended up recreating the users (and also restoring their SIDs, because I didn't want to screw up their local profiles -- wasn't using roaming profiles). Shortly thereafter, I took a course from the venerable John H. Terpstra, who pointed out that I could have simply converted my passdb temporarily from tdbsam to smbpasswd and back again, and this would have fixed it all very quickly while maintaining the SIDs. Of course, had I any policy settings in place, these would have needed to be recreated, but that would be easier than recreating SIDs.
I'm happy that you were able to fix it, yet thought you (and the rest of the Samba community) might like to hear of my experience and understanding of the problem so that it can be avoided in the future.
~Jonathan Johnson Sutinen Consulting, Inc. www.sutinen.com
Charles McLaughlin wrote:
I noticed that this didn't affect all users, so I deleted the users and added them again using smbpasswd and that fixed this problem.
Charles
Charles McLaughlin wrote:
Hello,
My Samba server acting as a PDC shows up as an empty domain on my Windows clients under "My Network Places".
My PDC is called "PDC" and my domain is called "SOC". I see PDC and SOC in "My Network Places".
Another strange problem is when I use the Windows Server Manager tool from servtools.exe, it says "Cannot find the Primary DC for PDC". Why is it looking for the PDC and not the Domain?
My settings are below in case that helps.
Thanks, Charles
---------------
# Global parameters
[global]
workgroup = SOC
passdb backend = tdbsam
passwd chat = *New*Password* %n\n*Re-enter*new*password* %n\n *Password*changed*
username map = /etc/samba/smbusers
log level = 2
log file = /var/log/samba/%m
max log size = 50
name resolve order = wins bcast hosts
time server = Yes
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'
logon path =
logon home =
domain logons = Yes
preferred master = Yes
wins support = Yes
[homes] comment = Home Directories valid users = %S read only = No browseable = No
[netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = Yes locking = No
[profiles] comment = Profile Share path = /home/samba/profiles read only = No profile acls = Yes
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
