[Samba] make_connection: connection to ipc$ denied due to security descriptor.
mpte Utilisateur du domaine MYWORKGROUP
Workstations:
Munged dial:
Logon time: 0
Logoff time: Tue, 19 Jan 2038 04:14:07 CET
Kickoff time: Tue, 19 Jan 2038 04:14:07 CET
Password last set:Thu, 25 Oct 2007 11:13:26 CEST
Password can change: 0
Password must change: Tue, 19 Jan 2038 04:14:07 CET
Last bad password : 0
Bad password count : 0
Logon hours : FF
What could it be wrong ?
Do you have an idea ?
Some post seen on Internet make me think to upgrade and this is caused
by the 3.0.24 version...
Could it be true ?
Thanks for your propositions.
- --
Marc-Henri PAMISEUX
_o _o _
// // // __
//__ // / o) //o // ///° ( °
/___/// /__/ // // //\\ .__)
S.A.R.L. Libricks
Maison de la technopole
6, rue Léonard de Vinci - BP 0119
53001 LAVAL Cedex
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHOKdLMJ9khz7GW8ERAuV5AJ9DJXfHCxXE3xB1qiGFiBfFifI3pwCfVYWH
ma+moVcQMf1fwpt1E5lQtKY=
=Ivyx
-END PGP SIGNATURE-
#=== Global Settings ===
[global]
;
## Browsing/Identification ###
workgroup = MYWORKGROUP
netbios name = RHEA
server string = Serveur-Fichiers
;
Debugging/Accounting
syslog = 0
syslog only = no
log level = 2
log file = /var/log/samba/log.%m
max log size = 1000
;
Browse Options
os level = 80
local master = yes
domain master = yes
preferred master = yes
;
## Domains ###
domain logons = yes
logon script = logon.cmd
logon drive = U:
logon home = \\%L\%U
# logon path = \\%L\%U\.winprofile
logon path =
;
## Wins Options ##
name resolve order = wins lmhosts hosts bcast
dns proxy = no
wins proxy = no
wins support = yes
;
### Authentication ###
security = user
null passwords = no
unix password sync = no
encrypt passwords = true
update encrypted = yes
map to guest = Bad User
passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://192.168.1.3/";
passwd program = /usr/sbin/smbldap-passwd ?u %u
admin users = administrateur,@SmbDomAdmins
guest account = guest
username map = /etc/samba/smbusers
password level = 5
username level = 5
valid users = administrateur,guest,@SmbDomAdmins,@SmbDomUsers,@SmbUsers
client ntlmv2 auth = no
# auth methods =
# obey pam restrictions = yes
# restrict anonymous = 1
# invalid users = root
# pam pasword change = no
# acl group control = yes
;
Ldap Options
ldap delete dn = yes
ldap admin dn = "cn=admin,ou=ldapadmins,dc=local,dc=mydomain,dc=org"
ldap suffix = dc=local,dc=mydomain,dc=org
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=machines
ldap idmap suffix = ou=users
ldap ssl = no
ldap passwd sync = yes
;
Scripts Options
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w -i "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
# delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
panic action = /usr/share/samba/panic-action %d
;
Networking
bind interfaces only = true
interfaces = 127.0.0.1 192.168.1.2
remote announce = 192.168.1.255/HAPTION
socket options = IPTOS_LOWDELAY SO_KEEPALIVE TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
hosts allow = 127.0.0.1 192.168.1.0/24
hosts deny = 0.0.0.0/0
time server = yes
include = /etc/samba/dhcp.conf
;
Filename Handling
preserve case = yes
short preserve case = yes
case sensitive = no
# default case = lower
dos charset = 850
unix charset = UTF-8
hide files = /.*/desktop.ini/ntuser.ini/NTUSER.*/
veto files = /*.eml/*.nws/*.{*}/
veto oplock files = /*.doc/*.xml/*.mdb/
create mode = 0660
force create mode = 660
directory mode = 0770
force directory mode = 770
;
Locking Options
oplocks = yes
level2 oplocks = yes
strict locking = yes
posix locking = yes
kernel oplocks = yes
Re: [Samba] Cannot connect to NT 4 BDC Server
Cybionet a écrit : > Salut Marc-Henri! :-) > > Ok the message "A peripheral connected to this system doesn't works" > mean that the SID of your user/group are not the same of the Domain > Controller. Check the SID between the result of 'net groupmap list' and > 'net getlocalsid'. > > Robert > So there is no other idea from this problem ? What research must i investigate now ? Regards, -- Marc-Henri PAMISEUX mél. [EMAIL PROTECTED] Tél. +33 0 243 020 161 31, rue des closeaux 53240 SAINT JEAN SUR MAYENNE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot connect to NT 4 BDC Server
yes doing parameter disable netbios = no doing parameter client schannel = yes doing parameter server schannel = yes doing parameter host msdfs = Yes doing parameter smb ports = 139 445 doing parameter hosts allow = 123.53.5.0/24 192.168.5.0/24 127.0.0.1 doing parameter hosts deny = 0.0.0.0/0 doing parameter winbind use default domain = Yes pm_process() returned Yes added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 added interface ip=192.168.5.11 bcast=192.168.5.255 nmask=255.255.255.0 Client started (version 3.0.22). Connecting to 192.168.5.12 at port 445 error connecting to 192.168.5.12:445 (Connexion refusée) Connecting to 192.168.5.12 at port 139 session request ok Password: Domain=[ALITEC] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] session setup ok tconx ok dos_clean_name [] smb: \> exit Something else, when i try to connect from SERVEUR to SAMBA, using the LDAP user i've just add, all work nice: C:\> NET USE P: \\SAMBA\partage /USER:ALITEC\marcori Taper le mot de passe pour \\SAMBA\partage : La commande a été exécutée. C:\> P: P:\> dir [ ... some files ... ] P:\> C: C:\> NET USE P: /DELETE Connexions can be established in a single way ! In fact, when i go to NT4 server, in the domain user interface, menu Strategy -> User rights, i can't see any strategy defined (they were defined before acting as a BDC). Before adding some strategy, i've create some well defined group and group mapping: # net groupmap list Administrators (S-1-5-32-544) -> SmbAdministrators Replicators (S-1-5-32-552) -> SmbReplicators Account Operators (S-1-5-32-548) -> SmbAccountOperators Backup Operators (S-1-5-32-551) -> SmbBackupOperators Domain Admins (S-1-5-21-114968459-120084214-1990678075-512) -> SmbDomAdmins Domain Computers (S-1-5-21-114968459-120084214-1990678075-515) -> SmbDomComputers Domain Guests (S-1-5-21-114968459-120084214-1990678075-514) -> SmbDomGuests Domain Users (S-1-5-21-114968459-120084214-1990678075-513) -> SmbDomUsers Print Operators (S-1-5-32-550) -> SmbPrintOperators Guests (S-1-5-32-546) -> SmbGuests Server Operators (S-1-5-32-549) -> SmbServerOperators Users (S-1-5-32-545) -> SmbUsers Anonymous (S-1-5-7) -> SmbAnonymous Power Users (S-1-5-32-547) -> SmbPowerUsers So, i've try to add some user's strategy, NT4 can see my group, but when i try to add it, i've got an error 'A peripheral connected to this system doesn't works' or something like that... When i try to modify LDAP user i've add, i've got an error indicate that NT4 can't find the primary Group Name (or any group in reality). My question is: Is it possible to connect to an NT4 server acting as a BDC, or should i denote NT4 server as a standalone server (and then join it to Samba PDC) ? Another question: Is it possible to denote an NT4 server acting as a BDC to a standalone server, and how can i do that without re-installing NT4 ? Do you know some free utility, or some Registry Key to change ? Best Regards, -- Marc-Henri PAMISEUX mél. [EMAIL PROTECTED] Tél. +33 0 243 020 161 31, rue des closeaux 53240 SAINT JEAN SUR MAYENNE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
