[Samba] make_connection: connection to ipc$ denied due to security descriptor.
mpte Utilisateur du domaine MYWORKGROUP Workstations: Munged dial: Logon time: 0 Logoff time: Tue, 19 Jan 2038 04:14:07 CET Kickoff time: Tue, 19 Jan 2038 04:14:07 CET Password last set:Thu, 25 Oct 2007 11:13:26 CEST Password can change: 0 Password must change: Tue, 19 Jan 2038 04:14:07 CET Last bad password : 0 Bad password count : 0 Logon hours : FF What could it be wrong ? Do you have an idea ? Some post seen on Internet make me think to upgrade and this is caused by the 3.0.24 version... Could it be true ? Thanks for your propositions. - -- Marc-Henri PAMISEUX _o _o _ // // // __ //__ // / o) //o // ///° ( ° /___/// /__/ // // //\\ .__) S.A.R.L. Libricks Maison de la technopole 6, rue Léonard de Vinci - BP 0119 53001 LAVAL Cedex -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHOKdLMJ9khz7GW8ERAuV5AJ9DJXfHCxXE3xB1qiGFiBfFifI3pwCfVYWH ma+moVcQMf1fwpt1E5lQtKY= =Ivyx -END PGP SIGNATURE- #=== Global Settings === [global] ; ## Browsing/Identification ### workgroup = MYWORKGROUP netbios name = RHEA server string = Serveur-Fichiers ; Debugging/Accounting syslog = 0 syslog only = no log level = 2 log file = /var/log/samba/log.%m max log size = 1000 ; Browse Options os level = 80 local master = yes domain master = yes preferred master = yes ; ## Domains ### domain logons = yes logon script = logon.cmd logon drive = U: logon home = \\%L\%U # logon path = \\%L\%U\.winprofile logon path = ; ## Wins Options ## name resolve order = wins lmhosts hosts bcast dns proxy = no wins proxy = no wins support = yes ; ### Authentication ### security = user null passwords = no unix password sync = no encrypt passwords = true update encrypted = yes map to guest = Bad User passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://192.168.1.3/"; passwd program = /usr/sbin/smbldap-passwd ?u %u admin users = administrateur,@SmbDomAdmins guest account = guest username map = /etc/samba/smbusers password level = 5 username level = 5 valid users = administrateur,guest,@SmbDomAdmins,@SmbDomUsers,@SmbUsers client ntlmv2 auth = no # auth methods = # obey pam restrictions = yes # restrict anonymous = 1 # invalid users = root # pam pasword change = no # acl group control = yes ; Ldap Options ldap delete dn = yes ldap admin dn = "cn=admin,ou=ldapadmins,dc=local,dc=mydomain,dc=org" ldap suffix = dc=local,dc=mydomain,dc=org ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=machines ldap idmap suffix = ou=users ldap ssl = no ldap passwd sync = yes ; Scripts Options add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w -i "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" # delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" panic action = /usr/share/samba/panic-action %d ; Networking bind interfaces only = true interfaces = 127.0.0.1 192.168.1.2 remote announce = 192.168.1.255/HAPTION socket options = IPTOS_LOWDELAY SO_KEEPALIVE TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hosts allow = 127.0.0.1 192.168.1.0/24 hosts deny = 0.0.0.0/0 time server = yes include = /etc/samba/dhcp.conf ; Filename Handling preserve case = yes short preserve case = yes case sensitive = no # default case = lower dos charset = 850 unix charset = UTF-8 hide files = /.*/desktop.ini/ntuser.ini/NTUSER.*/ veto files = /*.eml/*.nws/*.{*}/ veto oplock files = /*.doc/*.xml/*.mdb/ create mode = 0660 force create mode = 660 directory mode = 0770 force directory mode = 770 ; Locking Options oplocks = yes level2 oplocks = yes strict locking = yes posix locking = yes kernel oplocks = yes
Re: [Samba] Cannot connect to NT 4 BDC Server
Cybionet a écrit : > Salut Marc-Henri! :-) > > Ok the message "A peripheral connected to this system doesn't works" > mean that the SID of your user/group are not the same of the Domain > Controller. Check the SID between the result of 'net groupmap list' and > 'net getlocalsid'. > > Robert > So there is no other idea from this problem ? What research must i investigate now ? Regards, -- Marc-Henri PAMISEUX mél. [EMAIL PROTECTED] Tél. +33 0 243 020 161 31, rue des closeaux 53240 SAINT JEAN SUR MAYENNE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot connect to NT 4 BDC Server
yes doing parameter disable netbios = no doing parameter client schannel = yes doing parameter server schannel = yes doing parameter host msdfs = Yes doing parameter smb ports = 139 445 doing parameter hosts allow = 123.53.5.0/24 192.168.5.0/24 127.0.0.1 doing parameter hosts deny = 0.0.0.0/0 doing parameter winbind use default domain = Yes pm_process() returned Yes added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 added interface ip=192.168.5.11 bcast=192.168.5.255 nmask=255.255.255.0 Client started (version 3.0.22). Connecting to 192.168.5.12 at port 445 error connecting to 192.168.5.12:445 (Connexion refusée) Connecting to 192.168.5.12 at port 139 session request ok Password: Domain=[ALITEC] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] session setup ok tconx ok dos_clean_name [] smb: \> exit Something else, when i try to connect from SERVEUR to SAMBA, using the LDAP user i've just add, all work nice: C:\> NET USE P: \\SAMBA\partage /USER:ALITEC\marcori Taper le mot de passe pour \\SAMBA\partage : La commande a été exécutée. C:\> P: P:\> dir [ ... some files ... ] P:\> C: C:\> NET USE P: /DELETE Connexions can be established in a single way ! In fact, when i go to NT4 server, in the domain user interface, menu Strategy -> User rights, i can't see any strategy defined (they were defined before acting as a BDC). Before adding some strategy, i've create some well defined group and group mapping: # net groupmap list Administrators (S-1-5-32-544) -> SmbAdministrators Replicators (S-1-5-32-552) -> SmbReplicators Account Operators (S-1-5-32-548) -> SmbAccountOperators Backup Operators (S-1-5-32-551) -> SmbBackupOperators Domain Admins (S-1-5-21-114968459-120084214-1990678075-512) -> SmbDomAdmins Domain Computers (S-1-5-21-114968459-120084214-1990678075-515) -> SmbDomComputers Domain Guests (S-1-5-21-114968459-120084214-1990678075-514) -> SmbDomGuests Domain Users (S-1-5-21-114968459-120084214-1990678075-513) -> SmbDomUsers Print Operators (S-1-5-32-550) -> SmbPrintOperators Guests (S-1-5-32-546) -> SmbGuests Server Operators (S-1-5-32-549) -> SmbServerOperators Users (S-1-5-32-545) -> SmbUsers Anonymous (S-1-5-7) -> SmbAnonymous Power Users (S-1-5-32-547) -> SmbPowerUsers So, i've try to add some user's strategy, NT4 can see my group, but when i try to add it, i've got an error 'A peripheral connected to this system doesn't works' or something like that... When i try to modify LDAP user i've add, i've got an error indicate that NT4 can't find the primary Group Name (or any group in reality). My question is: Is it possible to connect to an NT4 server acting as a BDC, or should i denote NT4 server as a standalone server (and then join it to Samba PDC) ? Another question: Is it possible to denote an NT4 server acting as a BDC to a standalone server, and how can i do that without re-installing NT4 ? Do you know some free utility, or some Registry Key to change ? Best Regards, -- Marc-Henri PAMISEUX mél. [EMAIL PROTECTED] Tél. +33 0 243 020 161 31, rue des closeaux 53240 SAINT JEAN SUR MAYENNE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba