[Samba] Dial-Up Users Not Able to Access Network with Samba PDC
I recently replaced my NT PDC with a Samba PDC with an LDAP backend. Most clients have 2000 and XP machines but a few clients who have 98 machines are not able to access any servers on the network when they dial in to our NT 4.0 RAS server in spite of the fact that they receive all of the proper network settings from the DHCP server and they are successfully authenticated by the Samba/LDAP PDC. The 98 clients can not ping any other machine by name or IP address. They cannot ping the RAS server either. This is quite perplexing. Any insight into the cause of this problem will be greatly appeciated. Alex -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Georgia State Board of Pardons and Paroles -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Fw: [Samba] Users being deleted from Domain Users group on Samba BDC during vampire process of migration
I also notice that the vampire process stopped with the following error message: Failed to fetch domain database: NT_STATUS_SYNCHRONIZATION_REQUIRED What does this mean? Thanks for all of your help. - Forwarded by Alex Brown/Compsrv/pap on 11/23/2004 03:23 PM - [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: .samba.org Subject: Fw: [Samba] Users being deleted from Domain Users group on Samba BDC during vampire process of migration 11/23/2004 03:02 PM There is a line in my message that was incorrect. It should state the following: The users with "(primary)" attached to their name are being deleted. As you can see, the Domain Admins group no longer includes joeblow, snoopy or vbe. My Enviornment: NT 4.0 PDC Debian (Sarge) Samba 3.0.7-2 Openldap 2.1.30-3 Windows 98,2000 and XP clients - Forwarded by Alex Brown/Compsrv/pap on 11/23/2004 03:00 PM - [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: .samba.org Subject: [Samba] Users being deleted from Domain Users group on Samba BDC during vampire process of migration 11/23/2004 02:52 PM I think I'm having a problem during the vampire process. Would someone tell me why my domain users are being deleted from the Domain Users group after they are created? First, the accounts are being created normally... Creating account: marshah Creating account: marshab Creating account: johnp . . . Creating account: ronniem Creating account: bobbyr Creating account: robertk Creating account: g4400$ Creating account: INFI2292-80$ Creating account: PAP-E06EFL2FLCA$ Creating account: G830-78$ Creating account: COL190GPCTAB-62$ Creating account: PERIA30-63$ Creating account: ROM010IA30-71$ Creating account: DEK480IA30-73$ Group members of Domain Admins: charliebrown,faxserver,joeblow(primary),vbe(primary),snoopy(primary),epo,xerox, Group members of Domain Users: PRIMARY$(primary),CONSDEV $(primary),marshah(primary),marshab(primary),johnp(primary) . . . rajg(primary),FIEGATEWAY450-5$(primary),MAC120I2652-8 $(primary),FISGE2000D-2$(primary),DISGE2000D-1$(primary),ADA440GPCTAB-6 $(primary),CJRG450ROG-29$(primary),DAL230GPCTAB-21 $(primary),THO070GPCTAB-65$(primary),CAN300GPCTAB-5 $(primary),ADA440GPCTAB-75$(primary),THO070GPCTAB-7 $(primary),CAN300GPCTAB-4$(primary),DOU400GPCTAB-25 $(primary),CAR540GPCTAB-8$(primary),LAG310GPCTAB-5$(primary),ELL560GPCTAB-2 $(primary),LAG310GPCTAB-12$(primary),ELL560GPCTAB-18 $(primary),LAG310GPCTAB-2$(primary),ELL560GPCTAB-4$(primary),CON360GPCTAB-2 $(primary),LAG310GPTAB-15$(primary),INFGFE2000D-100 $(primary),LAG310GPCTAB-6$(primary),DAH590GPCTAB-6$(primary) . . . Then the users are being deleted . . . deleting user marshah from group Domain Users deleting user marshab from group Domain Users deleting user johnp from group Domain Users . . . deleting user joyceb from group Domain Users deleting user lyndae from group Domain Users deleting user janices from group Domain Users deleting user mredding from group Domain Users deleting user darylb from group Domain Users deleting user deborahm from group Domain Users deleting user tammyc from group Domain Users deleting user jeanettb from group Domain Users deleting user dessiep from group Domain Users deleting user jennifej from group Domain Users The users with "(primary)" attached to their name are being deleted. As you can see, the Domain Admins group no longer includes jonathanb, ninos or vbe. sd1:~# getent group | grep "Domain Admins" Domain Admins:x:512:charliebrown,faxserver,epo,xerox There were several hundred domain users but after the migration there are only a few. --
Fw: [Samba] Users being deleted from Domain Users group on Samba BDC during vampire process of migration
There is a line in my message that was incorrect. It should state the following: The users with "(primary)" attached to their name are being deleted. As you can see, the Domain Admins group no longer includes joeblow, snoopy or vbe. My Enviornment: NT 4.0 PDC Debian (Sarge) Samba 3.0.7-2 Openldap 2.1.30-3 Windows 98,2000 and XP clients - Forwarded by Alex Brown/Compsrv/pap on 11/23/2004 03:00 PM - [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: .samba.org Subject: [Samba] Users being deleted from Domain Users group on Samba BDC during vampire process of migration 11/23/2004 02:52 PM I think I'm having a problem during the vampire process. Would someone tell me why my domain users are being deleted from the Domain Users group after they are created? First, the accounts are being created normally... Creating account: marshah Creating account: marshab Creating account: johnp . . . Creating account: ronniem Creating account: bobbyr Creating account: robertk Creating account: g4400$ Creating account: INFI2292-80$ Creating account: PAP-E06EFL2FLCA$ Creating account: G830-78$ Creating account: COL190GPCTAB-62$ Creating account: PERIA30-63$ Creating account: ROM010IA30-71$ Creating account: DEK480IA30-73$ Group members of Domain Admins: charliebrown,faxserver,joeblow(primary),vbe(primary),snoopy(primary),epo,xerox, Group members of Domain Users: PRIMARY$(primary),CONSDEV $(primary),marshah(primary),marshab(primary),johnp(primary) . . . rajg(primary),FIEGATEWAY450-5$(primary),MAC120I2652-8 $(primary),FISGE2000D-2$(primary),DISGE2000D-1$(primary),ADA440GPCTAB-6 $(primary),CJRG450ROG-29$(primary),DAL230GPCTAB-21 $(primary),THO070GPCTAB-65$(primary),CAN300GPCTAB-5 $(primary),ADA440GPCTAB-75$(primary),THO070GPCTAB-7 $(primary),CAN300GPCTAB-4$(primary),DOU400GPCTAB-25 $(primary),CAR540GPCTAB-8$(primary),LAG310GPCTAB-5$(primary),ELL560GPCTAB-2 $(primary),LAG310GPCTAB-12$(primary),ELL560GPCTAB-18 $(primary),LAG310GPCTAB-2$(primary),ELL560GPCTAB-4$(primary),CON360GPCTAB-2 $(primary),LAG310GPTAB-15$(primary),INFGFE2000D-100 $(primary),LAG310GPCTAB-6$(primary),DAH590GPCTAB-6$(primary) . . . Then the users are being deleted . . . deleting user marshah from group Domain Users deleting user marshab from group Domain Users deleting user johnp from group Domain Users . . . deleting user joyceb from group Domain Users deleting user lyndae from group Domain Users deleting user janices from group Domain Users deleting user mredding from group Domain Users deleting user darylb from group Domain Users deleting user deborahm from group Domain Users deleting user tammyc from group Domain Users deleting user jeanettb from group Domain Users deleting user dessiep from group Domain Users deleting user jennifej from group Domain Users The users with "(primary)" attached to their name are being deleted. As you can see, the Domain Admins group no longer includes jonathanb, ninos or vbe. sd1:~# getent group | grep "Domain Admins" Domain Admins:x:512:charliebrown,faxserver,epo,xerox There were several hundred domain users but after the migration there are only a few. - Here is my smb.conf. [global] unix charset = LOCALE workgroup = PAP netbios name = SD1 server string = announce version = 4.0 #interfaces = lo #bind interfaces only = Yes passdb backend = ldapsam:ldap://127.0.0.1 username map = /etc/samba/smbusers log level = 2 syslog = 0 log file = /var/log/samba/log.%m max log size = 50 smb ports = 139 445 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS show add printer wizard = No add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add user script = /usr/local/sbin/smbldap-useradd -m "%u" delete user script = /usr/local/sbin/smbldap-userdel "%u" add machine script = /usr/local/sbin/smbldap-useradd -w
[Samba] Users being deleted from Domain Users group on Samba BDC during vampire process of migration
I think I'm having a problem during the vampire process. Would someone tell me why my domain users are being deleted from the Domain Users group after they are created? First, the accounts are being created normally... Creating account: marshah Creating account: marshab Creating account: johnp . . . Creating account: ronniem Creating account: bobbyr Creating account: robertk Creating account: g4400$ Creating account: INFI2292-80$ Creating account: PAP-E06EFL2FLCA$ Creating account: G830-78$ Creating account: COL190GPCTAB-62$ Creating account: PERIA30-63$ Creating account: ROM010IA30-71$ Creating account: DEK480IA30-73$ Group members of Domain Admins: charliebrown,faxserver,joeblow(primary),vbe(primary),snoopy(primary),epo,xerox, Group members of Domain Users: PRIMARY$(primary),CONSDEV $(primary),marshah(primary),marshab(primary),johnp(primary) . . . rajg(primary),FIEGATEWAY450-5$(primary),MAC120I2652-8 $(primary),FISGE2000D-2$(primary),DISGE2000D-1$(primary),ADA440GPCTAB-6 $(primary),CJRG450ROG-29$(primary),DAL230GPCTAB-21 $(primary),THO070GPCTAB-65$(primary),CAN300GPCTAB-5 $(primary),ADA440GPCTAB-75$(primary),THO070GPCTAB-7 $(primary),CAN300GPCTAB-4$(primary),DOU400GPCTAB-25 $(primary),CAR540GPCTAB-8$(primary),LAG310GPCTAB-5$(primary),ELL560GPCTAB-2 $(primary),LAG310GPCTAB-12$(primary),ELL560GPCTAB-18 $(primary),LAG310GPCTAB-2$(primary),ELL560GPCTAB-4$(primary),CON360GPCTAB-2 $(primary),LAG310GPTAB-15$(primary),INFGFE2000D-100 $(primary),LAG310GPCTAB-6$(primary),DAH590GPCTAB-6$(primary) . . . Then the users are being deleted . . . deleting user marshah from group Domain Users deleting user marshab from group Domain Users deleting user johnp from group Domain Users . . . deleting user joyceb from group Domain Users deleting user lyndae from group Domain Users deleting user janices from group Domain Users deleting user mredding from group Domain Users deleting user darylb from group Domain Users deleting user deborahm from group Domain Users deleting user tammyc from group Domain Users deleting user jeanettb from group Domain Users deleting user dessiep from group Domain Users deleting user jennifej from group Domain Users The users with "(primary)" attached to their name are being deleted. As you can see, the Domain Admins group no longer includes jonathanb, ninos or vbe. sd1:~# getent group | grep "Domain Admins" Domain Admins:x:512:charliebrown,faxserver,epo,xerox There were several hundred domain users but after the migration there are only a few. - Here is my smb.conf. [global] unix charset = LOCALE workgroup = PAP netbios name = SD1 server string = announce version = 4.0 #interfaces = lo #bind interfaces only = Yes passdb backend = ldapsam:ldap://127.0.0.1 username map = /etc/samba/smbusers log level = 2 syslog = 0 log file = /var/log/samba/log.%m max log size = 50 smb ports = 139 445 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS show add printer wizard = No add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add user script = /usr/local/sbin/smbldap-useradd -m "%u" delete user script = /usr/local/sbin/smbldap-userdel "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" delete group script = /usr/local/sbin/smbldap-groupdel "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" logon script = scripts\SLOGIC.bat logon path = logon drive = X: domain logons = Yes domain master = No preferred master = Yes ldap delete dn = Yes ldap suffix = dc=home,dc=us ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap group suffix = ou=Groups ## Example 6.5. LDAP Based smb.conf File, Server: MASSIVE global Section: Part B ldap idmap suffix = ou=Idmap ldap admin dn = cn=admin,dc=home,dc=us idmap backend = ldap:ldap://127.0.0.1 idmap uid = 1-2 idmap gid = 1-2 map acl inherit = Yes printing = cups printer admin = Administrator, alexb [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes locking = No [homes] comment = Home Directories valid users = %U read only = No browseable = No Here is my smbldap.conf SID removed from this intentionally. # Ex: slaveLDAP=127.0.0.1 slaveLDAP="127.0.0.1" slavePort="389" # Master LDAP : needed for write operations # Ex: masterLDAP=127.0.0.1 masterLDAP="127.0.0.1" masterPort="389" # Use TLS for LDAP # If set to 1, this option will use start_tls for connection # (you should also used the port 389) ldapTLS="0" # How to verify the server's certificate (none, optional or require) # see "man Net::