From owner-freebsd-questions Sat Jun 22 11:30:29 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail.liwing.de (mail.liwing.de [213.70.188.162]) by hub.freebsd.org (Postfix) with ESMTP id 6ED4437B400 for ; Sat, 22 Jun 2002 11:30:17 -0700 (PDT) Received: (qmail 90650 invoked from network); 22 Jun 2002 18:41:14 -0000 Received: from stingray.liwing.de (HELO liwing.de) ([213.70.188.164]) (envelope-sender ) by mail.liwing.de (qmail-ldap-1.03) with SMTP for ; 22 Jun 2002 18:41:14 -0000 Message-ID: <3D14C1C4.49F8867F@liwing.de> Date: Sat, 22 Jun 2002 20:28:20 +0200 From: Jens Rehsack Organization: LiWing IT-Services X-Mailer: Mozilla 4.78 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Peter Ulrich Kruppa Cc: questions@freebsd.org Subject: Re: fascinating SAMBA-PDC problem References: <20020622184124.W13276-100000@small.pukruppa.de> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Peter Ulrich Kruppa wrote: > > On Sat, 22 Jun 2002, Jens Rehsack wrote: > > Peter Ulrich Kruppa wrote: > > > I am experimenting with my small home network to find out how to > > > set up my Samba server as primary domain controller (PDC) for my > > > Win2kPro system. > > > > > > Later - in real life - the PDC should be able to manage about 800 > > > user accounts for 30 or 40 NT4 and Win2k machines. > > > > > > But back to my home problem: > > > I was able to give a machine account to my Win2k computer, > > > integrate it into my domain and create a domain-admin called > > > root, which is identical to my server's root. > > > root can log in and out, his profile is downloaded and uploaded > > > to the server. > > > Then I set up user accounts (with /stand/sysinstall and > > > smbpasswd). > > > When I try to log into these accounts from Win2k they seem to be > > > authenticated, but after some seconds I receive an error, saying > > > that the profile couldn't be downloaded and that the access is > > > denied. > > > > > > Any ideas what could be done? > > > > There is a solution for this problem which is detailed described in samba > > documentation and has to do with w2ksp2 and access control list. > > Please do a "make patch" in /usr/ports/net/samba and search for some > > documentation 'bout w2k, updates and so on ... > Hmm, ..., yes I found it. > They said, this was solved with samba2.2.5, so I > installed the latest port: but the problem stayed. > Out of an intuition I copied root's working profile and chown'ed > it to another registered user. And he could log in. > > How this? Did I miss anything? did you add "nt acl support = no" to your smb.conf? I don't read sth. 'bout 2.2.5 in work/samba-2.2.5/docs/README.Win2kSP2 but about 2.2.2. > Thanks anyway, > > Uli. > > > -- > > L i W W W i Jens Rehsack > > L W W W > > L i W W W W i nnn gggg LiWing IT-Services > > L i W W W W i n n g g > > LLLL i W W i n n g g Friesenstraße 2 > > gggg 06112 Halle > > g > > g g > > Tel.: +49 - 3 45 - 5 17 05 91 ggg e-Mail: > > Fax: +49 - 3 45 - 5 17 05 92 http://www.liwing.de/ > > > > *-----------------------------------* > * Peter Ulrich Kruppa * > * - Wuppertal - * > * Germany * > *-----------------------------------* -- L i W W W i Jens Rehsack L W W W L i W W W W i nnn gggg LiWing IT-Services L i W W W W i n n g g LLLL i W W i n n g g Friesenstraße 2 gggg 06112 Halle g g g Tel.: +49 - 3 45 - 5 17 05 91 ggg e-Mail: Fax: +49 - 3 45 - 5 17 05 92 http://www.liwing.de/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message