Date: Sun, 3 Sep 2006 13:46:04 -0500 From: Henrik Hudson <rhavenn@rhavenn.net> To: freebsd-questions@freebsd.org Subject: samba problem; member server can't authenticate Message-ID: <200609031346.05261.rhavenn@rhavenn.net>
next in thread | raw e-mail | index | archive | help
Hey List- I tried the Samba lists...but didn't get any tips there..so possibly a freebsd issue? Dunno, anyways.... I have a Samba PDC and a Samba Member Server. The Samba PDC works fine, but the problem is that the Member Server can't authenticate users and let me browse file shares and i always get the error: NT_STATUS_NO_LOGON_SERVERS the wierd thing is that sometimes: SMBCLIENT -L ECWTEST will work and list my shares. However, the first time I actually try to authenticate a user to browse a share the whole shebang stops and I get the above error. I'm using Konqueror and smb://ecwtest/sharename to connect. I don't need to make any PAM changes to allow just file / share authentication do I? One thing, the member server is a new rebuild of a machine with the same name and the PDC is a upgrade using the TDBs, etc.. from backup. I did remove the machine account from the PDC and then re-added it using net join and that worked fine. I ran through the test at the back of the "offical book" and all of them work except the actual sharing and the nmblookup -d 2 '*' on the member server and of course the smbclient specific ones. wbinfo -u and wbinfo -g work on the member server and i can chown files to users only in the PDC in the samba users file. I just can't authenticate. the only error I'm seeing is in log.wb-ECW and its: [2006/09/03 12:54:12, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine ECWSERVER pipe \lsarpc fnum 0x70a8! [2006/09/03 13:17:04, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine ECWSERVER pipe \NETLOGON fnum 0x7549! [2006/09/03 13:38:05, 0] nsswitch/winbindd_dual.c:child_read_request(49) Got invalid request length: 0 [2006/09/03 13:38:12, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine ECWSERVER pipe \lsarpc fnum 0x7104! Here is my setup: PDC: ECWSERVER ; FreeBSD 6-stable and samba-3.0.23b,1 member: ECWTEST ; freeBSD 6-stable and samba-3.0.23b,1 Both servers are on the same network and have static IPs. i am able to ping, etc.. using the netbios names my /etc/nssswitch.conf is the same on both: group: files winbind group_compat: nis hosts: files dns networks: files passwd: files winbind passwd_compat: nis shells: files PDC smb.conf: # Global parameters [global] workgroup = ECW netbios name = ECWSERVER passdb backend = tdbsam:/usr/local/etc/samba/private/passwd.tdb os level = 65 preferred master = yes domain master = yes local master = yes domain logons = yes wins support = yes #server string = Samba %v on %L server string = security = USER encrypt passwords = yes disable spoolss = Yes guest ok = yes follow symlinks = no case sensitive = no idmap uid = 15000-20000 idmap gid = 15000-20000 username map = /usr/local/etc/samba/smbusers name resolve order = hosts wins bcast time server = Yes #printing options #printing = cups #printcap name = cups #load printers = yes #show add printer wizard = Yes #printer admin = @ecwadmins,@wheel #user scripts add user script = /usr/sbin/pw useradd -n %u -g ecwusers -s /usr/sbin/nologin -c "" delete user script = /usr/sbin/pw userdel -n %u add group script = /usr/sbin/pw groupadd -n %g delete group script = /usr/sbin/pw groupdel -n %g add user to group script = /usr/sbin/pw usermod -n %u -g %g #add machine script = /usr/sbin/pw useradd -n %u -g 100 -s /usr/sbin/nologin -d /dev/null #user directories logon home = \\%N\%U\ logon drive = H: #roaming profiles logon path = ############################# the member server smb.conf: # Global parameters [global] workgroup = ECW netbios name = ECWTEST #server string = Samba %v on %L server string = security = domain password server = ECWSERVER wins server = 10.0.0.6 encrypt passwords = yes idmap uid = 15000-20000 idmap gid = 15000-20000 winbind use default domain = yes guest ok = yes follow symlinks = no case sensitive = no os level = 33 preferred master = no domain master = no #bind interfaces only = yes #interfaces = fxp0 lo0 #hosts deny = ALL #hosts allow = 10.0.0.0/24 127. name resolve order = hosts wins bcast Thanks. henrik -- Henrik Hudson rhavenn@rhavenn.net ------------------------------ "There are 10 kinds of people in the world: Those who understand binary and those who don't..."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200609031346.05261.rhavenn>