PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : kein Domänenbeitritt unter Samba 3.0.2a möglich



gnoovy
01.11.04, 15:20
hi leutz,



beschäftige mich grad mit der Samba-Version 3.0.2a. Habe eigendlich alles genauso konfiguriert, wie unter der 2.0.8. Allerdings sagt mir mein Test-Windows XP-Client, dass entweder der Benutzer nicht exisitiert oder ein falsches Kennwort eingegeben wurde, wenn ich der Domäne unter Computername-Ändern beitreten möchte. An was kann das liegen?



hier die logeinträge:

[2004/11/01 14:13:46, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/11/01 14:13:47, 0] printing/print_cups.c:cups_printer_fn(110)
Unable to connect to CUPS server localhost - Connection refused
[2004/11/01 14:20:43, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
[2004/11/01 14:20:43, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
[2004/11/01 14:20:43, 0] lib/access.c:check_access(328)
[2004/11/01 14:20:43, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
Denied connection from (0.0.0.0)
[2004/11/01 14:20:43, 1] smbd/process.c:process_smb(883)
[2004/11/01 14:20:43, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
Connection denied from 0.0.0.0
[2004/11/01 14:20:43, 0] lib/util_sock.c:write_socket_data(411)
write_socket_data: write failure. Error = Connection reset by peer
[2004/11/01 14:20:43, 0] lib/util_sock.c:write_socket(436)
write_socket: Error writing 5 bytes to socket 23: ERRNO = Connection reset by peer
[2004/11/01 14:20:43, 0] lib/util_sock.c:send_smb(628)
Error writing 5 bytes to client. -1. (Connection reset by peer)
[2004/11/01 14:21:02, 0] printing/print_cups.c:cups_queue_get(956)
Unable to get jobs for ipp://localhost/printers/pdf - client-error-not-found
[2004/11/01 14:22:35, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/11/01 14:27:10, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/11/01 14:28:17, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/11/01 14:39:27, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/11/01 14:39:45, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
[2004/11/01 14:39:45, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
[2004/11/01 14:39:45, 0] lib/access.c:check_access(328)
[2004/11/01 14:39:45, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
Denied connection from (0.0.0.0)
[2004/11/01 14:39:45, 1] smbd/process.c:process_smb(883)
[2004/11/01 14:39:45, 0] lib/util_sock.c:get_peer_addr(975)
getpeername failed. Error was Transport endpoint is not connected
Connection denied from 0.0.0.0
[2004/11/01 14:39:45, 0] lib/util_sock.c:write_socket_data(411)
write_socket_data: write failure. Error = Connection reset by peer
[2004/11/01 14:39:45, 0] lib/util_sock.c:write_socket(436)
write_socket: Error writing 5 bytes to socket 24: ERRNO = Connection reset by peer
[2004/11/01 14:39:45, 0] lib/util_sock.c:send_smb(628)
Error writing 5 bytes to client. -1. (Connection reset by peer)
[2004/11/01 14:48:50, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/11/01 14:49:01, 0] printing/print_cups.c:cups_queue_get(956)
Unable to get jobs for ipp://localhost/printers/pdf - client-error-not-found
[2004/11/01 14:50:25, 0] smbd/server.c:main(748)
smbd version 3.0.2a-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1992-2004


smb.conf file:


# Samba config file created using SWAT
# from 192.168.100.3 (192.168.100.3)
# Date: 2004/11/01 15:03:53

# Global parameters
[global]
dos charset = CP850
unix charset = UTF-8
display charset = LOCALE
workgroup = TESTDOM.LOCAL
realm =
netbios name = TESTSERVER
netbios aliases =
netbios scope =
server string = Samba 3.0.2a-SUSE
interfaces = eth0
bind interfaces only = Yes
security = USER
auth methods =
encrypt passwords = Yes
update encrypted = Yes
client schannel = Auto
server schannel = Auto
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
use cracklib = No
map to guest = Bad User
null passwords = No
obey pam restrictions = No
password server = *
smb passwd file = /etc/samba/smbpasswd
private dir = /etc/samba
passdb backend = smbpasswd
algorithmic rid base = 1000
root directory =
guest account = nobody
pam password change = No
passwd program =
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
passwd chat timeout = 2
username map =
password level = 0
username level = 0
unix password sync = No
restrict anonymous = 0
lanman auth = Yes
ntlm auth = Yes
client NTLMv2 auth = No
client lanman auth = Yes
client plaintext auth = Yes
preload modules =
log level = 0
syslog = 1
syslog only = No
log file =
max log size = 5000
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
smb ports = 445 139
protocol = NT1
large readwrite = Yes
max protocol = NT1
min protocol = CORE
unicode = Yes
read bmpx = No
read raw = Yes
write raw = Yes
disable netbios = No
acl compatibility =
nt pipe support = Yes
nt status support = Yes
announce version = 4.9
announce as = NT
max mux = 50
max xmit = 16644
name resolve order = lmhosts wins host bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
unix extensions = Yes
use spnego = Yes
client signing = auto
server signing = auto
client use spnego = Yes
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
kernel change notify = Yes
lpq cache time = 10
max smbd processes = 0
paranoid server security = Yes
max disk size = 0
max open files = 10000
socket options = TCP_NODELAY
use mmap = Yes
hostname lookups = No
name cache timeout = 660
load printers = Yes
printcap name = cups
disable spoolss = No
enumports command =
addprinter command =
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
mangling method = hash2
mangle prefix = 1
stat cache = Yes
machine password timeout = 604800
add user script = /usr/sbin/useradd -d/dev/null -g 100 -s /bin/false -M %u
delete user script =
add group script =
delete group script =
add user to group script =
delete user from group script =
set primary group script =
add machine script =
shutdown script =
abort shutdown script =
logon script =
logon path =
logon drive =
logon home =
domain logons = Yes
os level = 65
lm announce = Auto
lm interval = 60
preferred master = Yes
local master = Yes
domain master = Yes
browse list = Yes
enhanced browsing = Yes
dns proxy = Yes
wins proxy = No
wins server =
wins support = No
wins hook =
wins partners =
kernel oplocks = Yes
lock spin count = 3
lock spin time = 10
oplock break wait time = 0
ldap suffix =
ldap machine suffix =
ldap user suffix =
ldap group suffix =
ldap idmap suffix =
ldap filter = (uid=%u)
ldap admin dn =
ldap ssl = no
ldap passwd sync = no
ldap delete dn = No
ldap replication sleep = 1000
add share command =
change share command =
delete share command =
config file =
preload =
lock directory = /var/lib/samba
pid directory = /var/run/samba
utmp directory =
wtmp directory =
utmp = No
default service =
message command =
dfree command =
get quota command =
set quota command =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map = auto.home
afs username map =
time offset = 0
NIS homedir = No
panic action =
host msdfs = No
enable rid algorithm = Yes
idmap backend =
idmap uid =
idmap gid =
template primary group = nobody
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = \
winbind cache time = 300
winbind enable local accounts = Yes
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = No
winbind trusted domains only = No
comment =
path =
username =
invalid users =
valid users =
admin users = root
read list =
write list =
printer admin = @ntadmin, root, administrator
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
inherit permissions = No
inherit acls = No
guest only = No
guest ok = No
only user = No
hosts allow = 192.168.100.
hosts deny =
nt acl support = Yes
profile acls = No
map acl inherit = No
afs share = No
block size = 1024
max connections = 0
min print space = 0
strict allocate = No
strict sync = No
sync always = No
use sendfile = No
write cache size = 0
max reported print jobs = 0
max print jobs = 1000
printable = No
printing = cups
printing cups options =
print command =
lpq command =
lprm command =
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer name =
use client driver = No
default devmode = No
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
hide special files = No
hide unreadable = No
hide unwriteable files = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
csc policy = manual
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = Yes
share modes = Yes
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
vfs objects =
msdfs root = No
msdfs proxy =

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[users]
comment = All users
path = /home
read only = No
inherit permissions = Yes
veto files = /aquota.user/groups/shares/

[groups]
comment = All groups
path = /home/groups
read only = No
inherit permissions = Yes

[pdf]
comment = PDF creator
path = /var/tmp
create mask = 0600
printable = Yes
print command = /usr/bin/smbprngenpdf -J '%J' -c %c -s %s -u '%u' -z %z

[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775


greetz
gnoovy

blauerpeti
01.11.04, 15:42
..welches XP hast Du

gnoovy
01.11.04, 16:34
das windows xp mit service pack 1

blauerpeti
01.11.04, 17:29
xp-home oder xp-proff??? mein ich

gnoovy
01.11.04, 17:38
Habe XP Professional

LKH
01.11.04, 18:45
Hi,

war der 2er-Samba auch schon Domänencontroller? Vielleicht hilft es ja die ganzen User- und Machineaccounts mal zu löschen und neu anzulegen. Da du keine Usermap hast (username map = ): wer ist denn der Domänen-Admin und wie erkennt Samba den?

Und wenn du eh schon am basteln bist: nimm die aktuelle Samba-Version (3.0.7). :D

Hoffe es hilft,

LKH

gnoovy
01.11.04, 20:15
hab ich auch schon versucht. Funkt trotzdem nicht :mad:

LKH
01.11.04, 21:35
Hi,

was hast du versucht?

LKH

gnoovy
01.11.04, 22:22
hi leutz,



also anmeldung hat jetzt gefunzt. Lag daran, dass man unter Suse Linux 9.1 ein anderes Script braucht, damit die Maschinenkonten automatisch mit Anmeldung an den Domänencontroller angelegt werden. Es ist jetzt auch nicht mehr Add User Script, sondern Add Machine Script. Nur kann ich mich jetzt trotzdem noch nicht an der Domäne anmelden, da er sagt, dass der domänencontroller nicht verfügbar sei, oder das Maschinenkonto nicht verfügbar ist. So, oder so änlich jedenfalls. Weiss da einer Rat?




greetz
gnoovy

gnoovy
06.11.04, 17:18
hi leutz,



so bin jetzt wieder auf Suse Linux 9.0 heruntergegangen. Habe dort Samba auf 3.0.7 geupdatet, funktioniert alles. Naja, jedenfalls alles bis auf das Anmeldescript (*.bat), dass noch bei jedem Benutzer abgearbeitet werden muss. Wie muss ich dies unter Samba 3.0.7 machen? Habe schon alles mögliche wie \\server\...\%u.bat versucht, also alles unter logon script, doch er arbeitet hier nichts ab. Weiss da einer rat?




greetz
gnoovy

gnoovy
06.11.04, 19:29
hi leutz,



boah endlich funktioniert jetzt wieder alles.




greetz
gnoovy