benpan
11.10.10, 11:58
Hallo zusammen,
Samba 3.4.7 zickt bei mir ein wenig, er legt kein Profilverzeichnis an.
An sich arbeitet er als PDC, ich habe einen Windows-PC in die Domäne aufgenommen.
Dann hab ich einen Benutzer mit useradd und smbpasswd -a angelegt, und den kann ich auch unter Windows anmelden. Allerdings weist Windows darauf hin, dass er nur mit ein temporäres Profil hat und Samba hat im Profile-Verzeichnis kein Verzeichnis für den User erzeugt.
Habt ihr sowas mal erlebt und Tipps für mich?
Schöne Grüße, Benedikt
Der Log-Auszug (WIN7VM ist der PC, user1 der Benutzer):
[2010/10/11 12:18:59, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client WIN7VM machine account WIN7VM$
[2010/10/11 12:19:23, 0] lib/util_sock.c:539(read_fd_with_timeout)
[2010/10/11 12:19:23, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
[2010/10/11 12:23:25, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client WIN7VM machine account WIN7VM$
[2010/10/11 12:23:25, 1] auth/auth_util.c:577(make_server_info_sam)
User WIN7VM$ in passdb, but getpwnam() fails!
[2010/10/11 12:23:25, 0] auth/auth_sam.c:355(check_sam_security)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
[2010/10/11 12:23:48, 0] lib/util_sock.c:539(read_fd_with_timeout)
[2010/10/11 12:23:48, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 1] smbd/service.c:1063(make_connection_snum)
win7vm (192.168.171.129) connect to service netlogon initially as user user1 (uid=1002, gid=1002) (pid 1153)
[2010/10/11 12:24:15, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:18, 1] smbd/service.c:1240(close_cnum)
win7vm (192.168.171.129) closed connection to service netlogon
[2010/10/11 12:24:48, 0] lib/util_sock.c:539(read_fd_with_timeout)
[2010/10/11 12:24:48, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
smb.conf als Output von testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
Processing section "[netlogon]"
Processing section "[profiles]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = VMDOM1
server string = %h server (Samba, Ubuntu)
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
load printers = No
printcap name = /dev/null
add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u
domain logons = Yes
os level = 33
preferred master = Yes
dns proxy = No
usershare max shares = 0
panic action = /usr/share/samba/panic-action %d
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
[profiles]
comment = Users profiles
path = /home/samba/profiles
create mask = 0600
directory mask = 0700
browseable = No
browsable = No
Profile-Verzeichnis:
root@ubuntuvm:/etc/samba# ll /home/samba
total 16
drwxr-xr-x 4 root root 4096 2010-10-11 11:58 ./
drwxr-xr-x 5 root root 4096 2010-10-11 12:21 ../
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 netlogon/
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 profiles/
root@ubuntuvm:/etc/samba# ll /home/samba/netlogon
total 8
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 ./
drwxr-xr-x 4 root root 4096 2010-10-11 11:58 ../
root@ubuntuvm:/etc/samba# ll /home/samba/profiles
total 8
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 ./
drwxr-xr-x 4 root root 4096 2010-10-11 11:58 ../
Samba 3.4.7 zickt bei mir ein wenig, er legt kein Profilverzeichnis an.
An sich arbeitet er als PDC, ich habe einen Windows-PC in die Domäne aufgenommen.
Dann hab ich einen Benutzer mit useradd und smbpasswd -a angelegt, und den kann ich auch unter Windows anmelden. Allerdings weist Windows darauf hin, dass er nur mit ein temporäres Profil hat und Samba hat im Profile-Verzeichnis kein Verzeichnis für den User erzeugt.
Habt ihr sowas mal erlebt und Tipps für mich?
Schöne Grüße, Benedikt
Der Log-Auszug (WIN7VM ist der PC, user1 der Benutzer):
[2010/10/11 12:18:59, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client WIN7VM machine account WIN7VM$
[2010/10/11 12:19:23, 0] lib/util_sock.c:539(read_fd_with_timeout)
[2010/10/11 12:19:23, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
[2010/10/11 12:23:25, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client WIN7VM machine account WIN7VM$
[2010/10/11 12:23:25, 1] auth/auth_util.c:577(make_server_info_sam)
User WIN7VM$ in passdb, but getpwnam() fails!
[2010/10/11 12:23:25, 0] auth/auth_sam.c:355(check_sam_security)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
[2010/10/11 12:23:48, 0] lib/util_sock.c:539(read_fd_with_timeout)
[2010/10/11 12:23:48, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:07, 1] smbd/service.c:1063(make_connection_snum)
win7vm (192.168.171.129) connect to service netlogon initially as user user1 (uid=1002, gid=1002) (pid 1153)
[2010/10/11 12:24:15, 0] smbd/service.c:1202(make_connection)
win7vm (192.168.171.129) couldn't find service user1
[2010/10/11 12:24:18, 1] smbd/service.c:1240(close_cnum)
win7vm (192.168.171.129) closed connection to service netlogon
[2010/10/11 12:24:48, 0] lib/util_sock.c:539(read_fd_with_timeout)
[2010/10/11 12:24:48, 0] lib/util_sock.c:1491(get_peer_addr_internal)
getpeername failed. Error was Transport endpoint is not connected
read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
smb.conf als Output von testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
Processing section "[netlogon]"
Processing section "[profiles]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = VMDOM1
server string = %h server (Samba, Ubuntu)
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
load printers = No
printcap name = /dev/null
add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u
domain logons = Yes
os level = 33
preferred master = Yes
dns proxy = No
usershare max shares = 0
panic action = /usr/share/samba/panic-action %d
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
[profiles]
comment = Users profiles
path = /home/samba/profiles
create mask = 0600
directory mask = 0700
browseable = No
browsable = No
Profile-Verzeichnis:
root@ubuntuvm:/etc/samba# ll /home/samba
total 16
drwxr-xr-x 4 root root 4096 2010-10-11 11:58 ./
drwxr-xr-x 5 root root 4096 2010-10-11 12:21 ../
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 netlogon/
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 profiles/
root@ubuntuvm:/etc/samba# ll /home/samba/netlogon
total 8
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 ./
drwxr-xr-x 4 root root 4096 2010-10-11 11:58 ../
root@ubuntuvm:/etc/samba# ll /home/samba/profiles
total 8
drwxr-xr-x 2 root root 4096 2010-10-11 11:58 ./
drwxr-xr-x 4 root root 4096 2010-10-11 11:58 ../