Date: Sun, 3 Sep 2006 11:59:06 -0700 From: "Atom Powers" <atom.powers@gmail.com> To: rhavenn@rhavenn.net Cc: freebsd-questions@freebsd.org Subject: Re: samba problem; member server can't authenticate Message-ID: <df9ac37c0609031159g465fc525j75558cb833f04d56@mail.gmail.com> In-Reply-To: <200609031346.05261.rhavenn@rhavenn.net> References: <200609031346.05261.rhavenn@rhavenn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/3/06, Henrik Hudson <rhavenn@rhavenn.net> wrote: > > I have a Samba PDC and a Samba Member Server. > > The Samba PDC works fine, but the problem is that the Member Server can't > authenticate users and let me browse file shares and i always get the error: > NT_STATUS_NO_LOGON_SERVERS Sounds like your member server can't contact the pdc's logon service. > the wierd thing is that sometimes: SMBCLIENT -L ECWTEST > will work and list my shares. However, the first time I actually try to > authenticate a user to browse a share the whole shebang stops and I get the > above error. I'm using Konqueror and smb://ecwtest/sharename to connect. Try to always use FQDN (ecwtest.domain.blah); or be very careful and complete in the way you set up your name resolution (WINS, DNS). Especially if you have hosts on different subnets. > I don't need to make any PAM changes to allow just file / share authentication > do I? No. Samba doesn't use PAM. > One thing, the member server is a new rebuild of a machine with the same name > and the PDC is a upgrade using the TDBs, etc.. from backup. I did remove the > machine account from the PDC and then re-added it using net join and that > worked fine. > > I ran through the test at the back of the "offical book" and all of them work > except the actual sharing and the nmblookup -d 2 '*' on the member server > and of course the smbclient specific ones. nmblookup is a WINS resolution tool. If your WINS server is not configured and functioning and your computers are on different subnets (or have blocking firewalls) you will have problems. If you don't use FQDN samba will, probably, be using WINS to resolve your host names. > > the member server smb.conf: > > # Global parameters > [global] > workgroup = ECW > netbios name = ECWTEST > #server string = Samba %v on %L > server string = > security = domain > password server = ECWSERVER Make that an FQDN hostname or ip address. > wins server = 10.0.0.6 > encrypt passwords = yes > idmap uid = 15000-20000 > idmap gid = 15000-20000 > winbind use default domain = yes > guest ok = yes > follow symlinks = no > case sensitive = no > os level = 33 > > preferred master = no > domain master = no > > #bind interfaces only = yes > #interfaces = fxp0 lo0 > #hosts deny = ALL > #hosts allow = 10.0.0.0/24 127. > > name resolve order = hosts wins bcast > And check your firewall rules. -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?df9ac37c0609031159g465fc525j75558cb833f04d56>