|
»
login.bat has error?
|
View:
New views
16 Messages
—
Rating Filter:
Alert me
|
 |
login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
Dear all,
I ran PDC on smbpasswd auth. When i use following the command, i receive : ////////////////////////////////////////// debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root Enter root's password: Creation of workstation account failed Unable to join domain MYLOVE. debian:/usr/local/etc/samba_3# /////////////////////////////////////////////////////// my smb.conf is : //////////////////////////////////////////////////////////// [global] netbios name = mylove server string = Axjooon workgroup = mylove os level = 65 prefered master = yes domain master = yes local master = yes domain logons = yes ;misc options #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO RCVBUF=8192 time server = yes hide dot files = yes #client code page = 852 #character set = ISO8859-2 smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd security = user guest ok = no invalid users = bin sys ftp man mail admin users = @admin wins support = yes # passdb backend = ldapsam:"ldap://ldap1.company.com ldap://ldap2.company.com" # passdb backend = ldapsam:ldap://127.0.0.1/ # ldap admin dn = cn=Manager,dc=mylove,dc=com #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com # ldap suffix = dc=mylove,dc=com # ldap group suffix = ou=Groups # ldap user suffix = ou=Users # ldap machine suffix = ou=Computers #ldap idmap suffix = ou=Idmap #add user script = /usr/sbin/smbldap-useradd -m "%u" #ldap delete dn = Yes #delete user script = /usr/sbin/smbldap-userdel "%u" # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" # add group script = /usr/sbin/smbldap-groupadd -p "%g" #delete group script = /usr/sbin/smbldap-groupdel "%g" # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" # delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% u' #domain admin group = @admin #domain admin users = root #encrypt password = yes ;logging log level = 2 log file = /usr/local/etc/samba_3/var/log.%L max log size = 10000 debug timestamp = yes syslog = 1 ;user roaming profiles path logon path = \\%N\profiles\%u ;general logon script logon script = logon.bat [netlogon] path = /home/samba/netlogon public = no writeable = no browseable = no valid users = root@debian [profiles] path = /home/samba/profiles writeable = yes create mask = 0700 directory mask = 0700 browseable = no valid users = root@debian ////////////////////////////////////////////////////////////// my login.bat is : /////////////////////////////////////////////////////////// @echo off rem by robowarp.DeleteThis@... leave to public as it is , dont think of asking me rem created for samba 3 login, the bat files were creted on the fly by genlogin.pl rem this script is only valid for win2000/NT/XP rem exec bat for logged in machine ( maybe software status or machine data ) echo %COMPUTERNAME% call %COMPUTERNAME%.bat rem exec bat for login user echo %USERNAME% call %USERNAME%.bat rem exec bat for different groups rem ifmember.exe must be in the netlogon share download it at microschrott ifmember Administrators if errorlevel 1 call Administrators.bat ifmember users if errorlevel 1 call users.bat ////////////////////////////////////////////////////////////// Please help me................ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Squeezer99
::
Rate this Message:
sounds like your computer doesn't have a machine account.
Mohsen Pahlevanzadeh wrote: > Dear all, > I ran PDC on smbpasswd auth. > When i use following the command, i receive : > ////////////////////////////////////////// > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > Enter root's password: > Creation of workstation account failed > Unable to join domain MYLOVE. > debian:/usr/local/etc/samba_3# > /////////////////////////////////////////////////////// > > > my smb.conf is : > > > > //////////////////////////////////////////////////////////// > [global] > netbios name = mylove > server string = Axjooon > workgroup = mylove > os level = 65 > prefered master = yes > domain master = yes > local master = yes > domain logons = yes > ;misc options > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > RCVBUF=8192 > time server = yes > hide dot files = yes > #client code page = 852 > #character set = ISO8859-2 > smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd > > security = user > guest ok = no > invalid users = bin sys ftp man mail > admin users = @admin > wins support = yes > # passdb backend = ldapsam:"ldap://ldap1.company.com > ldap://ldap2.company.com" > # passdb backend = ldapsam:ldap://127.0.0.1/ > # ldap admin dn = cn=Manager,dc=mylove,dc=com > #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com > # ldap suffix = dc=mylove,dc=com > # ldap group suffix = ou=Groups > # ldap user suffix = ou=Users > # ldap machine suffix = ou=Computers > #ldap idmap suffix = ou=Idmap > #add user script = /usr/sbin/smbldap-useradd -m "%u" > #ldap delete dn = Yes > #delete user script = /usr/sbin/smbldap-userdel "%u" > # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" > # add group script = /usr/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/sbin/smbldap-groupdel "%g" > # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > "%g" > # delete user from group script = /usr/sbin/smbldap-groupmod -x > "%u" "%g" > # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% > u' > > > > #domain admin group = @admin > #domain admin users = root > > #encrypt password = yes > > > ;logging > log level = 2 > log file = /usr/local/etc/samba_3/var/log.%L > max log size = 10000 > debug timestamp = yes > syslog = 1 > > ;user roaming profiles path > logon path = \\%N\profiles\%u > ;general logon script > logon script = logon.bat > > [netlogon] > path = /home/samba/netlogon > public = no > writeable = no > browseable = no > valid users = root@debian > > [profiles] > path = /home/samba/profiles > writeable = yes > create mask = 0700 > directory mask = 0700 > browseable = no > valid users = root@debian > ////////////////////////////////////////////////////////////// > > my login.bat is : > > > /////////////////////////////////////////////////////////// > @echo off > rem by robowarp.DeleteThis@... leave to public as it is , dont think > of asking me > rem created for samba 3 login, the bat files were creted on the fly by > genlogin.pl > rem this script is only valid for win2000/NT/XP > rem exec bat for logged in machine ( maybe software status or machine > data ) > echo %COMPUTERNAME% > call %COMPUTERNAME%.bat > rem exec bat for login user > echo %USERNAME% > call %USERNAME%.bat > rem exec bat for different groups > rem ifmember.exe must be in the netlogon share download it at > microschrott > ifmember Administrators > if errorlevel 1 call Administrators.bat > ifmember users > if errorlevel 1 call users.bat > ////////////////////////////////////////////////////////////// > > > Please help me................ > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
Dear Adam,
I changed my machine & install Samba & Ldap in other machine with new configuration. Even getent paaswd & getent shadow is work well.Ldap doesn't has problem. Even i invoke :smbldap-useradd -w mylove then i run net rpc join mylove -u root Enter root's password: Creation of workstation account failed Unable to join domain MYLOVE. debian:/usr/local/etc/samba_3# I confused.... My smb.conf: ///////////////////////////////////////////// [global] dos charset = UTF-8 display charset = UTF-8 workgroup = MYLOVE realm = MYLOVE netbios name = MYLOVE server string = %h server map to guest = Bad User passdb backend = ldapsam:ldap://127.0.0.1/ pam password change = Yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = logon.bat logon path = \\%N\profiles\%U logon drive = U: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=mylove ldap delete dn = Yes ldap group suffix = ou=group ldap idmap suffix = ou=idmap ldap machine suffix = ou=computer ldap suffix = dc=example,dc=com ldap ssl = no ldap user suffix = ou=people panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case sensitive = No hide unreadable = Yes map hidden = Yes map system = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0600 directory mask = 0700 browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [netlogon] path = /var/lib/samba/netlogon browseable = No [profiles] path = /var/lib/samba/profiles force user = %U read only = No create mask = 0600 directory mask = 0700 guest ok = Yes profile acls = Yes browseable = No csc policy = disable [public] path = /tmp read only = No guest ok = Yes On Tue, 2009-07-07 at 10:33 -0500, Adam Williams wrote: > sounds like your computer doesn't have a machine account. > > Mohsen Pahlevanzadeh wrote: > > Dear all, > > I ran PDC on smbpasswd auth. > > When i use following the command, i receive : > > ////////////////////////////////////////// > > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > > Enter root's password: > > Creation of workstation account failed > > Unable to join domain MYLOVE. > > debian:/usr/local/etc/samba_3# > > /////////////////////////////////////////////////////// > > > > > > my smb.conf is : > > > > > > > > //////////////////////////////////////////////////////////// > > [global] > > netbios name = mylove > > server string = Axjooon > > workgroup = mylove > > os level = 65 > > prefered master = yes > > domain master = yes > > local master = yes > > domain logons = yes > > ;misc options > > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > > RCVBUF=8192 > > time server = yes > > hide dot files = yes > > #client code page = 852 > > #character set = ISO8859-2 > > smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd > > > > security = user > > guest ok = no > > invalid users = bin sys ftp man mail > > admin users = @admin > > wins support = yes > > # passdb backend = ldapsam:"ldap://ldap1.company.com > > ldap://ldap2.company.com" > > # passdb backend = ldapsam:ldap://127.0.0.1/ > > # ldap admin dn = cn=Manager,dc=mylove,dc=com > > #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com > > # ldap suffix = dc=mylove,dc=com > > # ldap group suffix = ou=Groups > > # ldap user suffix = ou=Users > > # ldap machine suffix = ou=Computers > > #ldap idmap suffix = ou=Idmap > > #add user script = /usr/sbin/smbldap-useradd -m "%u" > > #ldap delete dn = Yes > > #delete user script = /usr/sbin/smbldap-userdel "%u" > > # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" > > # add group script = /usr/sbin/smbldap-groupadd -p "%g" > > #delete group script = /usr/sbin/smbldap-groupdel "%g" > > # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > > "%g" > > # delete user from group script = /usr/sbin/smbldap-groupmod -x > > "%u" "%g" > > # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% > > u' > > > > > > > > #domain admin group = @admin > > #domain admin users = root > > > > #encrypt password = yes > > > > > > ;logging > > log level = 2 > > log file = /usr/local/etc/samba_3/var/log.%L > > max log size = 10000 > > debug timestamp = yes > > syslog = 1 > > > > ;user roaming profiles path > > logon path = \\%N\profiles\%u > > ;general logon script > > logon script = logon.bat > > > > [netlogon] > > path = /home/samba/netlogon > > public = no > > writeable = no > > browseable = no > > valid users = root@debian > > > > [profiles] > > path = /home/samba/profiles > > writeable = yes > > create mask = 0700 > > directory mask = 0700 > > browseable = no > > valid users = root@debian > > ////////////////////////////////////////////////////////////// > > > > my login.bat is : > > > > > > /////////////////////////////////////////////////////////// > > @echo off > > rem by robowarp.DeleteThis@... leave to public as it is , dont think > > of asking me > > rem created for samba 3 login, the bat files were creted on the fly by > > genlogin.pl > > rem this script is only valid for win2000/NT/XP > > rem exec bat for logged in machine ( maybe software status or machine > > data ) > > echo %COMPUTERNAME% > > call %COMPUTERNAME%.bat > > rem exec bat for login user > > echo %USERNAME% > > call %USERNAME%.bat > > rem exec bat for different groups > > rem ifmember.exe must be in the netlogon share download it at > > microschrott > > ifmember Administrators > > if errorlevel 1 call Administrators.bat > > ifmember users > > if errorlevel 1 call users.bat > > ////////////////////////////////////////////////////////////// > > > > > > Please help me................ > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
|
|
|
Re: login.bat has error?
by John M. Drescher
::
Rate this Message:
On Thu, Jul 9, 2009 at 10:51 AM, Mohsen
Pahlevanzadeh<mohsen@...> wrote: > Can i hope to solve this problem? It would help if you posted the samba log from the PDC that showed what happened when you tried to join the domain. Also have you setup your nss_switch.conf and are you running nscd? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
When i run net rpc join mylove -U root i see following log
in /var/log/samba/log.mylove : [2009/07/10 02:54:12, 0] passdb/pdb_interface.c:pdb_default_create_user(336) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w mylove$' gave 9 when i saw it, i wanted to add to add by hand, but i saw it added already. Yes, i run nscd.Even i stop nscd but i didn't see anythings. I already configured nsswitch.conf for ldap : ////////////////nsswitch.conf bsswd: files ldap group: files ldap shadow: files ldap hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 ldap ////////////////////////////////////////// Even i run nmbd & smbd as non-daemon. Yours, Mohsen On Thu, 2009-07-09 at 11:14 -0400, John Drescher wrote: > On Thu, Jul 9, 2009 at 10:51 AM, Mohsen > Pahlevanzadeh<mohsen@...> wrote: > > Can i hope to solve this problem? > > It would help if you posted the samba log from the PDC that showed > what happened when you tried to join the domain. Also have you setup > your nss_switch.conf and are you running nscd? > > John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
|
|
|
Re: login.bat has error?
by Zoolook-3
::
Rate this Message:
Forwarding this one to the list:
On Thu, Jul 9, 2009 at 8:16 PM, Mohsen Pahlevanzadeh<mohsen@...> wrote: > Mylove is my netbios name & my workgroup name. Oh... That's a violation of the smb protocol :-) Your netbios name can't be your workgroup/domain name. Try that on Windows if you don't believe me. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by John M. Drescher
::
Rate this Message:
On Thu, Jul 9, 2009 at 7:38 PM, Norberto Bensa<nbensa@...> wrote:
> Forwarding this one to the list: > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > Pahlevanzadeh<mohsen@...> wrote: >> Mylove is my netbios name & my workgroup name. > > Oh... That's a violation of the smb protocol :-) > > Your netbios name can't be your workgroup/domain name. > > Try that on Windows if you don't believe me. > John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
Now i changed netbios name to my hostname.& my workgroup name is mylove.
But i got same error. On Thu, 2009-07-09 at 20:30 -0400, John Drescher wrote: > On Thu, Jul 9, 2009 at 7:38 PM, Norberto Bensa<nbensa@...> wrote: > > Forwarding this one to the list: > > > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > > Pahlevanzadeh<mohsen@...> wrote: > >> Mylove is my netbios name & my workgroup name. > > > > Oh... That's a violation of the smb protocol :-) > > > > Your netbios name can't be your workgroup/domain name. > > > > Try that on Windows if you don't believe me. > > > It also can not be the name of a user or group or anything else in smb > > John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
Now i changed my netbios name.but i get same error.
On Thu, 2009-07-09 at 20:38 -0300, Norberto Bensa wrote: > Forwarding this one to the list: > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > Pahlevanzadeh<mohsen@...> wrote: > > Mylove is my netbios name & my workgroup name. > > Oh... That's a violation of the smb protocol :-) > > Your netbios name can't be your workgroup/domain name. > > Try that on Windows if you don't believe me. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
Oh,I found following log in log.debian:
Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 1083. Do you know about this? Yours, Mohsen On Fri, 2009-07-10 at 14:03 +0430, Mohsen Pahlevanzadeh wrote: > Now i changed my netbios name.but i get same error. > On Thu, 2009-07-09 at 20:38 -0300, Norberto Bensa wrote: > > Forwarding this one to the list: > > > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > > Pahlevanzadeh<mohsen@...> wrote: > > > Mylove is my netbios name & my workgroup name. > > > > Oh... That's a violation of the smb protocol :-) > > > > Your netbios name can't be your workgroup/domain name. > > > > Try that on Windows if you don't believe me. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Zoolook-3
::
Rate this Message:
On Fri, Jul 10, 2009 at 6:42 AM, Mohsen
Pahlevanzadeh<mohsen@...> wrote: > Oh,I found following log in log.debian: > Error: modifications require authentication > at /usr/share/perl5/smbldap_tools.pm line 1083. Looking up the code of smbldap_tools.pm, it looks like it is trying to make a modification to the tree, but it doesn't have the required permissions (it wants to update $sambaUnixIdPooldn) Have you configured all these files ? : /etc/ldap/slapd.conf /etc/ldap/ldap.conf /etc/ldap.conf /etc/nsswitch.conf /etc/smbldap-tools/smbldap-tools.conf /etc/smbldap-tools/smbldap_bind.conf /etc/samba/smb.conf Have you ran smbldap-populate ? Does samba know the "ldap admin dn" password (smbpasswd -W) ? Can you run "smbldap-useradd -w workstation"? Does it succeed? HTH, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Mohsen Pahlevanzadeh
::
Rate this Message:
I have configure all of them.But you remind me hash of
smbldap_bind.conf, i input clear text password.May i input hash of my password? smbldap-useradd -w workstation can't run.and gives me error: Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 1083. [2009/07/10 13:53:22, 0] passdb/pdb_interface.c:pdb_default_create_user(336) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w debian$' gave 1 On Fri, 2009-07-10 at 14:14 -0300, Norberto Bensa wrote: > smbldap_bind.conf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Zoolook-3
::
Rate this Message:
On Fri, Jul 10, 2009 at 4:23 PM, Mohsen
Pahlevanzadeh<mohsen@...> wrote: > I have configure all of them.But you remind me hash of > smbldap_bind.conf, i input clear text password.May i input hash of my > password? AFAIK, you need clear text passwords. What about your ACLs? Does DN have permission to write? Are you sure you have not made a typo somewhere? Do you have the samba.schema in place? The error you posted is -apparently- from Samba. When you run smbldap-useradd from CLI, does it gives an error? Can you run "smbldap-useradd somebody"? Remember that computers are users too, so nss_base_passwd (/etc/ldap.conf) must be configured so it can return entries in ou=users and ou=computers (in your case it must be nss_base_passwd dc=mylove?sub) BTW, are you running: smbldap-useradd -w debian$ or smbldap-useradd -w debian ? Regards, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
|
|
Re: login.bat has error?
by Zoolook-3
::
Rate this Message:
On Thu, Jul 9, 2009 at 8:31 AM, Mohsen
Pahlevanzadeh<mohsen@...> wrote: > ldap suffix = dc=example,dc=com Ohh... Your smb.conf is wrong. That one should read: ldap suffix = dc=mylove -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |
| Free embeddable forum powered by Nabble | Forum Help |
