[Fedora-directory-users] Joins domain, won't logon.
James van Zeeland
james at dvzproperty.com
Fri Nov 11 13:44:50 UTC 2005
The pre 3.0.11 fix for something similar was tested by placing the
Computers OU inside the People ou. Made no difference.
The rogue WINS entry may have come about through the legacy samba server
that this FC4 build replaces (redhat 5 vintage) - the IP noted was it's
old IP address before the subnet was altered and the server replaced. It
was however, patched in and turned on; I think nmb broadcasts go to
255.255.255.255/0 rather than (for example) 10.2.3.255/24 ??
smb.conf seems to be correct for domain controller.
> Of note : when loggged in as local administrator, password sync'd with
> PDC, map some network drives, then attempt to join the machine to the
> domain, it will FAIL reporting that multiple connections using different
> credentials are a no-no.
So I am wondering why when I have a network connection to a file share
open as user "Administrator" (uid 0) I cannot then connect the machine
to a domain, but if I disconnect mapped drives, restart and try again
with the same credentials, it will connect to the domain, but (reset
again :-) then fail to actually login with any domain account.
Should I be looking closely at the directories "Administrator" account?
Could a problem or poor configuration of the root/administrator accounts
be the root cause?
J
On Fri, 2005-11-11 at 18:02, James van Zeeland wrote:
> Hi.
>
> Up to date FC4 install + Fedora Directory + Samba + VMware , on HP ML150
> dual 3.0G Xeons w/ 2Gb
>
> Boots as a Directory server, and then on start of X logs in as vmware
> user which starts a VMware only session (no window manager) and launches
> a 2003 terminal server. Files are served from samba on the linux host.
>
> Up till now users have been happilly using old workstations in workgroup
> mode with syncd passwds, no problemo. I can't see anything in smb.conf
> to explain this behaviour :
>
> 2003 Terminal server was built, intended to be the first genuine domain
> member. It happilly joined the domain, but on attempt to login, reports
> "Cannot log you in now because the domain <DOMNAME> is unavailable"
>
> But it is available. Or should be.
>
> Sorry, do not have the config files immediately on hand ( no remote
> access yet - new installation)
>
> Thought I'd throw a feeler out and see if anyone can tell me what can
> cause this behaviour.
>
> I read about a samba bug that caused something like this (machine
> accounts must be stored in the same ou as users, but this was supposedly
> fixed around samba 3.0.11 and I'm on 3.0.14something here.)
>
> I have smbldap-tools installed, behaviour is same manually creating
> machine account or letting it be created by samba.
>
> I also had trouble with WINS support throwing a bad IP address (not even
> inside the subnet) into the mix. No idea where that came from; Disabling
> WINS (don't need it yet) fixed that, but the domain not available on
> attempted login has me scratching my head.
>
> I also read about DNS sometimes causing this, but the FQDN for both
> machines my-server1.mydomain.local and my-appserver1.mydomain.local both
> resolve without a problem.
>
> I don't know what's wrong and am considering removing the directory and
> SAMBA and taking the network down to reconfigure them from scratch
> because somethings wack.
>
> Of note : when loggged in as local administrator, password sync'd with
> PDC, map some network drives, then attempt to join the machine to the
> domain, it will FAIL reporting that multiple connections using different
> credentials are a no-no.
>
> J
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
More information about the Fedora-directory-users
mailing list