Hi everyone , My computer use Linux (Centos) ,Now I want to join it to my network company based on Window server 2003 as Primary Domain Controller(PDC), I did already sucessfully join it to my server 2k3. However,the main trouble in here,I type command wbinfo -u,wbinfo -g ,it return all members,group in my Active Directory. After that, I created a user named Loclx(PDC),then I log off user root on my Linux computer and log on it by using loclx,but it's impossible ! I wonder what is really causing this problem ! Though visiting many forums as well as getting some ideas,I still not get the best solution so I'm still in the dark ! Here is my /etc/samba/smb.conf : # Global parameters [global] realm = LOC.COM workgroup = LOC server string = DATASHARE wins support = yes wins server = 10.100.10.143 bind interfaces only = Yes pam password change = Yes passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n *Password*changed* password server = LOC.COM username map = /etc/samba/smbusers unix password sync = Yes log level = 1 syslog = 0 log file = /var/log/samba/%m max log size = 50 smb ports = 139 445 name resolve order = wins bcast hosts time server = Yes winbind separator = + winbind uid = 10000-20000 winbind gid = 10000-20000 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes winbind cache time =15 client schannel = no domain logons = yes domain master = Yes logon script = %U.bat logon path= \\%L\Profiles\%U wins support = Yes add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = scripts\%U.bat logon home = \\%L\homes\%U os level = 33 preferred master = No domain master = No security = ads # security= ADS #domain logons =yes utmp = Yes veto oplock files = /*.doc/*.xls/*.mdb/ idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false [homes] comment = Home Directories path= /home valid users =%D+%S read only = No create mask = 0664 only user = Yes browseable = Yes writeable = yes valid user= %D+%S [printers] comment = SMB Print Spool path = /var/spool/samba guest ok = Yes printable = Yes use client driver = Yes default devmode = Yes browseable =Yes [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes locking = No browseable = Yes [public] comment = Default share for group public path = /public writeable = yes read only = No browseable = Yes [ITDepartment] comment = Using for IT Department path = /itdept writeable = yes read only = No valid user =@LOC.COM +itdept browseable = Yes [Profiles] comment= Here saved profiles path = /home/profiles browseable = yes guest ok = Yes force user = %U valid user = %U "Domain Admins" read only = no profile acls = Yes writeable = yes I also check by typing wbinfo -a Administrator%123456 , the return is: plaintext password authentication succeeded challenge/response password authentication succeeded It seems Ok ! Really,It make me very confused after spending many days for hard working ! Can anyone help me ? Any help offered will be appreciated. Thanks.