Problem when join linux to Win 2k3 PDC !

Discussion in 'Server Operation' started by locithcm, Jun 10, 2009.

  1. locithcm

    locithcm New Member

    Hi everyone ,
    My computer use Linux (Centos) ,Now I want to join it to my network
    company based on Window server 2003 as Primary Domain Controller(PDC),
    I did already sucessfully join it to my server 2k3. However,the main trouble in here,I type command wbinfo -u,wbinfo -g ,it return all members,group in my Active Directory. After that, I created a user named Loclx(PDC),then I log off user root on my Linux computer and log on it by using loclx,but it's impossible ! I wonder what is really causing this problem !
    Though visiting many forums as well as getting some ideas,I still
    not get the best solution so I'm still in the dark !
    Here is my /etc/samba/smb.conf :
    # Global parameters
    realm = LOC.COM
    workgroup = LOC
    server string = DATASHARE
    wins support = yes
    wins server =
    bind interfaces only = Yes
    pam password change = Yes
    passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n *Password*changed*
    password server = LOC.COM
    username map = /etc/samba/smbusers
    unix password sync = Yes
    log level = 1
    syslog = 0
    log file = /var/log/samba/%m
    max log size = 50
    smb ports = 139 445
    name resolve order = wins bcast hosts
    time server = Yes
    winbind separator = +
    winbind uid = 10000-20000
    winbind gid = 10000-20000
    winbind enum users = yes
    winbind enum groups = yes
    winbind use default domain = yes
    winbind cache time =15
    client schannel = no
    domain logons = yes
    domain master = Yes
    logon script = %U.bat
    logon path= \\%L\Profiles\%U
    wins support = Yes

    add user script = /usr/sbin/useradd -m %u
    delete user script = /usr/sbin/userdel -r %u
    add group script = /usr/sbin/groupadd %g
    delete group script = /usr/sbin/groupdel %g
    add user to group script = /usr/sbin/usermod -G %g %u
    add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
    logon script = scripts\%U.bat
    logon home = \\%L\homes\%U
    os level = 33
    preferred master = No
    domain master = No
    security = ads
    # security= ADS

    #domain logons =yes
    utmp = Yes
    veto oplock files = /*.doc/*.xls/*.mdb/
    idmap uid = 16777216-33554431
    idmap gid = 16777216-33554431
    template shell = /bin/false
    comment = Home Directories
    path= /home
    valid users =%D+%S
    read only = No
    create mask = 0664
    only user = Yes
    browseable = Yes
    writeable = yes
    valid user= %D+%S

    comment = SMB Print Spool
    path = /var/spool/samba
    guest ok = Yes
    printable = Yes
    use client driver = Yes
    default devmode = Yes
    browseable =Yes

    comment = Network Logon Service
    path = /var/lib/samba/netlogon
    guest ok = Yes
    locking = No
    browseable = Yes

    comment = Default share for group public
    path = /public
    writeable = yes
    read only = No
    browseable = Yes

    comment = Using for IT Department
    path = /itdept
    writeable = yes
    read only = No
    valid user [email protected] +itdept
    browseable = Yes

    comment= Here saved profiles
    path = /home/profiles
    browseable = yes
    guest ok = Yes
    force user = %U
    valid user = %U "Domain Admins"
    read only = no
    profile acls = Yes
    writeable = yes

    I also check by typing wbinfo -a Administrator%123456 , the return is:

    plaintext password authentication succeeded
    challenge/response password authentication succeeded
    It seems Ok !
    Really,It make me very confused after spending many days for hard working !
    Can anyone help me ?
    Any help offered will be appreciated. Thanks.
    Last edited: Jun 10, 2009

Share This Page