hika
Apprentice
Joined: 13 Mar 2009
Posts: 234
Location: Utrecht
|
 Posted: Mon Mar 16, 2009 5:58 am Post subject: Failed Trustrelation between server and workstation |
 |
|
The last few weeks I have been installing two Gentooservers with Samba as PDC. The first that ultimately is to move to another location worked OK. The second gives an error I can't find anything about. Both have in essence the same configuration, only a different Domain and machine name. When after joining a workstation to the domain I try to logon I get the error:
"The trust relation between this workstation and the primairy domain failed"
If I logon local to the workstation I can normal browse the network and all the samba shares. If I try to connect to this workstation from another workstation I get the same error.
The weirdest is that when after long searching I booted the first installed server up again (it had been off for at least a week since it's going to move elsewhere) and joined my laptop to that first made domain, all went OK and after rejoining the second domain the error had gone...only on that workstation! My normal desktop workstation still gives this error. All this suggests that the problem is windows based.
I tried flushing the netbios several times, also ones bringing everything down and first bringing the server up to let it quietly claim its place.
It is LMB and DMB. I am out of things to try. Also on microsoft I find nothing.
This is the first part of the smb.conf:
Next to Samba on this server is also running VmWare with a Novel 5.1 server
Cups on both servers is running but not yet configured.
[global]
workgroup = HOME
netbios name = gentooserver
server string = DKW SambaServer
local master = Yes
preferred master= Yes
domain master = Yes
wins support = Yes
os level = 66
time server = Yes
dos filetimes = Yes
interfaces = eth0 lo
bind interfaces only = Yes
hosts allow = 127.0.0.1 192.168.249.0/24 192.168.0.0/24
# hosts deny = 0.0.0.0/0
# valid users = @smbusers,hika
security = user
enable privileges = Yes
domain logons = Yes
encrypt passwords = Yes
# pam password change = Yes
# passwd program =
idmap alloc backend = tdb
idmap backend = tdb
idmap uid = 10000-20000
idmap gid = 10000-20000
passdb backend = tdbsam
username map = /etc/samba/smbusers
template homedir = /home/samba/%u
logon script = %U.bat
logon drive = H:
# Dit blokt de roaming profiles voor W2k/XP
logon path = ""
# Dit blokkeert de H mapping?
#logon home = \\%N\home\samba\%U
add user script = /usr/sbin/useradd -G smbusers -s /bin/false -m -d /home/samba/%u %u
#rename user script =
delete user script = /usr/sbin/userdel %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/groupmems -a %u -g %g
delete user from group script = /usr/sbin/groupmems -d %u -g %g
add machine script = /usr/sbin/useradd -g 1003 -d /dev/null -s /bin/false %u
printcap name = cups
printing = cups
# disable spoolss
# show add printer wizard
load printers = Yes
# preload =
# preload modules =
log file = /var/log/samba/%m.log
max log size = 200
log level = 1
syslog = 1
read only = No
browseable = Yes
#hide unreadable = Yes
hide dot files = Yes
wide links = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
[homes]
comment = %U's Home directory
path = /home/samba/%u
valid users = %S
create mask = 0740
directory mask = 0770
browseable = No
guest ok = No
#map archive = Yes
[printers]
comment = All printers
path = /var/spool/samba
#printer admin = root, hika
create mask = 0600
guest ok = Yes
printable = Yes
browseable = Yes
use client driver = Yes
#min print space = 2000
#queuepause command =
#queueresume command =
[netlogon]
path = /var/lib/samba/netlogon
read only = Yes
browseable = No
Another practical question: Does anybody know how to prepare a windows machine so that you at login can chose between different domains (handy for a laptop)
Hika |
|
Networking & Security
