We just installed RH 6.1 on our file server (from scratch, not na upgrade). We configured it to continue providing domain controller services (via SMB) to our network of '95 and 'NT machines. We were able to preserve our existing smb.conf file, with only a couple of minor updates. After the initial configuration problems (e.g. each 'NT machine "forgot" that it was in the domain and had to be re-added), most services work fine. We are able to share files, authenticate/login from the 'NT machines, etc. HOWEVER, there is one horrible problem that we have been unable to solve. There seems to be a problem with user permissions or group membership; it's not clear which. The symptom is that every time a user logs in, the 'NT machine creates a _new account_ for the user, as if they had never logged in before. FURTHERMORE, once logged in, the user is unable to make any changes to the local machine settings; it seems that any preference changes result in an access denial of some kind. For instance, trying to change desktop preferences doesn't work; trying to change system settings (such as keyboard or date) results in an access denial message. This poses a serious problem, since user's are unable to save any information about themselves. I have tried, as an experiment, download the head branch of SAMBA. This never (alpha 2.1) version seems to behave much the same way, although there are some additional services available (e.g. under 2.1 a user can actually browse the group membership lists, etc.; while under the version that comes with RH 6.1 such browsing is not supported). Both versions demonstrate the "lack of access rights" problem described above. I'm hoping this is a configuration error--perhaps some new settings that we need to implement since the upgrade. If anyone can help, please do! Otherwise, I hope it gets filed as a priority bug... Sincerely, Zacharias J. Beckman zbeckman
Are you using encrypted passwords? ------- Email Received From "Zacharias J. Beckman" <zbeckman> 12/06/99 12:35 -------
Hmm... while we're still looking at this, you may want to try the samba-2.0.6 packages from Raw Hide. Looking at the changelog, however, there doesn't seem to be anything in particular that would relate to this.
A few comments on the original question: The NT Machines only know they are a member of the domain by the servers /etc/MACHINE.SID file, the upgrade probably changed this. Regarding PDC support try Samba 2.0.7, and read the documents at http://bioserve.biochem.latrobe.edu.au/samba/ or look at http://www.samab-tng.org for Samba TNG, an attempt to get full PDC support for samba. Finally the original Samba team are attempting to get better PDC support too, see http://www.samba.org for details.
Does this problem still exist? Has any resolution been found?
No feedback, so I assume it's fixed. Reopen with more information if it isn't.