Red Hat Bugzilla – Bug 7539
NT ownership/perms problem using SMB server
Last modified: 2008-05-01 11:37:53 EDT
We just installed RH 6.1 on our file server (from scratch, not na
upgrade). We configured it to continue providing domain controller
services (via SMB) to our network of '95 and 'NT machines. We were able to
preserve our existing smb.conf file, with only a couple of minor updates.
After the initial configuration problems (e.g. each 'NT machine "forgot"
that it was in the domain and had to be re-added), most services work
fine. We are able to share files, authenticate/login from the 'NT
HOWEVER, there is one horrible problem that we have been unable to solve.
There seems to be a problem with user permissions or group membership;
it's not clear which. The symptom is that every time a user logs in, the
'NT machine creates a _new account_ for the user, as if they had never
logged in before. FURTHERMORE, once logged in, the user is unable to make
any changes to the local machine settings; it seems that any preference
changes result in an access denial of some kind. For instance, trying to
change desktop preferences doesn't work; trying to change system settings
(such as keyboard or date) results in an access denial message. This poses
a serious problem, since user's are unable to save any information about
I have tried, as an experiment, download the head branch of SAMBA. This
never (alpha 2.1) version seems to behave much the same way, although
there are some additional services available (e.g. under 2.1 a user can
actually browse the group membership lists, etc.; while under the version
that comes with RH 6.1 such browsing is not supported). Both versions
demonstrate the "lack of access rights" problem described above.
I'm hoping this is a configuration error--perhaps some new settings that
we need to implement since the upgrade. If anyone can help, please do!
Otherwise, I hope it gets filed as a priority bug...
Zacharias J. Beckman
Are you using encrypted passwords?
------- Email Received From "Zacharias J. Beckman" <email@example.com> 12/06/99 12:35 -------
Hmm... while we're still looking at this, you may want
to try the samba-2.0.6 packages from Raw Hide. Looking
at the changelog, however, there doesn't seem to be anything
in particular that would relate to this.
A few comments on the original question:
The NT Machines only know they are a member of the domain by the servers
/etc/MACHINE.SID file, the upgrade probably changed this.
Regarding PDC support try Samba 2.0.7, and read the documents at
http://bioserve.biochem.latrobe.edu.au/samba/ or look at
http://www.samab-tng.org for Samba TNG, an attempt to get full PDC support for
samba. Finally the original Samba team are attempting to get better PDC support
too, see http://www.samba.org for details.
Does this problem still exist? Has any resolution been found?
No feedback, so I assume it's fixed. Reopen with more information if it isn't.