MischaTheEvil
Technical User
Hi there all,
I'm a new member of this forum. It looks very good...
I'm having a problem with my Samba configuration I want to share with the board. Maybe someone has experience with this issue or has some usefull ideas...
I'm using the ClarkConnect Home-edition Linux-Distro ( for my (home) server. It's running Samba v.3.0.20a-1, as a PDC, and it's working ok. But because of security reasons I want the user root out of my samba-config. Now I want to give another user (admin) the permissions to add machines into my domain. In Putty I gave the command:
but after filling in the password for root I get this error:
Could not connect to server 127.0.0.1.
I have tested this for the second time on my test-network but then I got the same error.
Here's a copy of my smb.conf:
#======================= Global Settings =====================================
[global]
# NETWORK SETTINGS
#-----------------
netbios name = server
workgroup = domain
server string = ClarkConnect with Samba %v
# PDC SPECIFIC SETTINGS
#----------------------
add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u
security = user
encrypt passwords = yes
domain logons = yes
smb passwd file = /etc/samba/smbpasswd
passwd program = /usr/bin/passwd %u
unix password sync = Yes
pam password change = Yes
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
os level = 255
# INTERFACE SETTINGS
#-------------------
interfaces = lo eth1
bind interfaces only = yes
# SOCKET SETTINGS
#----------------
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# NAMING-SERVICES SETTINGS
#-------------------------
dns proxy = no
domain master = yes
local master = yes
preferred master = yes
name resolve order = wins lmhosts bcast
# WINS-SCECIFIC SETTINGS
#-----------------------
disable netbios = Yes
wins support = yes
wins server =
# LOGON SETTINGS
#---------------
#The setting for Roaming Profiles
logon path = \\%L\Profiles\%U
logon path =
logon script = %u.bat
guest account = nobody
map to guest = Never
guest ok = No
utmp = yes
wtmp directory = /var/log
hosts allow = 127.0.0.1 192.168.1.0/255.255.255.248
# LOG SETTINGS
#-------------
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
# Authconfig adds these
#----------------------
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
#============================ Share Definitions ==============================
# SAMBA RECYCLEBIN SETTINGS
#--------------------------
vfs object = recycle
recycle:repository=.recycle
recycle:versions=True
recycle:touch=True
recycle:keeptree=True
recycle:exclude=*.tmp *.temp *.o *.obj ~$*
[homes]
comment = Home Folders
path = /home/%u/home
create mask = 0770
directory mask = 0770
force create mode = 0770
force directory mode = 0770
read only = no
browseable = no
[NetLogon]
comment = Network Logon Service
path = /home/ntadmin/netlogon
create mask = 0770
force create mode = 0770
read only = yes
browsable = no
write list = @admins
force user = root
force group = admins
[profiles]
comment = Roaming-Profile's Folder
path = /home/ntadmin/profiles
profile acls = yes
writable = yes
browseable = no
guest ok = yes
The "normal" net rap-commands do work good...
Is there here anyone who has some clues on this issue maybe??? I would appreciate any reply's... Thanks already...
Greetz,
Mischa.
I'm a new member of this forum. It looks very good...
I'm having a problem with my Samba configuration I want to share with the board. Maybe someone has experience with this issue or has some usefull ideas...
I'm using the ClarkConnect Home-edition Linux-Distro ( for my (home) server. It's running Samba v.3.0.20a-1, as a PDC, and it's working ok. But because of security reasons I want the user root out of my samba-config. Now I want to give another user (admin) the permissions to add machines into my domain. In Putty I gave the command:
Code:
[b][COLOR=red]net -U root rpc rights grant 'DOMAIN\admin' setMachineAccountPrivilege[/color][/b]but after filling in the password for root I get this error:
Could not connect to server 127.0.0.1.
I have tested this for the second time on my test-network but then I got the same error.
Here's a copy of my smb.conf:
#======================= Global Settings =====================================
[global]
# NETWORK SETTINGS
#-----------------
netbios name = server
workgroup = domain
server string = ClarkConnect with Samba %v
# PDC SPECIFIC SETTINGS
#----------------------
add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u
security = user
encrypt passwords = yes
domain logons = yes
smb passwd file = /etc/samba/smbpasswd
passwd program = /usr/bin/passwd %u
unix password sync = Yes
pam password change = Yes
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
os level = 255
# INTERFACE SETTINGS
#-------------------
interfaces = lo eth1
bind interfaces only = yes
# SOCKET SETTINGS
#----------------
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# NAMING-SERVICES SETTINGS
#-------------------------
dns proxy = no
domain master = yes
local master = yes
preferred master = yes
name resolve order = wins lmhosts bcast
# WINS-SCECIFIC SETTINGS
#-----------------------
disable netbios = Yes
wins support = yes
wins server =
# LOGON SETTINGS
#---------------
#The setting for Roaming Profiles
logon path = \\%L\Profiles\%U
logon path =
logon script = %u.bat
guest account = nobody
map to guest = Never
guest ok = No
utmp = yes
wtmp directory = /var/log
hosts allow = 127.0.0.1 192.168.1.0/255.255.255.248
# LOG SETTINGS
#-------------
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
# Authconfig adds these
#----------------------
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
#============================ Share Definitions ==============================
# SAMBA RECYCLEBIN SETTINGS
#--------------------------
vfs object = recycle
recycle:repository=.recycle
recycle:versions=True
recycle:touch=True
recycle:keeptree=True
recycle:exclude=*.tmp *.temp *.o *.obj ~$*
[homes]
comment = Home Folders
path = /home/%u/home
create mask = 0770
directory mask = 0770
force create mode = 0770
force directory mode = 0770
read only = no
browseable = no
[NetLogon]
comment = Network Logon Service
path = /home/ntadmin/netlogon
create mask = 0770
force create mode = 0770
read only = yes
browsable = no
write list = @admins
force user = root
force group = admins
[profiles]
comment = Roaming-Profile's Folder
path = /home/ntadmin/profiles
profile acls = yes
writable = yes
browseable = no
guest ok = yes
The "normal" net rap-commands do work good...
Is there here anyone who has some clues on this issue maybe??? I would appreciate any reply's... Thanks already...
Greetz,
Mischa.