Hallo
Flugendes Problem:
Einer Domäne beitreten ist möglich, aber wenn ich mich mit einem Domänen Benutzer anmelde bekomme ich folgende Fehlermeldung:
die vertrauensstellung zwischen dieser arbeitsstation und der primären Domäne konnte nicht hergestellt werden.
Die Nötigen Registery Einstellungen habe ich gemacht, auch das Lan Manager Authentifizierungs Level habe ich umgestellt.
Folgende Einstellungen aus einem Forum habe ich auch vorgenommen:
Navigated to Computer Configuration\Windows Settings\Security Settings\Local Policies
Opened User Rights Assignments
Added the Administrators group to the right: Add workstations to domain
Opened Security Options
Disabled the option: Domain member: Digitally encrypt or sign secure channel data (always)
Disabled the option: Domain member: Disable machine account password changes
Disabled the option: User Account Control: Admin approval mode for the Built-in Administrator account
Set "Elevate without prompting" on: User Account Control: Behaviour of the elevation prompt for administrators in Admin Approval Mode
Disabled the option: User Account Control: Run all administrators in Admin Approval Mode
Hier ist auch das log vom entsprechenden PC:
Her die smb.conf:
Ich hoffe ihr könnt mir helfen ich weiß echt nicht mehr woran es liegen könnte.
mfg Kipferl
Flugendes Problem:
Einer Domäne beitreten ist möglich, aber wenn ich mich mit einem Domänen Benutzer anmelde bekomme ich folgende Fehlermeldung:
die vertrauensstellung zwischen dieser arbeitsstation und der primären Domäne konnte nicht hergestellt werden.
Die Nötigen Registery Einstellungen habe ich gemacht, auch das Lan Manager Authentifizierungs Level habe ich umgestellt.
Folgende Einstellungen aus einem Forum habe ich auch vorgenommen:
Navigated to Computer Configuration\Windows Settings\Security Settings\Local Policies
Opened User Rights Assignments
Added the Administrators group to the right: Add workstations to domain
Opened Security Options
Disabled the option: Domain member: Digitally encrypt or sign secure channel data (always)
Disabled the option: Domain member: Disable machine account password changes
Disabled the option: User Account Control: Admin approval mode for the Built-in Administrator account
Set "Elevate without prompting" on: User Account Control: Behaviour of the elevation prompt for administrators in Admin Approval Mode
Disabled the option: User Account Control: Run all administrators in Admin Approval Mode
Hier ist auch das log vom entsprechenden PC:
Code:
[2010/05/04 09:35:33, 1] smbd/service.c:make_connection_snum(1206)
jt-pc (192.168.10.106) connect to service daten initially as user jt (uid=1024, gid=100) (pid 20426)
[2010/05/04 09:38:27, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client JT-PC machine account JT-PC$
[2010/05/04 09:58:54, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client JT-PC machine account JT-PC$
[2010/05/04 09:59:42, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client JT-PC machine account JT-PC$
[2010/05/04 10:00:33, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client JT-PC machine account JT-PC$
[2010/05/04 10:02:28, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client JT-PC machine account JT-PC$
[2010/05/04 10:03:26, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(520)
_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth request from client JT-PC machine account JT-PC$
[2010/05/04 10:17:38, 1] smbd/service.c:make_connection_snum(1206)
Her die smb.conf:
Code:
[global]
passdb backend = tdbsam
log level = 1
log file = /var/log/samba/log.%I
workgroup = CANDOL
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = Yes
add user script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/f alse %m$
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /b in/false %m$
#add machine script = useradd -s /bin/false -d /home/%u %u
domain logons = Yes
domain master = Yes
local master = Yes
os level = 200
preferred master = Yes
security = user
usershare max shares = 100
netbios name = Datenserver
encrypt passwords = true
logon script = logon.bat
wins support = no
dns proxy = no
obey pam restrictions = yes
unix password sync = no
socket options = TCP_NODELAY
# dos filemode = yes
# ntlm auth = yes
# lanman auth = yes
# client ntlmv2 auth = yes
[homes]
comment = Home Directories
valid users = %S, %D%w%S, administrator
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
guest ok = yes
# create mask = 0600
# directory mask = 0700
profile acls = yes
csc policy = disable
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon/
write list = root
writeable = no
browsable = no
guest ok = yes
share modes = no
[daten]
comment = Daten
writeable = yes
public = yes
path = /daten
read only = no
create mask = 0775
force create mode = 0775
directory mask = 0775
force directory mode = 0775
Ich hoffe ihr könnt mir helfen ich weiß echt nicht mehr woran es liegen könnte.
mfg Kipferl