Topic: Missing info in the on-line 5.1 manual

[Lasse Johansson]

One of the new features in 5.1 is supposed to be Windows 2000 and XP domain logon support, but the screen shot showed at

http://www.e-smith.org/docs/manual/5.1/admin-setworkgroup.html

doesn't seem to come from 5.1.2 at all, - neiter is this feature mentioned in the manual.

[Gary Parker]

Well, I found it and configured it!

I then set up my XP laptop to join the domain, which it did quite happily after giving the 'admin' account name and password. However, upon rebooting it then took about 10 mins to 'build a domain list' and then wouldn't let me login. Looking at the smb log file for the lapto there were lots of errors regarding there being no account for the machine to logon to the domain. In M$ circles this usually done when the machine joins the domain, do I have to do this manually somehow in E-Smith?

Gary

[Damien Curtain]

If youd searched the lists youd know to apply this registry setting

damienc@damienc Registry >cat WinXP_SignOrSeal.reg
;
; This registry key (gathered from the Samba-tng lists) is needed
; for a Windows XP client to join and logon to a Samba domain
;

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters]
"RequireSignOrSeal"=dword:00000000

[Damien Curtain]

And If Lasse is correct you need to also create a machine account, I was sure this would be available in the account creation setting or how else can they support win2k domain logons except including a relevant version of samba?

Search for adduser and there should be an example that shows you how to add a machine account, itll be called "machine$"

If this isnt available as default perhaps someone will bring out a manager panel to support machine accounts....
--
 Damien

[Damien Curtain]

Manually you can do:

/sbin/e-smith/signal-event machine-account-create machinename$

/usr/bin/smbpasswd -a -m machinename
--
 Damien

[Gary Parker]

Cheers for the heads-up, guys..

I've got no problem doing that, but I kind of expected a system that markets it's self as being able to be an XP and 2K PDC 'out-of'-the-box' to not need registry hacks or command line work. Maybe this ought to be in the documentation or automated as part of the account creation bits.

You shouldn't have to search support lists to find out how to hack one of the advertised features into working....

So, do I need to hack the XP registry *and* manually add the machine account to samba, or is it either/or?

Gary

[Filippo Carletti]

> So, do I need to hack the XP registry *and* manually add the
> machine account to samba, or is it either/or?

Didn't check personally, but adding the machine account should NOT be needed with SME 5.1.2.
And when asked to enter an account name with permission to add a machine to a domain you should use root and not admin (I hope Mitel clarifies this, I don't exactly)

[Damien Curtain]

Gary Parker wrote:
>
> Cheers for the heads-up, guys..
>
> I've got no problem doing that, but I kind of expected a
> system that markets it's self as being able to be an XP and
> 2K PDC 'out-of'-the-box' to not need registry hacks or
> command line work. Maybe this ought to be in the
> documentation or automated as part of the account creation
> bits.

Mitel cant quite be expected to be able to solve every hurdle Microsoft seem to invent to prevent usage of 3rd party samba servers
 
> You shouldn't have to search support lists to find out how to
> hack one of the advertised features into working....
>
> So, do I need to hack the XP registry *and* manually add the
> machine account to samba, or is it either/or?

Just the registry modification. The events appear to be called via the add user script feature of samba 2.1 and above. Perhaps this info is in the manual and Lasse didnt see it, if not it might make a good addition, as very few live sites have been using this directive, it was discouraged early on on quite a few ml's.

Would be good if you could pull this registry fix from the server.
--
 Damien

[Tyrone Miles]

Hey I have 2 e-smith 5.1 servers and I can not get my XP machine in the the "Domain" if I log into a local user account with a local admin account besides administrator I get:

The following error occurred attempting to join the domain HOME

Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.

If I log into the local machine as administrator then try I get:

User name or password is incorrect.

Even if I use admin to try or I use root. And I have tried switching which server is the primary server etc..

I know Mitel cant quite be expected to be able to solve every hurdle Microsoft seems to invent to prevent usage of 3rd party samba servers. True but if it does not at least work then you should not advertise that your product. Or just say it's still under development or something. Because the XP support is what turned me on to the new version.

[Gary Parker]

Thanks for the help, got it all running nicely now...

Phew....such a relief to be able to point out a problem/short-coming in something and not only get the help you need but also not get your head ripped off for it! I know there are a few people on these forums who used to be SmoothWall users and know *exactly* what I mean

Gary

[Tyrone C. Miles]

So did you use the Reg hack or make changes to the server?

[Gary Parker]

Ran the command on the server.....at least that seems like an 'intended' way of doing things....MS products are fragile enough without fannying about with the registry...

Gary

[guestHH]

Tyrone,

Examine if you have a existing connection/mapping to the SME server. If so, disconnect it and boot as a 'clean' machine withut any mapping and joint the domain by using root account ans [password].

HFW

[guestHH]

My typing is getting worse every time.....

[Tyrone C. Miles]

LOL! Not a problem..

[Dan York]

Lasse,

> One of the new features in 5.1 is supposed to be Windows 2000
> and XP domain logon support, but the screen shot showed at
>
> http://www.e-smith.org/docs/manual/5.1/admin-setworkgroup.html
>
> doesn't seem to come from 5.1.2 at all, - neiter is this
> feature mentioned in the manual.

Hmmm... looks like you nailed a bug in the doco... and since
I am the one that did this version of the User Guide, it is
my mistake.  This version of the User Guide was put out during
the transition of the maintaining of the document over to the
Mitel Customer Documentation staff.  It seems that in the middle
of the transition, I did not do enough verification of the
screen shots.  I did go through and check them all, but obviously
missed this one.

My apologies,
Dan

[Dan York]

Gary,

> I've got no problem doing that, but I kind of expected a
> system that markets it's self as being able to be an XP and
> 2K PDC 'out-of'-the-box' to not need registry hacks or
> command line work. Maybe this ought to be in the
> documentation or automated as part of the account creation
> bits.
>
> You shouldn't have to search support lists to find out how to
> hack one of the advertised features into working....

You are definitely right that you shouldn't have to, and as
the guy who wrote the product announcement - as well as the
User Guide - it looks like I need to clarify our XP/2000 support.
I'll post something here as soon as I can.

Regards,
Dan