Topic: Win XP domain logon..... Again.....

[Peter Smit]

Hi everyone,

I setup a sme 6.0 server and tried to join the domain from a winxp box but no luck.....

And yes I done the regestry settings, Used the patch from the sme server... checked it manualy... and the settings are oke.
and yes I searched the forum.

when I trie to join it asks me for th admin and password account.

so far so good, but then it says the domain can't be contacted or the domain doesn't exist. (i am sorry if the words aren't correct, translated it from dutch)
When I trie to join from a win2K box everythig goes smoothly and works.

does anyone have an idea???

thanx in advance,

peter smit

[Finchwizard]

Can you ping the SME Box?

Cables all plugged in...?

I'm not being stupid, it's often the simpliest things that can be the problem, I've done it a few times....

The Domain is really typed in correct?


User exists that you are using?
You may need to supply a Admin Username and password to join the domain. Is that what's happening?

Just supply the admin account on the SME Box....

[ryan]

On 5.1.2, I found that sometimes.....clients had to be in a workgroup with the same name as the domain before adding to the domain.  So put them in the workgroup, reboot, then add to the domain of the same name as the work group.  It might be worth a try.

ryan

[Boris]

Don't put WinXP to the same workgroup. If you have, change workgroup to "temp" or something else and reboot.
Make sure, that WinXP computer uses SME box as a DNS and WINS server and it is on the the same LAN. If its not on the same LAN, remote_announce for samba needs to be corrected.
After restart, don't try to connect to SME via samba, just ping it by name, to make sure name resolution works.
Try to joindomain and now change to correct domain name.

[Henk]

After upgrading form 6.0B3 to SME 6.0 final I had the same problem. My  Windows XP workstations didn't have a trust relationship with the server anymore. I could delete them from the domain, but not add them again.

I've put the workstations in a workgroup with a different name (just workgroup). After that I still couldn't join the domain (I gave in admin and password, but it was an unknown user said the system). I tried to change the name of the workstations (Computer Name). After a reboot I could join the domain again.

[%sig%]

[Peter Smit]

thanx all,

Tried everyting you wrote.
Still no luck, changed the workgroup name, computername even the domain name.

there must be something simpel that I am overseeing

still trieing..............

Peter Smit

[Henk]

DId you set the server as Workgroup and Domain Controller in the server manager??

If you´re looking for something simple, this could be a start.

[ryan]

Its been a while, but I recall this issue with SME and windows 2k.  Try creating a root smb user account using the command line.  Make the account active and set the password to the same as the SME server password.  It might work.  

Regardless, this is a big problem if 6.0 is a PDC with several clients.  Any idea if an upgrade from 5.6 to 6.0 will cause the loss of domain association on the clients?  

ryan

[johan]

Same problems here after upgrading to 6.0final

[Sharif George]

I have a similar problem, except that my machine will join the domain, but then won't actually log on.

i.e. I can attach to the server if I log in locally and browse to it but not log into the domain from my XP box, Win 2k is fine

Sharif

[johan]

Following Henks directions, i solved the problem

henk:
I've put the workstations in a workgroup with a different name (just workgroup). After that I still couldn't join the domain (I gave in admin and password, but it was an unknown user said the system). I tried to change the name of the workstations (Computer Name). After a reboot I could join the domain again.

now i also had to create a new(new=never excisted on e-smith)user on the client with administrator rights.
so i changed to workgroup temp2a, computername temp2b, and made a user with admin rights on the client named temp2c.

after reboot, i could join the Domain again.
good luck.

[ryan]

It should be noted that if you upgrade to 6.0, all your XP and 2k systems will 'cut off' from the domain.  If the user has logged in prior to the 6.0 upgrade, they can login using the cached profile (this is allowed 10 times by default).  If a new account is created on SME 6, that user can't log in.  This is a serious problem as it will bring down an entire site in due time if SME is a PDC.

I was able to get the systems to rejoin the domain after putting them in a workgroup.  I realized you can not change the system name when you attempt to join the domain or you will get the known user error.

I did this in a test environment with 2 fresh machines..one 2k, the other XP.  Both w/ all service/security fixes.  I joined them to a fresh SME 5.6u6 server.  I then upgraded the SME server to 6.0.  They then lost contact.  Is this due to a newer samba version?  I can't believe a bug this serious made it to final.   I guess this final is should be 6.0dumpped instead of 6.0final.  If I had applied this upgrade in a production environment, I would have spent hours if not days redoing each client membership.  

My webmail also no longer works on the test server.  The fixes in the forum allow me to log in, but the Memo, Calendar, and contacts crap out with an error.

SME 6.0 SHOULD BE THOURGHLY TESTED.  YOU MIGHT BE SURPRISED WHEN YOU LEARN WHAT WILL BREAK IF AFTER UPGRADING.  

I think I will wait to see if SME survives and adopts a new distro before upgrading my 5.6 servers in production.    Did 6.0b3 have these issues?  What changed?  Anyone find a good replacement for SME 5.6...or will this community pull through these problems?


ryan

[Finchwizard]

Does this problem still happen if it's a fresh install of SME 6 Final?

And al the necessary Registry settings changed for the XP machines, just how the 2. version of Samba works, not quite good enough.

It can't handle some authentication methods, Microsoft just like making things difficult.

And yes, is there a alternative to SME apart from SMEWorkplace, and ClarkConnect?

I was even thinking of just using FreeBSD or something with Webmin attached to it. That way you can configure all your DNS and users, and even have clustering modules and load balancing.....

It's just Webmin is not as pretty

Hope we get through these little hiccups.

Finchwizard

[ryan]

Finch,

I was thinking Debian with webmin...libranet classic 2.7 to be exact.  Do you have any web pages you could recommend to setup the firewall using webmin?  I have not used webmin and am most concerened about the firewall and not relaying email.  Any suggestions are appreciated.

I hope SME can provide an update to fix the bugs or possilby release the iso.  I don't want to change, but my testing experiences upgrading 5.6 to 6.0 have been miserable.  I will closely watch all developments on this front.  SME has been a great server and got me into linux in the first place.  

Another option....I use IPCop for all IPSEC VPN and routing.  SME is used for services.  IPCop is based on FreeBSD...could webmin be added and used to add services to IPCop?  IPCop is very easy to use and has a beautiful web manager.    Anyone tried webmin on FreeBSD....I think I found my next test project..........

take care,

ryan

[Finchwizard]

Damn that was a quick reply I only posted that like 5 mins ago.

I would either use Debian, FreeBSD or Gentoo for the server.

I know Gentoo doesn't get mentioned very much, but it's a good distro when you get it working.

It just installs base system. Then you can install all the services you want to supply.

Cause then you know exactly what you have on your server, and it just runs what you want to run......nothing else is bogging it down so to say.....

Libranet is more of a Desktop made one I thought, better off sticking to a mainstream server one.

I would go the latest Debian Stable Release...I think it's 3.0rev1 or something from memory.....

Webmin shouldn't be too hard, I haven't yet tried it, and I've already got about 3 servers worked out and testing with SME 6, I can't really just go changing my mind about now.....I could, but might be some quick learning

[Boris]

>>
IPCop is based on FreeBSD
>>
It is not. Its Linux (kernel 2.4.21) for version 1.3

[zawarez]

I solve it very simple;
found somewhere on the forum a hint that point me to my SME server as following:
/home/e-smith/files/server-resources/regedit/

there are 2 .reg files (one for w98 and one for xp); run it on your wks and everything should works just fine (at least in my case it works)
good luck

[djohen]

Ok, I noticed this. If i run the regedit hack before i join the domain. I get serious issues which force me to a new temporary username, machinename and workgroupname. Just like mentioned before in the topic. Thats what's troubling us.

Just join the domain before you aply the hack. and there are no problems. after you joined the domain succesfully, apply the hack so you can logon to your domain, etcetc.

, If you have to rejoin your domain cuz of some reason. Reverse the hack so the windows register is restored to original settings.

to restore original setting, turn the last 0 in the next line, into a 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters]
"RequireSignOrSeal"=dword:00000001

This solved allot of headaches for me. Hope it makes sence for some people.