Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: gordonallan on August 21, 2007, 11:17:43 AM
-
Hi All
Has anyone had success getting Windows Vista Business to login to SME 7.2 Domain Controllers? I have applied the Windows XP registry patch which fixed xp clients and changed the authentication methiod away from v2 only...
However my clients still cannot log onto the domain. They can log into the machine locally and see all the network shares etc but cannot log onto the domain and get the login scripts working etc. They get various messages such as "procedure number out of range" when they try and login or "a valid domain controller cannot be found"
I am using Windows Vista Business so if anyone has any experience they can share that would be great.
Cheers
G!
-
I have at least one site where one or more vista machines are logging onto an SMEserver domain ok. I don't recall doing anything special.
Your "can't find domain controller" message sounds more like a network problem.
Cheers
Brian
-
UP
Got the same problem here. Anyone has an idea?
-
gordonallan
http://www.builderau.com.au/blogs/codemonkeybusiness/viewblogpost.htm?p=339270746
-
Already done.
I also done that (Used to do it on XP to log on the sme)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters]
"RequireSignOrSeal"=dword:00000000
But still not working.
-
Hi
how is configured your client? dhcp or fixed ip?
to join the domain, clients must have SME as DNS.. so try to use a fixed ip and fixed dns
HTH
Ciao
Stefano
-
Fixed IP
here is how is done my Network here
DSL box
|
FIREWALL (hardware)::192.168.1.1
|
----------------------------------------
| | |
workstations Sme (server only) printers
192.168.1.2-10 192.168.1.20 192.168.1.11-19
Xp's and vista 64 sme 7.1.3
DNS is actually 192.168.1.1. in IPv4 parameters but it work fine like this on XP workstations. Don't know why it won't on vista.
Changed to 192.168.1.20 still doing the same.
Vista Firewall is off
By the way, i can join the domain, the problem is only when i try to login as a domain user (ctrl+alt+del), whatever i put in the user and password field i always get:
procedure number out of range.
I can even add domain user on vista workstation by searching the user database on the sme. But that won't change anything.
bringing me back to the login window
-
Did you try to set WINS server to 192.168.1.20 on your Vista workstations? Or perhaps forcing domain resolution through lmhosts file?
-
By the way, i can join the domain, the problem is only when i try to login as a domain user (ctrl+alt+del), whatever i put in the user and password field i always get:
procedure number out of range.
in this case it's definitely a Vista issue.. check event viewer and search on eventid.net (http://www.eventid.net) and/or google..
however, is there anything in SME's logs?
Ciao
Stefano
-
cyberjuls2
Are you using the format
DOMAIN\username
password
-
mary:
Yes using DOMAIN\user format
but whatever i enter in those field, i always got the same message. Seems like Vista is returning the error without even checking the samba server.
nenonano:
event viewer don't return anything. have been googling for 4 days rather intensivly, but nothing outside already applied strategies.
boris:
Did put 192.168.1.20 in wins server, rebooted, but same problem.
Maybe i'm going to reinstall my PC to restart with a clean installation ad will try before making windows updates.
-
here's sme samba log when i try to log on my computer:
when entrering user and password:
[2008/12/04 10:25:13, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993)
api_pipe_bind_req: unknown auth type 1 requested.
[2008/12/04 10:25:13, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993)
api_pipe_bind_req: unknown auth type 1 requested.
when entering DOMAIN\user and password
[2008/12/04 10:27:20, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993)
api_pipe_bind_req: unknown auth type 1 requested.
[2008/12/04 10:27:21, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993)
api_pipe_bind_req: unknown auth type 1 requested.
Seems vista is checking my sme server in fact.
-
cyberjuls2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters]
"RequireSignOrSeal"=dword:00000000
This link refers to a different issue
http://www.builderau.com.au/blogs/codemonkeybusiness/viewblogpost.htm?p=339270746
ie on Win Vista
Open the Run command and type "secpol.msc".
Click on "Local Policies" --> "Security Options"
Navigate to the policy "Network Security: LAN Manager authentication level" and open it.
By default Windows Vista sets the policy to "NTVLM2 responses only". Change this to "LM and NTLM – use NTLMV2 session security if negotiated".
My Vista Business runs OK & logs in to domain with
RequireSignOrSeal=1
but it did need the abovementioned change re NTVLM2
-
Maybe i'm going to reinstall my PC to restart with a clean installation ad will try before making windows updates.
if so, yuo can do a license downgrading to XP Pro..
Ciao
Stefano
-
Mary:
Did all this.not working.
nenonano:
I know it. But i would like to keep vista. Man that's should not be so hard. There must be something i didn't saw somewhere!!!
-
not to start a war but, IMVHO, Vista is the worst O.S. since windows ME..
XP is stable, lighter and well known :-)
My 2€c
Ciao
Stefano
-
Ok did fresh install.
Fixed IP
entering domain by entering domain name on the field. Vista ask for admin account. check is ok, welcome to domain. reboot.
Did LTNM trick:
Open the Run command and type "secpol.msc".
Click on "Local Policies" --> "Security Options"
Navigate to the policy "Network Security: LAN Manager authentication level" and open it.
By default Windows Vista sets the policy to "NTVLM2 responses only". Change this to "LM and NTLM – use NTLMV2 session security if negotiated".
Getting "The procedure number out of range" when trying to log
Changed [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters]
"RequireSignOrSeal"=dword:00000000
Getting "The procedure number out of range" when trying to log.
Well seems like vista isn't samba friendly.
-
Have you got anything non-standard on the SME Server, like the Advanced Samba testing package or some custom Samba templates?
-
Nothing.
By the way, just to remind everybody, all XP workstations are loging without a problem on it since long time now.
-
... which suggests that, as you said earlier, this is a Vista problem.
Perhaps some new incompatibility introduced in SP1?
EDIT: The OP was using SME 7.2. Are you running the latest and greatest (7.4)?
-
No, running 7.1.3 here.
Just finished full backup of SME. will upgrade SME soon as it doesn't look like there's a solution.
-
My guess is that your problem has been resolved upstream, and will be fixed when you have a more recent version of Samba installed. 7.1.3 is almost two years old. It uses Samba 3.0.10, whereas 7.4 uses the much more mature 3.0.28.
EDIT: Confirmed that Vista support was forthcoming at some point after 3.0.14(a). Source - Asianux release notes.
-
Updating my sme from 7.1.3 to 7.4.
yum yum yum....
Will tell you if something change.
-
Groovyyyyyyyyyyyyyyyyyyyyyy
Done sme update from 7.1.3 to 7.4 via iso CD. no problem at all during installation process. Just rebooting like a charm.
login is now working. logon is maping my drives nicely. Well, i was a bit upset not finding the problem. It was Samba version that was too old.
Thanks for support.
By the way, just did LTNM trick and requiresignorseal to 0.