Samba PDC Problems

I have a Linux Fedora Core 2 machine setup running Samba.  Samba is currently running great, if user log onto the Netware 3.12 server or thier local machine they can access the shares I have setup.  However if I try to log onto the Samba PDC I get an error that states "No domain server was available to validate your password.  You may not be able to gain access to some network resources"  If I click "OK" at this point the shares still work.
If I set the domain to the IP address of the Linux machine I get the following error "The domain password you supplied is not correct, or acess to your logon server has been denied."
I have Windows 95, Windows 98, and Windows XP Pro machine on my network.  I really want to have my uses log onto the Samba PDC instead of thier local machines of the existing Netware server. I have looked a tons of confugurations and I don't understand why this does not work.  

I have all included my smb.conf file below.

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#======================= Global Settings =====================================
        log file = /var/log/samba/smbd.log
        dns proxy = no
        smb passwd file = /etc/samba/smbpasswd
        netbios name = FS00
        server string = FS00
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        remote announce =
        local master = yes
        workgroup = CORP
        os level = 255
        domain master = yes
        username map = /etc/samba/smbusers
        domain logons = yes

        comment = Home Directories
        browseable = no
        writeable = yes

# Un-comment the following and create the netlogon directory for Domain Logons
;   comment = Network Logon Service
        path = /home/netlogon
        share modes = no

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
        path = /home/profiles
        browseable = no

# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
;       comment = All Printers
;       path = /var/spool/samba
;       browseable = no
# Set public = yes to allow user 'guest account' to print
;       printable = yes

# This one is useful for people to share files
;   comment = Temporary file space
;   path = /tmp
;   read only = no
;   public = yes

# A publicly accessible directory, but read only, except for people in
# the "staff" group
;   comment = Public Stuff
;   path = /home/samba
;   public = yes
;   read only = yes
;   write list = @staff

# Other examples.
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;   comment = Fred's Printer
;   valid users = fred
;   path = /homes/fred
;   printer = freds_printer
;   public = no
;   writable = no
;   printable = yes

# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;   comment = Fred's Service
;   path = /usr/somewhere/private
;   valid users = fred
;   public = no
;   writable = yes
;   printable = no

# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %u option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;  comment = PC Directories
;  path = /usr/pc/%m
;  public = no
;  writable = yes

# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
;   path = /usr/somewhere/else/public
;   public = yes
;   only guest = yes
;   writable = yes
;   printable = no

# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;   comment = Mary's and Fred's stuff
;   path = /usr/somewhere/shared
;   valid users = mary fred
;   public = no
;   writable = yes
;   printable = no
;   create mask = 0765

        comment = Accumed Directory
        path = /data/accumed
        guest ok = no
        writeable = yes
        browseable = yes

        comment = Upload Directory
        path = /data/upload
        guest ok = no
        writeable = yes
        browseable = yes
        comment = Shared Directory
        path = /data/shared
        guest ok = no
        writeable = yes
        browseable = yes
        comment = Backup Directory
        path = /backup
        guest ok = no
        writeable = yes
        browseable = yes
        comment = Global Shared Directory
        path = /data/global
        guest ok = no
        writeable = yes
        browseable = yes
        comment = Restore Directory
        path = /data
        guest ok = no
        writeable = yes
        browseable = yes

Who is Participating?
Have you joined the local PC to the Samba domain?  You need to do that before a user can authenticate against your server.   Manually you create a machine account on the pdc:  

useradd -d /dev/null -s /bin/nologin  yourmachinename$    (machine account needs a Unix account)
smbpasswd -a -m yourmachinename                                          (adds machine account to SMB)

Then, on the client, join it to the domain.  Once you reboot you should be able to authenticate, but the user must be added to smb, too:

smbpasswd -a yourusersname

For comparison, here's the relevant section of my smb.conf:

   netbios name = MYPDC
   workgroup = MYSMBGRP
   passdb backend = tdbsam
   os level = 33
   preferred master = yes
   domain master = yes
   local master = yes
   security = user
   domain logons = yes
   logon path = \\%L\profiles\%U
   logon drive = Z:
   logon home = \\QHOMES\%U
   logon script = %U.cmd
   remote announce =
#  wins server =
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   wins support = yes

rshooper76Author Commented:
Adding the manchine as a user seems to have fixed the problem.  I was under the impression you only had to do that for NT machines, but my windows 95 machines are now able to log on.  Thanks alot.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.