hariprasad74
asked on
Problem while loading profile in Windows XP while logging on to a samba server
Oct 24 15:44:05 mainserver samba(pam_unix)[32338]: session opened for user magesh.prabhu by (uid=0)
Oct 24 15:44:22 mainserver samba(pam_unix)[32346]: session opened for user sujatha.p by (uid=0)
Oct 24 15:44:33 mainserver smbd[32351]: [2008/10/24 15:44:33, 0] lib/util_sock.c:get_peer_a ddr(1224)
Oct 24 15:44:34 mainserver smbd[32351]: getpeername failed. Error was Transport endpoint is not connected
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/access.c:check_access( 327)
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:get_peer_a ddr(1224)
Oct 24 15:44:34 mainserver smbd[32351]: getpeername failed. Error was Transport endpoint is not connected
Oct 24 15:44:34 mainserver smbd[32351]: Denied connection from (0.0.0.0)
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:get_peer_a ddr(1224)
Oct 24 15:44:34 mainserver smbd[32351]: getpeername failed. Error was Transport endpoint is not connected
Oct 24 15:44:34 mainserver smbd[32351]: Connection denied from 0.0.0.0
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:write_data (562)
Oct 24 15:44:34 mainserver smbd[32351]: write_data: write failure in writing to client 192.168.10.140. Error Connection reset by peer
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:send_smb(7 61)
Oct 24 15:44:34 mainserver smbd[32351]: Error writing 5 bytes to client. -1. (Connection reset by peer)
Oct 24 15:44:34 mainserver samba(pam_unix)[32352]: session opened for user selva.kumar by (uid=0)
Oct 24 15:44:34 mainserver samba(pam_unix)[24942]: session closed for user selva.kumar
Oct 24 15:44:34 mainserver samba(pam_unix)[25527]: session closed for user magesh.prabhu
Oct 24 15:44:34 mainserver samba(pam_unix)[25205]: session closed for user sujatha.p
Above is a sample of logs from the "messages" log file. We have a network with Windows XP systems (SP2) and patched for all critical updates.
The distribution of Linux we run is Red Hat Enterprise ES 4.0. The samba server has been configured as a domain controller (without LDAP). Of late we have observed that Windows XP client systems are posing problems while logging on to the domain. After entering the username and password, some client systems get stuck at the stage of "Loading Personal profile" and do not proceed further. Of course, we have figured a way out by unplugging the network cord and logging on and then connecting the cord so that the server can be accessed.
Can someone provide a hint or a solution to solve this problem?
Oct 24 15:44:22 mainserver samba(pam_unix)[32346]: session opened for user sujatha.p by (uid=0)
Oct 24 15:44:33 mainserver smbd[32351]: [2008/10/24 15:44:33, 0] lib/util_sock.c:get_peer_a
Oct 24 15:44:34 mainserver smbd[32351]: getpeername failed. Error was Transport endpoint is not connected
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/access.c:check_access(
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:get_peer_a
Oct 24 15:44:34 mainserver smbd[32351]: getpeername failed. Error was Transport endpoint is not connected
Oct 24 15:44:34 mainserver smbd[32351]: Denied connection from (0.0.0.0)
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:get_peer_a
Oct 24 15:44:34 mainserver smbd[32351]: getpeername failed. Error was Transport endpoint is not connected
Oct 24 15:44:34 mainserver smbd[32351]: Connection denied from 0.0.0.0
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:write_data
Oct 24 15:44:34 mainserver smbd[32351]: write_data: write failure in writing to client 192.168.10.140. Error Connection reset by peer
Oct 24 15:44:34 mainserver smbd[32351]: [2008/10/24 15:44:34, 0] lib/util_sock.c:send_smb(7
Oct 24 15:44:34 mainserver smbd[32351]: Error writing 5 bytes to client. -1. (Connection reset by peer)
Oct 24 15:44:34 mainserver samba(pam_unix)[32352]: session opened for user selva.kumar by (uid=0)
Oct 24 15:44:34 mainserver samba(pam_unix)[24942]: session closed for user selva.kumar
Oct 24 15:44:34 mainserver samba(pam_unix)[25527]: session closed for user magesh.prabhu
Oct 24 15:44:34 mainserver samba(pam_unix)[25205]: session closed for user sujatha.p
Above is a sample of logs from the "messages" log file. We have a network with Windows XP systems (SP2) and patched for all critical updates.
The distribution of Linux we run is Red Hat Enterprise ES 4.0. The samba server has been configured as a domain controller (without LDAP). Of late we have observed that Windows XP client systems are posing problems while logging on to the domain. After entering the username and password, some client systems get stuck at the stage of "Loading Personal profile" and do not proceed further. Of course, we have figured a way out by unplugging the network cord and logging on and then connecting the cord so that the server can be accessed.
Can someone provide a hint or a solution to solve this problem?
ASKER
The error messages got cleared out. But the original problem of Windows XP hanging while loading the profile continues.
Below is the smb.conf file for reference:
[global]
workgroup = XXXXXXXXX
server string = server of xxxxxxx Domain
interfaces = 192.168.10.221/24
obey pam restrictions = Yes
password server = None
passdb backend = tdbsam
pam password change = Yes
unix password sync = Yes
client NTLMv2 auth = Yes
log level = 1
log file = /var/log/samba/%m.log
max log size = 1024
smb ports = 445
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/useradd -d /home/'%u' -M '%u'
delete user script = /usr/local/sbin/userdel '%u'
add group script = /usr/local/sbin/groupadd '%g'
delete group script = /usr/local/sbin/groupdel '%g'
logon script = logon.bat
logon path =
logon drive = Z:
logon home =
domain logons = Yes
os level = 99
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap ssl = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
admin users = root
hosts allow = 192.168.10., 127.
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
browseable = No
share modes = No
[sysvol]
path = /home/policy
guest ok = Yes
browseable = No
share modes = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
Below is the smb.conf file for reference:
[global]
workgroup = XXXXXXXXX
server string = server of xxxxxxx Domain
interfaces = 192.168.10.221/24
obey pam restrictions = Yes
password server = None
passdb backend = tdbsam
pam password change = Yes
unix password sync = Yes
client NTLMv2 auth = Yes
log level = 1
log file = /var/log/samba/%m.log
max log size = 1024
smb ports = 445
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/useradd -d /home/'%u' -M '%u'
delete user script = /usr/local/sbin/userdel '%u'
add group script = /usr/local/sbin/groupadd '%g'
delete group script = /usr/local/sbin/groupdel '%g'
logon script = logon.bat
logon path =
logon drive = Z:
logon home =
domain logons = Yes
os level = 99
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap ssl = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
admin users = root
hosts allow = 192.168.10., 127.
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
browseable = No
share modes = No
[sysvol]
path = /home/policy
guest ok = Yes
browseable = No
share modes = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
Sure there's problem.
You have to define user profile location on your samba server, so Windows XP
will try to locate user profile (data stored in NTUSER.DAT ) on the server.
A user profile (userprofile, or simply profile is configurated when used in-context) is a feature of the Microsoft Windows operating system, comprising a given user's collection of personal documents and settings on that computer. At first logon, a folder will typically be created under "Documents and Settings" matching the logon-name of the user.
So you need to add {profile} seciton in your samba configuration file.
In the [profiles] section the path variable tells where the profiles are to be placed and make sure the directories are created with right names and permissions.
[profiles]
create mode = 0600
directory mode = 0700
path = /home/samba/profiles/
profile acls = yes
read only = no
writable = yes
Also you may want to tweak a liitle bit more {homes} section of the config file
In the [homes] section the following entries are important :
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
read only = no
create mode = 0600
directory mode = 0700
logon home = \\your_samba_server\%U // (This tells where is the user home directory )
hide files = /*.pst/
========================== ========== ========== ==========
Here's a good article on joining Win XP machines to Samba domain
http://w3t.org/u/82js
========================== ========== ========== =========
You have to define user profile location on your samba server, so Windows XP
will try to locate user profile (data stored in NTUSER.DAT ) on the server.
A user profile (userprofile, or simply profile is configurated when used in-context) is a feature of the Microsoft Windows operating system, comprising a given user's collection of personal documents and settings on that computer. At first logon, a folder will typically be created under "Documents and Settings" matching the logon-name of the user.
So you need to add {profile} seciton in your samba configuration file.
In the [profiles] section the path variable tells where the profiles are to be placed and make sure the directories are created with right names and permissions.
[profiles]
create mode = 0600
directory mode = 0700
path = /home/samba/profiles/
profile acls = yes
read only = no
writable = yes
Also you may want to tweak a liitle bit more {homes} section of the config file
In the [homes] section the following entries are important :
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
read only = no
create mode = 0600
directory mode = 0700
logon home = \\your_samba_server\%U // (This tells where is the user home directory )
hide files = /*.pst/
==========================
Here's a good article on joining Win XP machines to Samba domain
http://w3t.org/u/82js
==========================
ASKER
Nope, I tried adding those sections in the smb.conf file. But this simply did not work. Any other suggestions? Do you require any logs or other information to troubleshoot further?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Very good,
now you can close question.
At least we tried our best.
sincerely '
nedvis
now you can close question.
At least we tried our best.
sincerely '
nedvis
https://www.experts-exchange.com/questions/22997189/redhat-enterprise-as-a-samba-server.html?eeSearch=true
I think your Windows XP clients and RedHat samba server are trying to negotiate protocols using different and mismatching ports
and that's why you have to unplug and reconnect network cables
in order to skip protocol negotiation ( Error: getpeername failed. Error was Transport endpoint is not connected )
Also , try adding the following to your smb.conf file:
smb ports = 445
(the default is smbports = 445 139).
Among the new ports used by Windows 2000, Windows XP and Windows Server 2003, is TCP port 445 which is used for SMB over TCP.
The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT/2000/XP. In Windows NT it ran on top of NetBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP).
In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445.