XP连SAMBA的问题

yongsafe

用SAMBA模拟了一个域，98的机器可以登录域。但XP professional SP2就登不上去。总说域控制器不可用或损坏。或机器帐号不可用。加入域可以。但我已用如下命令加了机器帐号了啊。
useradd -g machine -d /dev/null -s /bin/false -r account10$
smbpasswd -am account10

下面是我的SAMBA的配置
[global]
   workgroup =windsor.cn
   logon drive = Y:
   server string = Samba Server
   netbios name = server
  hosts allow = 192.168.1.0/24
   guest account = pcguest
   log file = /var/log/samba/%m.log
   max log size = 5000
   security = user
  password level = 2
  username level = 2
  encrypt passwords = yes
  smb passwd file = /etc/samba/smbpasswd
  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
   username map = /etc/samba/smbusers
   admin users = root
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  local master = yes
    os level = 65
   domain master = yes
  preferred master = yes
   domain logons = yes
    logon script = %m.bat
    logon script = %U.bat
   logon path = \\%L\Profiles\%U
  preserve case = yes
  short preserve case = no
  default case = lower
[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   create mask = 0744
   directory mask = 0700
     hide files = /.*
[public]
comment = public Director
path = /home/public
public = yes
writable = yes
[tooles]
comment = any software
path = /home/tooles
public = yes
writable = yes
write list = hades
[netlogon]
   comment = Network Logon Service
   path = /home/netlogon
   browseable = no
   guest ok = yes
   writable = no
   share modes = no
[Profiles]
    path = /home/profiles
    browseable = no
    create mask = 0600
    directory mask = 0700
    profile acls = yes
    writable = yes
到底哪里错了？
samba的版本是3.0.9

yongsafe

不过XP可以把这个域当成工作组来加入。

d00m3d

With security = user, you are telling samba to act as workgroup.

To let samba act as PDC or BDC, you need security = domain.  In addition, you need additional settings to let your samba fully functional as a NT domain.

yongsafe

可samba的官方HOWTO里example里security也是user啊。

d00m3d

Domain and workgroup are two different concepts.  There is a very lengthy explanation in Samba's official document to describe how to make you Samba to participate as domain controller or joining existing domains.

To decide whether you should use a NT domain depends on your scale of your current network.  In also depends  how much reliance on the M$ crap stuff such as LDAP.

If your scale of network is not big, say <30 computers.  Workgroup should work very fine.

yongsafe

有哪位知道问题出在哪里啊

yongsafe

UP一下