Symptom:              Cannot add a new HOST machine to an NT Domain after giving the "smbpasswd -j DOMAIN -r NT-PDC" command.

Cause:                    The name of the HOST machine is not registered at the PDC.

Resolution:            Have a Windows administrator add the NetBIOS name of the HOST machine to the Windows domain named DOMAIN. Rerun the smbpasswd command.

Source:                   Paul Green

Symptom:              Cannot re-add an existing HOST machine to an NT Domain after giving the "smbpasswd -j DOMAIN -r NT-PDC" command.

Cause:                    The name of the HOST machine is already registered at the PDC. The file /system/samba/private/DOMAIN.HOST.mac was lost.  Samba is now trying to re-add the machine HOST with a new password. The error message contains the string NT_STATUS_NO_TRUST_SAM_ACCOUNT.

Resolution:            Have a Windows administrator remove the name “HOST” from the Windows domain named DOMAIN and then re-add it. Rerun the smbpasswd command.

Source:                   Paul Green

Symptom:              The machine named HOST does not show up in the browse list.

Cause:                    It can take up to 48 minutes for the information to be propagated to all of the subnets.

Resolution:            Wait 48 minutes.

Source:                   Microsoft Knowledge Base article Q188001

Symptom:              The HOST machine does not show up in the browse list after waiting 48 minutes.

Cause:                    There is no local master browser for the given NetBIOS domain name on the subnet with the machine named HOST.  Therefore, the announcements by Samba to its own subnet are ineffective. The lack of a browser can be determined by using the the Samba command “nmblookup –MT DOMAIN” from the machine that does not show up.

Resolution:            Find a subnet with a local master browser for DOMAIN. Use a text editor or SWAT to edit (master_disk)>system>samba>smb.conf. Instruct Samba on HOST to announce its presence on this subnet by adding a “remote announce” statement to the “globals” section of smb.conf that specifies the broadcast address of the subnet. The syntax of the statement is:

                                                remote announce = XXX.XXX.XXX.255

                                (This address assumes a 24-bit netmask. Use the appropriate broadcast address if your netmask differs).

                                Write out the updated copy of smb.conf. Stop the nmbd process and restart it. Wait up to 48 minutes for the presence of the Samba server on HOST to be propagated to all of the subnets.

Source:                   Paul Green

Symptom:              The HOST machine does not show up in the browse list after waiting 48 minutes and there is a local master browser or domain master browser for the same domain on the same subnet.

Cause:                    (1) The broadcasting of the UDP server announcement packets is being blocked by a firewall or router or is being incorrectly performed. (2) The browsers are unable conduct bi-directional communication in order to share their list of machines.

Resolution:            (1) See Microsoft Knowledge Base article Q190930. (2) Follow the steps outlined in Microsoft Knowledge Base article Q188305. (3) Follow the steps specified in the Troubleshooting section of this Guide. (4) Unblock ports 137, 138, and 139.

Symptom:              It is possible to “ping” the HOST from the client (on port 7; the echo port) but the client is unable to obtain the list of shares on HOST.

Cause:                    Traffic on one or more of the NetBIOS-over-TCP ports (137, 138, 139) are blocked. To verify this, type one of the following commands:

                                (DOS)                     nbtstat –A ipaddr                (where “ipaddr” is numeric)

                                If this command shows a list of NetBIOS names, then port 137 is open. Otherwise, it is blocked.

Resolution:            Find the router, firewall, switch or other device that is blocking ports 137-139 and reconfigure it. UDP traffic must be permitted on ports 137 and 138, and TCP traffic must be permitted on port 139.

Symptom:              The HOST machine shows up in the browse list but its shares cannot be listed by the Windows Explorer nor by the DOS command "net view \\HOST".

Cause:                    The symptoms imply that the machine named HOST is able to contact the local master browser to publish its NetBIOS name, and the client is able to obtain the list of browseable NetBIOS names from the local master browser, but the client is unable to obtain the IP address of the HOST machine from the WINS server, or having obtained the IP address is unable to establish a direct connection to the HOST machine. Perhaps the HOST machine is offline or a network problem is preventing access. A Microsoft Knowledge Base article (Q145949) says that if there are any invalid share names (too long, contain spaces, etc.) then no share names will be displayed.

Resolution:            (1) If you can establish that the HOST machine is online and Samba is running, then the problem may be that the client machine is unable to find the IP address of the HOST machine. As a workaround, open a Command window (Start, Run, cmd), and perform the following commands:

                                CD C:\WINNT\system32\drivers\etc

            EDIT lmHOSTs

                                Enter a single line consisting of the IP address of the machine, in dotted-quad notation, followed by a tab, followed by the NetBIOS name of the machine, followed by a tab, followed by the letters #PRE.  Note that the NetBIOS name is generally the same as the first component of the fully-qualified domain name. Execute the Save command on the File menu. Exit. Now perform the following command to begin using this file:

                                NBTSTAT –R

                                You can use the “NBTSTAT -c” command to verify that the contents of the lmHOSTs file are correct.

                                At this point you should be able to use “NET VIEW \\HOST” to view the list of shares on the target machine, and you should be able to enter the UNC of the machine in the address bar of Windows Explorer, or click on the name of the machine in the left-hand pane of the Explorer.

                                (2) Ensure that the client can conduct bi-directional communication with the WINS server and with the HOST system. If, for example, ordinary telnet, ftp, or http requests cannot be performed it is unlikely that SMB calls will work.

                                (3) Follow the steps outlined in the Troubleshooting section of this Guide.

Source:   Paul Green, Microsoft article Q145949

Symptom:              HOST machine continues to show up in the browse list after Samba has been removed.

Cause:                    It can take up to 72 minutes for the information to be propagated to all of the subnets.

Resolution:            Wait 72 minutes.

Source:                   Microsoft KB article Q188001

Symptom:              User with a HOST user name longer than 12 characters gets "PATHNAME is not accessible. The network name cannot be found." error when navigating to his HOST home directory with Explorer on Microsoft Windows NT 4.0.

                                Same symptom happens when a user on NT4.0 tries to access any share name that is longer than 12 characters or contains a space.

Cause:                    The NT4.0 Explorer does not handle NetBIOS share names longer than 12 characters.

Resolution:                (1) Use Map Network Drive to map \\HOST\homes to a free disk drive.

                                (2) Use the DOS command "NET USE * \\HOST\homes /persistent:yes" to map the directory to the next free drive.

                                (3) Use the DOS command "NET USE * \\HOST\NT_USER_NAME /persistent:yes" to map the directory to the next free drive.  The NT_USER_NAME will be mapped to the HOST user name (if necessary) by using the HOST /system/samba/username_map file.

                                (4) Upgrade the client machine to Windows 2000.

Source:   Paul Green, Microsoft KB Q145949

Symptom:              Clients are not affected by changes to the /system/samba/username_map file. Clients continue to use old user name mapping. Client can’t view a share for a home directory that uses a mapping that was created after the client rebooted.

Cause:                    The shared folder is not updated in Windows Explorer because the information is cached.

Resolution:            Refresh the Windows Explorer display by pressing F5 or clicking Refresh on the View menu. If this fails to show the new mapping, reboot the PC. Both Windows NT 4.0 and Windows 2000 require a reboot to replace the old mapping with the new mapping.

Source:                   Paul Green, Microsoft Knowledge Base article Q226092.

Symptom:              Windows Explorer continues to show deleted share names

                                If you delete a share from a command prompt using the “NET SHARE sharename /DELETE” command, Windows Explorer does not reflect the deletion and continues to show the folder as being shared. Quitting and restarting Windows Explorer does not resolve the issue.

Cause:                    The shared folder is not updated in Windows Explorer because the information is cached.

Resolution:            Refresh the Windows Explorer display by pressing F5 or clicking Refresh on the View menu. If this fails to show the new mapping, reboot the PC.

Source:                   Microsoft Knowledge Base article Q226092.

Symptom:              User is prompted for a name and password when attempting to list or use the shares on a Samba server named HOST. Samba is running in “Security = Domain” mode.

Cause:                    Samba is unable to find the PC username in the registration file on HOST.

Resolution:            Enable user name mapping by adding the following line to smb.conf:

                                                username map = /system/samba/username_map

            Create a stream text file with this path name, and add a line of the form:

                                                HOST_User_Name=NT_User_Name

                                to the file. When Samba is properly configured in domain-mode security browsing should never require the user to enter a name or password.

Source:                   Paul Green

Symptom:              User is prompted for a name and password when attempting to list or use the shares on a Samba server named HOST, Samba is running in “Security = Domain” mode, a username mapping file exists and has the correct entries. The user log file shows entries of the form:

            [2001/06/15 12:06:26, 0] cli_netlogon.c:(159)

              cli_net_auth2: Error NT_STATUS_ACCESS_DENIED

            [2001/06/15 12:06:26, 0] cli_login.c:(72)

              cli_nt_setup_creds: auth2 challenge failed

            [2001/06/15 12:06:26, 0] password.c:(1276)

              connect_to_domain_password_server: unable to setup the PDC

              credentials to machine NT-PDC. Error was :

              NT_STATUS_ACCESS_DENIED.

            (above messages are repeated several times)

            [2001/06/15 12:06:27, 0] password.c:(1469)

              domain_client_validate: Domain password server not available.

            The Windows NT event log on the PDC shows the following message:

                                                Source: NETLOGON

                                                Event ID: 5722

                                                Type: Error

                                                Description: The session setup from the computer HOST failed to

                                                authenticate. The name of the account referenced in the security database

                                                is HOST$.  The following error occurred: Access is denied.

Cause:                    Unknown.

Resolution:            At the PDC, delete HOST from the list of authorized members of the DOMAIN and re-add it.  Re-register the HOST Samba server by running the “smbpasswd -j DOMAIN -r NT-PDC” command.

Source:                   Paul Green

Symptom:              A user cannot access a file on HOST from Windows.  The error message says "A Network error has occurred."

Cause:                    >system>samba>logs>USER.log shows a message similar to the following:

                                [2001/03/28 07:27:02, 0] fileio.c:(55) seek_file:  sys_lseek failed. Error was Cannot determine the current stream offset in this file.

                                Samba was able to open the file successfully, but it received an error from the operating system while performing I/O to the file.

Resolution:            Determine the source of the error on HOST.

Source:                   Paul Green

Symptom:              Users cannot access guest shares; there is a long delay, and then smbd logs out and creates a “core file” or “keep module”.

Cause:                    smb.log shows the following messages:

               [2001/03/27 15:15:19, 1] service.c:(550)

                 davis-l (134.111.223.28) connect to service

                 Laurie_Davis as user Laurie_Davis (uid=476,

                 gid=2) (pid 18762794)

               [2001/03/27 15:15:21, 1] uid.c:(83)

                 WARNING: using gid -1 is a security risk

               [2001/03/27 15:15:21, 0]