I have been scanning this forum and several others on how to configure Samba as a PDC for Windows. -- I followed the IBM tutorial at http://www-1.ibm.com/servers/esdd/tutorials/samba/index.html
and thought that went pretty good.

However, when I go to add a Win2K box called Java1 to the domain, I get the following error:

"There is no user session key for the specified logon session"

I have checked to make sure that I have a root user setup in the smbpasswd file, as well as the Java1 machine.

Any thoughts would be most appreciated.

...but I built my DC based on these two docs:

http://www.freeos.com/articles/3842/
http://us1.samba.org/samba/ftp/docs/htmldocs/Samba-PDC-HOWTO.html

and can add Win2K boxen with no problems.

A google search on your error message didn't yield much, but this might be worth trying:

The Windows XP (and probably the W2K) requires set an special registry entry to "0" (by default is set to "1"). This is documented in the samba/docs/Registry/WinXP_SignOrSeal.reg :
---
;
; This registry key (gathered from the Samba-tng lists) is needed
; for a Windows XP client to join and logon to a Samba domain
;

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\netlogon\parameters
"RequireSignOrSeal"=dword:00000000
---
Also, Luke Howard <lukeh@PADL.COM> (9 Nov 2001), tell me:
I noticed today that you can change this in the Local or Domain
policy editor in Windows 2000, too. so, this should be the normal way.

I have checked the registry and the settings there are correct --

What I am not sure of, is if I have the correct users added to the smbpasswd file. - When W2K asks for a user name that has permission to add to the domain, I would think I would use root and the samba password I assigned to root when I did the smbpasswd -a root command.

I have included my smb.conf file to see if there is something that I am just over looking.

Any other thoughts would be appreciated.

C

[global]
passwd program = /usr/bin/passwd %u
domain master = yes
encrypt passwords = yes
logon path = \\%L\profiles\%U
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
wins support = true
hosts allow = 127.0.0.1 10.10.10.0/255.255.255.0
logon script = netlogon.bat
debug level = 5
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password %n\n *passwd: *all*authentication*tokens*updated*successfully*
security = user
domain logons = yes
unix password sync = yes
local master = yes
server string = Visulent Linux Server
workgroup = VISULENT
netbios name = DOMINATOR
logon drive = H:
os level = 65
username map = /usr/local/samba/lib/user.map
logon home = \\%L\%U\.profile

[netlogon]
path = /home/netlogon
read only = yes
browseable = no
write list = root

[homes]
comment = Home Directories
browseable = no
writeable = yes

; share for storing user profiles
[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

The latest update on my PDC dilema.

I have determined that SAMBA is 'kind of' working. -- I can log into a local account on my W2K box - go to Network Neighborhood and browse/access the shared directories on my Linux box. -- However, the W2K is still unable to join the domain that I have configured.

I get as far as W2K asking me for a username and password authorized to join the domain, and once I enter root and the password configured in the smbpasswd file I get the follwing message in a windows dialog with the heading "Network Identification"

The message is:

"The following error occurred attempting to join the domain "visulent

There is no user session key for the specified logon session."

I am logged onto the W2K box using a user name called chayes - This user has admin rights on the W2K box -- There is also a corresponding account on samba and unix called chayes.

Hopefully this jogs somebody's memory onto something that I have missed, because at this point I am totally clueless

-- Thanks again for the help

Try adding this line to the global section of your smb.conf file:

domain admin group = root

That sets up root as a domain admin. It can be either individual users, a group or both.

Also, be sure you have no active connections open on your Win2k machine to the Samba server. If you browsed the Samba server in Windows Explorer, you need to reboot Windows and then try to join.
If you have a drive mapped to the Samba server, you can't join the domain. Delete the drive mapping, reboot Windows and then join the domain.

Latest update on the Samba & PDC configuration --

I thought that I might be doing something wrong editing the smb.conf file by hand, so I decided to try Webmin to help configure Samba. -- After I had installed Webmin and opened up the Samba configuration section I noticed that it said Samba 3.0.8 -- and then it hit me -- I had not specified the SAMBA_2_2 tag when I checked it out with CVS. (What an idiot :D )

So, I checked out the the SAMBA_2_2 tag compiled it -- added the users and machines and everything worked!! -- Next time I just need to be a bit more careful regarding the correct CVS tag.

-- Thanks to everybody and all their help.

C