[Samba] Q: Client cannot authenticate
This is a discussion on [Samba] Q: Client cannot authenticate within the Samba forums, part of the Networking and Network Related category; Hi A new setup Windows client fails to authenticate to my Samba server (3.0.24-SerNet-RedHat). What I ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-21-2008
|
|||
|
|||
[Samba] Q: Client cannot authenticate
Hi
A new setup Windows client fails to authenticate to my Samba server (3.0.24-SerNet-RedHat). What I see in log at level 10 is: Got user=[SA-MC-SMSNS@corproot.net] domain=[] workstation=[MSISMSSRV01P] len1=24 len2=122 The empty domain seams to be origin of the problem, for other systems working OK this field is not empty. The Windows client is: NativeOS=[Windows Server 2003 R2 3790 Service Pack 2] NativeLanMan=[] PrimaryDomain=[Windows Server 2003 R2 5.2] Security settings on this system enforce NTLMv2, those ones working OK are set to use NTLM (I was told by the Windows admin). I guess the problem is on the Windows side but I cannot think about better place to ask than this list. Log and configs below. I would be very thankful for any help. Thanks for your time. Chris Got user=[SA-MC-SMSNS@corproot.net] domain=[] workstation=[MSISMSSRV01P] len1=24 len2=122 [2008/08/20 09:41:57, 6] param/loadparm.c:lp_file_list_changed(2998) lp_file_list_changed() file /etc/samba/smb.conf.nfsv2 -> /etc/samba/smb.conf.nfsv2 last mod_time: Mon Aug 18 16:58:49 2008 [2008/08/20 09:41:57, 5] auth/auth_util.c:make_user_info_map(161) make_user_info_map: Mapping user []\[SA-MC-SMSNS@corproot.net] from workstation [MSISMSSRV01P] [2008/08/20 09:41:57, 5] auth/auth_util.c:make_user_info(75) attempting to make a user_info for SA-MC-SMSNS@corproot.net (SA-MC-SMSNS@corproot.net) [2008/08/20 09:41:57, 5] auth/auth_util.c:make_user_info(85) making strings for SA-MC-SMSNS@corproot.net's user_info struct [2008/08/20 09:41:57, 5] auth/auth_util.c:make_user_info(117) making blobs for SA-MC-SMSNS@corproot.net's user_info struct [2008/08/20 09:41:57, 10] auth/auth_util.c:make_user_info(135) made an encrypted user_info for SA-MC-SMSNS@corproot.net (SA-MC-SMSNS@corproot.net) [2008/08/20 09:41:57, 3] auth/auth.c:check_ntlm_password(221) check_ntlm_password: Checking password for unmapped user []\[SA-MC-SMSNS@corproot.net]@[MSISMSSRV01P] with the new password interfac e [2008/08/20 09:41:57, 3] auth/auth.c:check_ntlm_password(224) check_ntlm_password: mapped user is: [MCRESDOM]\[SA-MC-SMSNS@corproot.net]@[MSISMSSRV01P] [2008/08/20 09:41:57, 10] auth/auth.c:check_ntlm_password(233) check_ntlm_password: auth_context challenge created by random [2008/08/20 09:41:57, 10] auth/auth.c:check_ntlm_password(235) challenge is: [2008/08/20 09:41:57, 5] lib/util.c:dump_data(2222) [000] 29 67 C6 A2 2C EF D6 92 )g<C6><A2>,<EF><D6>. [2008/08/20 09:41:57, 10] auth/auth.c:check_ntlm_password(261) check_ntlm_password: guest had nothing to say [2008/08/20 09:41:57, 8] lib/util.c:is_myname(2043) is_myname("MCRESDOM") returns 0 [2008/08/20 09:41:57, 6] auth/auth_sam.c:check_samstrict_security(414) check_samstrict_security: MCRESDOM is not one of my local names (ROLE_DOMAIN_MEMBER) [2008/08/20 09:41:57, 10] auth/auth.c:check_ntlm_password(261) check_ntlm_password: sam had nothing to say [2008/08/20 09:41:57, 3] smbd/sec_ctx.c:push_sec_ctx(208) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2008/08/20 09:41:57, 3] smbd/uid.c:push_conn_ctx(345) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2008/08/20 09:41:57, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2008/08/20 09:41:57, 5] auth/auth_util.c:debug_nt_user_token(448) NT user token: (NULL) [2008/08/20 09:41:57, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2008/08/20 09:41:57, 3] smbd/sec_ctx.c:pop_sec_ctx(339) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2008/08/20 09:41:57, 5] auth/auth.c:check_ntlm_password(273) check_ntlm_password: winbind authentication for user [SA-MC-SMSNS@corproot.net] FAILED with error NT_STATUS_LOGON_FAILURE [2008/08/20 09:41:57, 2] auth/auth.c:check_ntlm_password(319) check_ntlm_password: Authentication for user [SA-MC-SMSNS@corproot.net] -> [SA-MC-SMSNS@corproot.net] FAILED with error NT_STATUS_LO GON_FAILURE [2008/08/20 09:41:57, 5] auth/auth_util.c:free_user_info(1867) attempting to free (and zero) a user_info structure [2008/08/20 09:41:57, 10] auth/auth_util.c:free_user_info(1871) structure was created for SA-MC-SMSNS@corproot.net [2008/08/20 09:41:57, 3] smbd/error.c:error_packet(146) error packet at smbd/sesssetup.c(99) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2008/08/20 09:41:57, 5] lib/util.c:show_msg(485) [2008/08/20 09:41:57, 5] lib/util.c:show_msg(495) smb.conf [global] workgroup = mcresdom security = domain client lanman auth = No client NTLMv2 auth = Yes password server = sg1562z.mcresdom.net sg1561p.mcresdom.net name resolve order = host winbind uid = 1000-120000 winbind gid = 1000-120000 winbind enum users = no winbind enum groups = no # Using ldap server as winbindd backend idmap backend = ldap:ldap://msunldap1.swissptt.ch ldap:ldap://msunldap2.swissptt.ch ldap admin dn = uid=idmapadm,ou=idmap,dc=mobile,dc=ch ldap idmap suffix = ou=idmap ldap suffix = dc=mobile,dc=ch And smb.conf.nfsv2 (config for this Samba instance) [global] workgroup = MCRESDOM security = domain netbios name = MSILYNFSV2 log level = 0 preferred master = no dns proxy = no server string = %L SYI-UNS Samba Server on %h (%v) log file = /var/log/samba.nfsv2/%m.log pid directory = /var/run/samba.nfsv2 private dir = /etc/samba.nfsv2 lock directory = /var/lib/samba.nfsv2 bind interfaces only = yes interfaces = msilynfsv2 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
Linear Mode
