NT (sometimes) refusing to authenticate samba server
Bas Vermeulen
B.Vermeulen at wumn.wegener.nl
Thu Oct 19 11:04:58 GMT 2000
Hi,
> Did u make an machine account on the samba PDC?
I made a machine account on the NT PDC. The samba machine is
not a PDC, although it is integrated in the NT domain, and
uses domain security with a password server. (Sorry if this
wasn't clear in my original message). I've got a problem with
W95 clients connecting to a share on the samba server, which
sometimes fails with the messages in my original mail.
I have not (manually) created a machine account for the PDC
on the samba box.
> > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
> > cli_nt_setup_creds: auth2 challange failed
> > connect_to_domain_password_server: unable to setup the PDC
> credentials to
> > machine 003_C00001. Error was : NT_STATUS_ACCESS_DENIED.
<snip>
> > The PDC shows the following errors in it's eventlog:
> >
> > Source: NETLOGON
> > Event ID: 5722
> > Type: Error
> > Description: The session setup from the computer 003_H00001
> failed to
> > authenticate. The name of the account referenced in the
> security database
> > is 003_H00001$. The following error occurred: Access is denied.
My smb.conf is as follows; the socket options don't seem to work
on solaris (I'll have to change those to some more usefull values)
# Samba config file created using SWAT
# from 194.26.204.82 (194.26.204.82)
# Date: 2000/10/19 12:54:28
# Global parameters
[global]
workgroup = 003_D00001
netbios name = 003_H00001
server string = Enterprise Productie Samba 2.0.7
interfaces = 194.26.203.0/24 127.0.0.1
bind interfaces only = Yes
security = DOMAIN
encrypt passwords = Yes
password server = 003_C00001 003_C00003
debug level = 3
log file = /var/opt/samba/log.%m
time server = Yes
deadtime = 30
keepalive = 60
lpq cache time = 30
read prediction = Yes
socket options = TCP_NODELAY IPTOS_LOWDELAY
load printers = No
add user script = /opt/samba/bin/adduser %u
wins server = 194.26.203.10
remote announce = 194.26.204.255
comment = Samba ver. %v
invalid users = smtp, daemon, sys, bin, adm, noaccess
admin users = root
preserve case = No
short preserve case = No
map system = Yes
map hidden = Yes
level2 oplocks = Yes
[enterprise$]
comment = Enterprise Productie
path = /enterprise
writeable = Yes
create mask = 0774
directory mask = 0775
inherit permissions = Yes
More information about the samba
mailing list