[Samba] ADS authentication.. almost works

Razvan Cosma razvan.cosma at telemach.com
Mon Jul 28 14:58:32 GMT 2003 

   Hello,

  Beta 3, ./configure --with-ads & krb5, slackware system (no PAM). 
Things seem to be correctly configured, done the net join part without 
errors, I can use e.g. smbclient -L or wbinfo -u, but users cannot acces 
  shares on the Samba machine. Snip from the log (trying to connect from 
the domain controller on which I'm logged as administrator):

[2003/07/28 14:52:27, 3] auth/auth.c:check_ntlm_password(216)
   check_ntlm_password:  Checking password for unmapped user 
[DOMAIN]\[Administrator]@[DOMAINCTL] with the new password interface
[2003/07/28 14:52:27, 3] auth/auth.c:check_ntlm_password(219)
   check_ntlm_password:  mapped user is: 
[SAMBAMACHINE]\[Administrator]@[DOMAINCTL]
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:push_sec_ctx(256)
   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/07/28 14:52:27, 3] smbd/uid.c:push_conn_ctx(287)
   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:set_sec_ctx(288)
   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/07/28 14:52:27, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(182)
   startsmbfilepwent_internal: unable to open file 
/usr/local/samba/private/smbpasswd. Error was No such file or directory
[2003/07/28 14:52:27, 0] passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1284)
   Unable to open passdb database.
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/07/28 14:52:27, 3] auth/auth_sam.c:check_sam_security(439)
   Couldn't find user 'Administrator' in passdb file.
[2003/07/28 14:52:27, 2] auth/auth.c:check_ntlm_password(309)
   check_ntlm_password:  Authentication for user [Administrator] -> 
[Administrator] FAILED with error NT_STATUS_NO_SUCH_USER
[2003/07/28 14:52:27, 3] smbd/process.c:process_smb(878)
   Transaction 3 of length 214
[2003/07/28 14:52:27, 3] smbd/process.c:switch_message(673)
   switch message SMBsesssetupX (pid 14296)
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:set_sec_ctx(288)
   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(551)
   wct=12 flg2=0xc807
[2003/07/28 14:52:27, 2] smbd/sesssetup.c:setup_new_vc_session(507)
   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(448)
   Doing spnego session setup
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(472)
   NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_spnego_negotiate(353)
   Got OID 1 3 6 1 4 1 311 2 2 10
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_spnego_negotiate(360)
   Got secblob of size 44
[2003/07/28 14:52:27, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(33)
   Got NTLMSSP neg_flags=0xe008b297
[2003/07/28 14:52:27, 3] smbd/process.c:process_smb(878)
   Transaction 4 of length 310
[2003/07/28 14:52:27, 3] smbd/process.c:switch_message(673)
   switch message SMBsesssetupX (pid 14296)
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:set_sec_ctx(288)
   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(551)
   wct=12 flg2=0xc807
[2003/07/28 14:52:27, 2] smbd/sesssetup.c:setup_new_vc_session(507)
   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(448)
   Doing spnego session setup
[2003/07/28 14:52:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(472)
   NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
[2003/07/28 14:52:27, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(283)
   Got user=[Administrator] domain=[DOMAIN] workstation=[DOMAINCTL] 
len1=24 len2=24
[2003/07/28 14:52:27, 3] auth/auth.c:check_ntlm_password(216)
   check_ntlm_password:  Checking password for unmapped user 
[DOMAIN]\[Administrator]@[DOMAINCTL] with the new password interface
[2003/07/28 14:52:27, 3] auth/auth.c:check_ntlm_password(219)
   check_ntlm_password:  mapped user is: 
[SAMBAMACHINE]\[Administrator]@[DOMAINCTL]
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:push_sec_ctx(256)
   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/07/28 14:52:27, 3] smbd/uid.c:push_conn_ctx(287)
   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:set_sec_ctx(288)
   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/07/28 14:52:27, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(182)
   startsmbfilepwent_internal: unable to open file 
/usr/local/samba/private/smbpasswd. Error was No such file or directory
[2003/07/28 14:52:27, 0] passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1284)
   Unable to open passdb database.
[2003/07/28 14:52:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/07/28 14:52:27, 3] auth/auth_sam.c:check_sam_security(439)
   Couldn't find user 'Administrator' in passdb file.
[2003/07/28 14:52:27, 2] auth/auth.c:check_ntlm_password(309)
   check_ntlm_password:  Authentication for user [Administrator] -> 
[Administrator] FAILED with error NT_STATUS_NO_SUCH_USER
[2003/07/28 14:52:29, 3] smbd/process.c:timeout_processing(1087)
   end of file from client
[2003/07/28 14:52:29, 3] smbd/sec_ctx.c:set_sec_ctx(288)
   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/07/28 14:52:29, 2] smbd/server.c:exit_server(558)
   Closing connections
[2003/07/28 14:52:29, 3] smbd/connection.c:yield_connection(69)
   Yielding connection to
[2003/07/28 14:52:29, 3] smbd/connection.c:yield_connection(76)
   yield_connection: tdb_delete for name  failed with error Record does 
not exist.
[2003/07/28 14:52:29, 3] smbd/server.c:exit_server(601)
   Server exit (normal exit)

  Can you give any hints on what goes wrong? Thank you.

More information about the samba mailing list