[Samba] win2k login to samba 3.03/4 PDC problem

Paul Gienger pgienger at ae-solutions.com
Fri May 14 19:50:50 GMT 2004 

It has been stated that anything but user and computer acccounts in the 
same ou simply wont work.  I forget the bug number, but if you do some 
searching on the samba bugzilla db, it's there in black and white.

That being said, I know I got it to work once on a linux only 
environment, but then as soon as tried to roll out on solaris the 
fertilizer hit the ventilator.  Don't know what I did, but it would 
appear it was an anomaly.

Daniel Campbell wrote:

> The machine name must be in the file /etc/passwd.  And yes I have the 
> computers in computers and the users in ou users.  Should I try them 
> both in users?
>
> Paul Gienger wrote:
>
>> For your 'user must be in passwd file' issue, are you saying 
>> /etc/passwd or smbpasswd?  Are you trying to store computers in a 
>> different ou than your regular user accounts?  There is a somewhat 
>> well known bug/design issue with that feature...
>>
>> Daniel Campbell wrote:
>>
>>> I am having a problem getting a user to login to a win2k box that was
>>> successfully added to the samba3.0.3/4 domain.  Originally I had a 
>>> problem
>>> with adding the machines but I modified the smbldap_conf.pm add machine
>>> function to add the machine to the local passwd file as well as ldap 
>>> and it
>>> was fine.  This does seem strange to me though because I can't 
>>> figure out
>>> why it would need to be added to the passwd file and ldap with the 
>>> passdb
>>> set as follows:
>>>    passdb backend = ldapsam:ldap://127.0.0.1:389
>>> Any ideas on this?
>>>
>>> My actual issue now is although I can add the machine to the domain, 
>>> I can't
>>> log into it.  I have setup a couple of users and while I can 
>>> authenticate to
>>> open local shared folders I can not log into the domain.  I debugged 
>>> both
>>> the ldap server and the samba server and I see it says I passed the
>>> authentication process on the samba side as follows:
>>>
>>> [2004/05/14 14:46:27, 3] auth/auth.c:check_ntlm_password(268)
>>>  check_ntlm_password: sam authentication for user [campbell] succeeded
>>> [2004/05/14 14:46:27, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>>>  push_sec_ctx(99, 99) : sec_ctx_stack_ndx = 1
>>> [2004/05/14 14:46:27, 3] smbd/uid.c:push_conn_ctx(351)
>>>  push_conn_ctx(101) : conn_ctx_stack_ndx = 0
>>> [2004/05/14 14:46:27, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>>>  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
>>> [2004/05/14 14:46:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>>>  pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0
>>> [2004/05/14 14:46:27, 2] auth/auth.c:check_ntlm_password(305)
>>>  check_ntlm_password:  authentication for user [campbell] -> 
>>> [campbell] ->
>>> [campbell] succeeded
>>> [2004/05/14 14:46:27, 3] 
>>> rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
>>>  free_pipe_context: destroying talloc pool of size 4814
>>> [2004/05/14 14:46:27, 3] smbd/pipes.c:reply_pipe_write_and_X(199)
>>>  writeX-IPC pnum=71f3 nwritten=352
>>> [2004/05/14 14:46:27, 3] smbd/process.c:process_smb(890)
>>>  Transaction 39 of length 63
>>> [2004/05/14 14:46:27, 3] smbd/process.c:switch_message(685)
>>>  switch message SMBreadX (pid 4628)
>>> [2004/05/14 14:46:27, 3] smbd/pipes.c:reply_pipe_read_and_X(242)
>>>  readX-IPC pnum=71f3 min=1024 max=1024 nread=596
>>>
>>> But on the windows box I get an error of "The system could not log 
>>> you on.
>>> Please check your username and domain are correct.  etc...."
>>>
>>> Any ides?  I have searched high and low as well as tried to debug this
>>> myself but can't figure out what is going on.....
>>>
>>>
>>>
>>>  
>>>
>>
>

-- 
Paul Gienger                     Office:		701-281-1884
Applied Engineering Inc.         Cell:			701-306-6254
Information Systems Consultant   Fax:			701-281-1322
URL: www.ae-solutions.com        mailto:pgienger at ae-solutions.com

More information about the samba mailing list