[Samba] Unable to log on (authenticating) to a Samba NT Domain

Roberto Mason baubba at rmasonfamily.info
Thu Oct 19 23:08:48 GMT 2006 

I have 4 machines at home:
1 Linux Centos 4.4 running as a PDC
1 Linux Centos domain member running as my file server. Winbind works
properly and I'm able to share files perfectly well
1 Windows XP sp2, member of my domain. No problem accessing files on
Centos domain member
1 Linux Fedora Core 5, also a domain member.

I'm unable to logon my Fedora 5 machine to my domain. I've joined the
domain, Winbind is running. getent passwd and group show my domain
passwd and group information properly. wbinfo -u return my users
(including domain)

[root at fedora ~]# wbinfo -u
MEPHISTOPHELES\root
MEPHISTOPHELES\baubba
MEPHISTOPHELES\linuxbasic
MEPHISTOPHELES\jo-ann
MEPHISTOPHELES\roberto
MEPHISTOPHELES\programmer
MEPHISTOPHELES\desrochers
[root at fedora ~]# wbinfo -g
BUILTIN\administrators
BUILTIN\users
MEPHISTOPHELES\print operators
MEPHISTOPHELES\replicators
MEPHISTOPHELES\account operators
MEPHISTOPHELES\domain guests
MEPHISTOPHELES\backup operators
MEPHISTOPHELES\system operators
MEPHISTOPHELES\domain admins
MEPHISTOPHELES\domain users
[root at fedora ~]#



root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin
tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
vdr:x:100:101:Video Disk Recorder:/srv/vdr:/sbin/nologin
MEPHISTOPHELES
\root:*:16777216:16777216:root:/home/MEPHISTOPHELES/root:/bin/bash
MEPHISTOPHELES\baubba:*:16777217:16777216:Roberto
Mason:/home/MEPHISTOPHELES/baubba:/bin/bash
MEPHISTOPHELES\linuxbasic:*:16777218:16777216:Roberto
Mason:/home/MEPHISTOPHELES/linuxbasic:/bin/bash
MEPHISTOPHELES\jo-ann:*:16777219:16777216:Jo-Ann
Mason:/home/MEPHISTOPHELES/jo-ann:/bin/bash
MEPHISTOPHELES\roberto:*:16777220:16777216:Roberto
Mason:/home/MEPHISTOPHELES/roberto:/bin/bash
MEPHISTOPHELES\programmer:*:16777221:16777216:Roberto
Mason:/home/MEPHISTOPHELES/programmer:/bin/bash
MEPHISTOPHELES\desrochers:*:16777222:16777216:Guillaume
Desrochers:/home/MEPHISTOPHELES/desrochers:/bin/bash
[root at fedora ~]# getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
dbus:x:81:
rpm:x:37:
utmp:x:22:
distcache:x:94:
apache:x:48:
ntp:x:38:
nscd:x:28:
floppy:x:19:
vcsa:x:69:
mysql:x:27:
webalizer:x:67:
screen:x:84:
squid:x:23:
netdump:x:34:
pcap:x:77:
slocate:x:21:
avahi:x:70:
named:x:25:
mailnull:x:47:
smmsp:x:51:
haldaemon:x:68:
rpc:x:32:
xfs:x:43:
hsqldb:x:96:
tomcat:x:91:
rpcuser:x:29:
nfsnobody:x:65534:
gdm:x:42:
sshd:x:74:
video:x:101:
MEPHISTOPHELES\print operators:*:16777219:
MEPHISTOPHELES\replicators:*:16777220:MEPHISTOPHELES\root
MEPHISTOPHELES\account operators:*:16777221:MEPHISTOPHELES\root
MEPHISTOPHELES\domain guests:*:16777222:
MEPHISTOPHELES\backup operators:*:16777223:MEPHISTOPHELES\root
MEPHISTOPHELES\system operators:*:16777224:MEPHISTOPHELES\root
MEPHISTOPHELES\domain admins:*:16777225:MEPHISTOPHELES\roberto
MEPHISTOPHELES\domain users:*:16777226:MEPHISTOPHELES
\roberto,MEPHISTOPHELES\baubba,MEPHISTOPHELES\linuxbasic,MEPHISTOPHELES
\programmer,MEPHISTOPHELES\jo-ann
BUILTIN\administrators:*:16777217:
BUILTIN\users:*:16777218:
[root at fedora ~]#

Winbind seems to be properly configured, I'm including my full smb.conf
file settings
# Samba config file created using SWAT 
# from 0.0.0.0 (0.0.0.0)
# Date: 2006/10/19 19:04:04

[global]
	workgroup = MEPHISTOPHELES
	server string = Samba Server
	security = DOMAIN
	password server = 192.168.1.10
	log file = /var/log/samba/%m.log
	max log size = 50
	acl compatibility = winnt
	server signing = auto
	socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
	printcap name = /etc/printcap
	preferred master = No
	domain master = No
	dns proxy = No
	wins server = 192.168.1.10
	ldap ssl = no
	idmap uid = 16777216-33554431
	idmap gid = 16777216-33554431
	template shell = /bin/bash
	winbind enum users = Yes
	winbind enum groups = Yes
	cups options = raw

[homes]
	comment = Home Directories
	read only = No
	browseable = No

[printers]
	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	browseable = No

finally my nnswitch.conf file

# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#	nisplus or nis+		Use NIS+ (NIS version 3)
#	nis or yp		Use NIS (NIS version 2), also called YP
#	dns			Use DNS (Domain Name Service)
#	files			Use the local files
#	db			Use the local database (.db) files
#	compat			Use NIS on compat mode
#	hesiod			Use Hesiod for user lookups
#	[NOTFOUND=return]	Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files winbind
shadow:     files winbind
group:      files winbind

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files     

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files winbind
rpc:        files
services:   files winbind

netgroup:   files winbind

publickey:  nisplus

automount:  files winbind
aliases:    files nisplus

I know it's alot of information, but here it is all. When i try to log in using roberto (my domain member name) and password, i get a AUTHENCATION FAILED message. Any idea what's not working?

Thank You

More information about the samba mailing list