[Samba] PDA-Logon: mal formed packet
Bernd Kloss
b_kloss at web.de
Tue Oct 28 06:56:30 GMT 2008
Am Dienstag, 28. Oktober 2008 schrieb James Kosin:
> ----- Original Message -----
> From: "Bernd Kloss" <b_kloss at web.de>
> To: "James Kosin" <james_kosin at cox.net>
> Cc: <Volker.Lendecke at sernet.de>
> Sent: Sunday, October 26, 2008 2:15 PM
> Subject: Re: [Samba] PDA-Logon: mal formed packet
>
> > Am Sonntag, 26. Oktober 2008 schrieben Sie:
> >> ----- Original Message -----
> >> From: "Bernd Kloss" <b_kloss at web.de>
> >> To: "James Kosin" <james_kosin at cox.net>
> >> Cc: <Volker.Lendecke at sernet.de>
> >> Sent: Saturday, October 25, 2008 4:12 AM
> >> Subject: Re: [Samba] PDA-Logon: mal formed packet
> >>
> >> > Am Samstag, 25. Oktober 2008 schrieben Sie:
> >> >> ----- Original Message -----
> >> >> From: "Bernd Kloss" <b_kloss at web.de>
> >> >> To: <james_kosin at cox.net>
> >> >> Cc: <Volker.Lendecke at sernet.de>
> >> >> Sent: Friday, October 24, 2008 9:41 AM
> >> >> Subject: Re: [Samba] PDA-Logon: mal formed packet
> >> >>
> >> >> > Am Freitag, 24. Oktober 2008 schrieb James Kosin:
> >> >> >> ----- Original Message -----
> >> >> >> From: "Bernd Kloss" <b_kloss at web.de>
> >> >> >> Newsgroups: linux.samba
> >> >> >> Sent: Thursday, October 23, 2008 3:40 PM
> >> >> >> Subject: Re: [Samba] PDA-Logon: mal formed packet
> >> >> >>
> >> >> >> Am Donnerstag, 23. Oktober 2008 schrieb Bernd Kloss:
> >> >> >> > > Can you send the full trace, not just this error message?
> >> >> >> > >
> >> >> >> > > Thanks,
> >> >> >> > >
> >> >> >> > > Volker
> >> >> >> >
> >> >> >> > I can only attach the file exported by wireshark, but don't know
> >> >> >> > whether
> >> >> >> > this will pass through to the list.
> >> >> >> > What else could I do?
> >> >> >> >
> >> >> >> > Thanks
> >> >> >> > Bernd
> >> >> >>
> >> >> >> Okay, the attachment did not pass through. How can I publish the
> >> >> >> information?
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> ---- Reply ----
> >> >> >> Bernd,
> >> >> >>
> >> >> >> Copy and paste the relavent packets to the email. They don't need
> >> >> >> to
> >> >> >> be
> >> >> >> large attachments. Just need to see the packets... especially the
> >> >> >> malformed one. Try to highlight the one that is malformed if
> >> >> >> possible.
> >> >> >>
> >> >> >> James
> >> >> >
> >> >> > Hello,
> >> >> >
> >> >> > unfortunately I could not C&P from wiresharks GUI, but I did set
> >> >> > the loglevel
> >> >> > in smb.conf to 10 and found something maybe relevant:
> >> >> >
> >> >> > The name of the domain is
> >> >> > azimmer
> >> >> > and the user is
> >> >> > bk
> >> >> > and the PDA is
> >> >> > wm_bk
> >> >> > with it's machineaccount
> >> >> > wm_bk$
> >> >> >
> >> >> > Whereas in the logfile the last letters are missing: azimme\b
> >> >> > The login-mask of the PDA says correctly bk at azimmer.
> >> >> >
> >> >> > EXCERPT FROM LOGFILE:
> >> >> >
> >> >> > [2008/10/24 15:00:01, 5] auth/auth_util.c:make_user_info_map(206)
> >> >> > make_user_info_map: Mapping user [azimme]\[b] from workstation []
> >> >> > READ LINE ABOVE
> >> >> >
> >> >> >
> >> >> > .....
> >> >> > [2008/10/24 15:00:01, 5] auth/auth_util.c:is_trusted_domain(2055)
> >> >> > is_trusted_domain: Checking for domain trust with [azimme]
> >> >> > ......
> >> >> > [2008/10/24 15:00:01, 5] auth/auth_util.c:is_trusted_domain(2055)
> >> >> > is_trusted_domain: Checking for domain trust with [azimme]
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > passdb/secrets.c:secrets_fetch_trusted_domain_password(644)
> >> >> > secrets_fetch failed!
> >> >> > [2008/10/24 15:00:01, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
> >> >> > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >> >> > [2008/10/24 15:00:01, 10] lib/gencache.c:gencache_get(194)
> >> >> > Cache entry with key = TDOM/AZIMME couldn't be found
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > libsmb/trustdom_cache.c:trustdom_cache_fetch(183)
> >> >> > no entry for trusted domain azimme found.
> >> >> > ......
> >> >> > Primary group is 0 and contains 0 supplementary groups
> >> >> > [2008/10/24 15:00:01, 10]
> >> >> > passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1283)
> >> >> > getsampwnam (smbpasswd): search by name: b
> >> >> > [2008/10/24 15:00:01, 10]
> >> >> > passdb/pdb_smbpasswd.c:startsmbfilepwent(229)
> >> >> > startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527)
> >> >> > getsmbfilepwent: returning passwd entry for user bmx$, uid 9010
> >> >> > [2008/10/24 15:00:01, 10]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(501)
> >> >> > getsmbfilepwent: LM password for user bk invalidated
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527)
> >> >> > getsmbfilepwent: returning passwd entry for user bk, uid 9011
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527)
> >> >> > getsmbfilepwent: returning passwd entry for user mk, uid 9012
> >> >> > [2008/10/24 15:00:01, 10]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(501)
> >> >> > getsmbfilepwent: LM password for user iserver$ invalidated
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527)
> >> >> > getsmbfilepwent: returning passwd entry for user iserver$, uid
> >> >> > 9021 [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527)
> >> >> > getsmbfilepwent: returning passwd entry for user admin, uid 1000
> >> >> > [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527)
> >> >> > getsmbfilepwent: returning passwd entry for user Absinthe87$, uid
> >> >> > 9022 [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(527) getsmbfilepwent:
> >> >> > returning
> >> >> > passwd entry for user wm_bk$, uid 9023 [2008/10/24 15:00:01, 5]
> >> >> > passdb/pdb_smbpasswd.c:getsmbfilepwent(578) getsmbfilepwent: end of
> >> >> > file reached.
> >> >> > [2008/10/24 15:00:01, 7]
> >> >> > passdb/pdb_smbpasswd.c:endsmbfilepwent(346)
> >> >> > endsmbfilepwent_internal: closed password file.
> >> >> >
> >> >> > [2008/10/24 15:00:01, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
> >> >> > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >> >> > [2008/10/24 15:00:01, 3] auth/auth_sam.c:check_sam_security(282)
> >> >> > check_sam_security: Couldn't find user 'b' in passdb.
> >> >> >
> >> >> >
> >> >> > [2008/10/24 15:00:01, 5] auth/auth.c:check_ntlm_password(272)
> >> >> > check_ntlm_password: sam authentication for user [b] FAILED with
> >> >> > error NT_STATUS_NO_SUCH_USER
> >> >> >
> >> >> >
> >> >> > [2008/10/24 15:00:01, 3]
> >> >> > auth/auth_winbind.c:check_winbind_security(54)
> >> >> > check_winbind_security: Not using winbind, requested domain
> >> >> > [AZIMMER]
> >> >> > was for this SAM.
> >> >> > [2008/10/24 15:00:01, 10] auth/auth.c:check_ntlm_password(260)
> >> >> > check_ntlm_password: winbind had nothing to say
> >> >> > [2008/10/24 15:00:01, 2] auth/auth.c:check_ntlm_password(318)
> >> >> > check_ntlm_password: Authentication for user [b] -> [b] FAILED
> >> >> > with
> >> >> > error
> >> >> > NT_STATUS_NO_SUCH_USER
> >> >> >
> >> >> >
> >> >> > Here the smbpasswd:
> >> >> >
> >> >> > bmx$:9010:AF71F1BDD67558BAAAD3B435B51404EE:8616F970B19F63F2BAA0C8DC
> >> >> >375 F38 6F: [W ]:LCT-44DC63E8:
> >> >> > bk:9011:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:547DC33C79766AE133C9D8DCB5
> >> >> >8B1 288
> >> >> >
> >> >> >: [U ]:LCT-4900C4DF:
> >> >> >
> >> >> > mk:9012:254DDB6CFC8F23A0AAD3B435B51404EE:93A8F8DDBB175806412DA67A8E
> >> >> >0EC 2BB
> >> >> >
> >> >> >: [U ]:LCT-44DC64BA:
> >> >> >
> >> >> > iserver$:9021:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:3CB8039A9897BF47CB74
> >> >> >909 33D EFF502: [W ]:LCT-46694824:
> >> >> > admin:1000:EF05D513B7BB207BAAD3B435B51404EE:EFBDE31F66AB16402EB2AFA
> >> >> >874 546 65F: [U ]:LCT-466957D9:
> >> >> > Absinthe87$:9022:7228482F80DE563A9DD8171677BC2ED7:5AEF1D7A38592C96E
> >> >> >3EB 889 705795CDF: [W ]:LCT-466B1C45:
> >> >> > wm_bk$:9023:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO
> >> >> > PASSWORDXXXXXXXXXXXXXXXXXXXXX:
> >> >> > [NW ]:LCT-00000000:
> >> >> >
> >> >> >
> >> >> > BMX$ is a XP-Client an working fine.
> >> >> >
> >> >> >
> >> >> > Thank you for helping so far. I attach the logfiles.
> >> >> >
> >> >> > Regards
> >> >> > Bernd
> >> >>
> >> >> Bernd,
> >> >>
> >> >> Can you send a copy of the relavent configuration file. It looks as
> >> >> thought either samba is configured for a domain, unless this is
> >> >> always checked in samba... Volker would be able to tell for sure.
> >> >> The other possibility is someone has configured the PDA for a domain.
> >> >> And
> >> >> the PDA is missending this information; confusing samba if not
> >> >> configured for a domain.
> >> >>
> >> >> James
> >> >
> >> > Hello,
> >> >
> >> > attached I send the smb.conf and the logs after setting domain logons
> >> > = no.
> >> >
> >> > No success. The XP-Client can connect properly.
> >> > I searched the PDA (LOOX N560, Windows Mobile 5) for a string
> >> > "azimme*" in the
> >> > registry, but could not find anything. As far as I recall, there was
> >> > nothing
> >> > to to on the PDA as making the WLAN run and using the filemanager with
> >> > \\zeus\data
> >> > and I always could logon without being asked for a password.
> >> >
> >> > The trunkatet domain azimme[r] an username b[k] still remain in the
> >> > log:
> >> >
> >> > [2008/10/25 09:49:57, 5] auth/auth_util.c:make_user_info_map(206)
> >> > make_user_info_map: Mapping user [azimme]\[b] from workstation []
> >> > [2008/10/25 09:49:57, 5] auth/auth_util.c:make_user_info(120)
> >> > attempting to make a user_info for b (b)
> >> > [2008/10/25 09:49:57, 5] auth/auth_util.c:make_user_info(130)
> >> > making strings for b's user_info struct
> >> > [2008/10/25 09:49:57, 5] auth/auth_util.c:make_user_info(162)
> >> > making blobs for b's user_info struct
> >> > [2008/10/25 09:49:57, 10] auth/auth_util.c:make_user_info(180)
> >> > made an encrypted user_info for b (b)
> >> > [2008/10/25 09:49:57, 3] auth/auth.c:check_ntlm_password(220)
> >> > check_ntlm_password: Checking password for unmapped user
> >> > [azimme]\[b]@[] with the new password interface
> >> >
> >> >
> >> >
> >> > regards
> >> > Bernd
> >>
> >> Bernd,
> >>
> >> Can you try two things,
> >> (1) try logging in with the PDA using the workgroup and user name like
> >> this (azimme\azimme) for the login. This should work as well for the
> >> workgroup, I believe.
> >> (2) try using a different workgroup. I think what may be happening is
> >> samba is getting sidetracked by the user and workgroup being the same
> >> name.
> >>
> >> James
> >
> > Hello, James
> >
> > (1) and (2) did not work. So I tried something else, but with a similar
> > result.
> >
> > Please excuse my missing skills configuring SAMBA properly.
> > Let me briefly explain my intention:
> > On server ZEUS with workgroup AZIMMER there are several users (members in
> > the
> > group users) for instance bk created with unix- and samba-accounts. They
> > should be allowed to access their homes as /home/bk.
> > They also should be allowed to have full rights using the
> > directory /zeus/data.
> >
> > I tried several things. State at the moment is:
> >
> > [homes]
> > comment = Home Directories
> > browseable = no
> > writable = yes
> > create mask = 0700
> > directory mask = 0700
> > valid users = %S
> >
> > [data]
> > path = /data
> > browseable = yes
> > printable = no
> > writable = yes
> > guest ok = yes
> > read only = no
> > create mask = 0777
> > directory mask = 0777
> > inherit permissions = yes
> > # valid users = %S, bk, mk, admin, Absinthe
> > # valid users = %S
> > # valid users = bk, mk, admin, Absinthe
> > valid users = %U
> >
> > This is working for XP-clients. The user logged on can connect to his
> > home and
> > also to data.
> >
> > Trying to log in from the PDA I log on as bk for domain azimmer. Reading
> > the
> > log-file I get the impression that samba is looking for a user b instead
> > of
> > bk on domain azimme instead of azimmer. The last character is always
> > missing.
> >
> > [2008/10/26 18:44:15, 5] auth/auth_util.c:make_user_info_map(206)
> > make_user_info_map: Mapping user [azimme]\[b] from workstation []
> > [2008/10/26 18:44:15, 5] auth/auth_util.c:make_user_info(120)
> > attempting to make a user_info for b (b)
> > [2008/10/26 18:44:15, 5] auth/auth_util.c:make_user_info(130)
> > making strings for b's user_info struct
> > [2008/10/26 18:44:15, 5] auth/auth_util.c:make_user_info(162)
> > making blobs for b's user_info struct
> > [2008/10/26 18:44:15, 10] auth/auth_util.c:make_user_info(180)
> > made an encrypted user_info for b (b)
> > [2008/10/26 18:44:15, 3] auth/auth.c:check_ntlm_password(220)
> > check_ntlm_password: Checking password for unmapped user
> > [azimme]\[b]@[] with the new password interface
> > [2008/10/26 18:44:15, 3] auth/auth.c:check_ntlm_password(223)
> > check_ntlm_password: mapped user is: [ZEUS]\[b]@[]
> >
> > Does this help in any way to spot the mistake?
> >
> > Regards
> > Bernd
>
> Volker,
>
> I'm putting the thread back on samba. I think this may be either a Windows
> CE issue or some sort of misconfiguration.
> Anyone have any ideas???
>
> James
Hello, James and Volker,
first of all thank you very much for your engagement.
Let me just point out one thing:
Until september 2008 I had Debian Etch running on my server and the PDA was
working fine. While upgrading from Etch to Lenny I did not change the
smb.conf nor the configuration of the LOOX N560 PDA (there is nothing to
change. I can tell it to make DHCP, configure WPA2. That's it.) From then on
the PDA could not log on to the server, but still works fine with the
XP-Clients.
I am wondering why it is looking for a user and a workgroup both missing the
last letter as Lenny-SAMBA is showing it in the log.
Regards
Bernd
More information about the samba
mailing list