[Samba] NTLMv2 - wrong password with samba?

Tim P panterafreak at gmail.com
Tue Jul 26 15:18:11 GMT 2005


I have samba 3.0.14-5 installed (installed via Fedora Core 4's Yum)
I have enabled "client NTLMv2 auth = yes" in smb.conf
When I run "ntlm_auth --username=user --domain=MYDOM" it connects fine
(change user and MYDOM to be my user and my domain)
When I run "ntlm_auth --username=user --domain=MYDOM --diagnostics" it
fails on all tests with "wrong password" which is incorrect, I know
its the right password, I was very careful with it and have reset it
to make sure
This is connecting to a 2003 active directory domain, I have
successfully joined the machine to the domain and am able to get a
list of users and groups without issue

Here is the output of "ntlm_auth --username=user --domain=MYDOM --diagnostics"
I have sanatized it to use "user" and "MYDOM"

[root at redguard samba]# ntlm_auth --username=user --domain=MYDOM --diagnostics
password:
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test NTLMv2 failed!
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test NTLMv2 and LMv2 failed!
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test LMv2 failed!
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test NTLMv2 and LMv2, LMv2 broken failed!
Wrong Password (0xc000006a)
Wrong Password (0xc000006a)
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test Plaintext failed!
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test Plaintext LM broken failed!
Wrong Password (0xc000006a)
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test Plaintext NT only failed!
Wrong Password (0xc000006a)
[2005/07/26 09:24:27, 1] utils/ntlm_auth_diagnostics.c:diagnose_ntlm_auth(594)
  Test Plaintext LM only failed!
[root at redguard samba]#

My smb.conf has the following in it that I have added
[global]

   workgroup = MYDOM
   realm = MYDOM.ORG
   security = ads
   client NTLMv2 auth = yes

Is there perhaps some setting I need to set in windows AD to allow me
to connect this way (such as enabling remote access) or something on
the samba side that I missed?

Any advice is greatly appreciated,
Thanks
Tim


More information about the samba mailing list