NT Can't connect to encrypted share
Andrew Perrin - Demography
aperrin at demog.Berkeley.EDU
Thu Feb 19 17:43:58 GMT 1998
Sure - smb.conf follows -- we'll try running on p3 as the next debug
tactic.
---------------------------------------------------------------------
Andrew J. Perrin - aperrin at demog.berkeley.edu - NT/Unix Admin/Support
Department of Demography - University of California at Berkeley
2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA
http://demog.berkeley.edu/~aperrin ----------------------------------
On Thu, 19 Feb 1998, Luke Kenneth Casson Leighton wrote:
> hi andrew,
>
> you wanna send your smb.conf file to samba-ntdom, so we can comment on it?
> you tried running with 1.9.18p3 on *exactly* the same smb.conf file? does
> it work on 18p3?
>
> luke
>
> On Thu, 19 Feb 1998, Andrew Perrin - Demography wrote:
>
> > Greetings--
> > After installing 1.9.18alpha14-ntdom, we are unable to connect to shares
> > on the Samba server from an NT (4.0, SP3) computer, regardless of whether
> > EnablePlainTextPasswords is 1 or nonexistent.
> >
> > The same share *can* be mounted, using the encrypted SMB password, by
> > smbclient from both the samba server machine and from another unix
> > machine.
> >
> > The relevant lines from samba.log follow. The share is \\vuk\test, in
> > domain SANDBOX; username is aperrin, and it exists in smbpasswd. Running
> > under Solaris 2.6. Any help will be much appreciated!
> >
> > Domain=[SANDBOX] NativeOS=[Windows NT 1381] NativeLanMan=[Windows NT 4.0]
> > sesssetupX:name=[aperrin]
> > SMB Password - pwlen = 24
> > Checking SMB password for user aperrin (l=24)
> > get_smbpwd_entry: returning passwd entry for user aperrin, uid 7575, acb 0
> > Checking SMB password for user aperrin
> > Checking NT MD4 password
> > NT MD4 password check succeeded
> > sess_passwd_check: accepted password
> > adding home directory aperrin at /home/davis/hdir1/aperrin
> > aperrin is in 6 groups
> > 16 726 728 14 714 723
> > uid 7575 registered to name aperrin
> > Clearing default real name
> > Chained message
> > size=184
> > smb_com=0x75
> > smb_rcls=0
> > smb_reh=0
> > smb_err=0
> > smb_flg=24
> > smb_flg2=3
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=128
> > smt_wct=4
> > smb_vwv[0]=255 (0xFF)
> > smb_vwv[1]=0 (0x0)
> > smb_vwv[2]=0 (0x0)
> > smb_vwv[3]=1 (0x1)
> > smb_bcc=15
> > switch message SMBtconX (pid 1365)
> > Got device type A:
> > Trying username tesT
> > 02/18/1998 15:16:06 invalid username/password for test
> > 02/18/1998 15:16:06 error packet at line 174 cmd=117 (SMBtconX) eclass=2
> > ecode=2
> > size=83
> > smb_com=0x73
> > smb_rcls=2
> > smb_reh=0
> > smb_err=2
> > smb_flg=136
> > smb_flg2=1
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=128
> > smt_wct=3
> > smb_vwv[0]=117 (0x75)
> > smb_vwv[1]=80 (0x50)
> > smb_vwv[2]=0 (0x0)
> > smb_bcc=39
> > 02/18/1998 15:16:06 Transaction 5 of length 43
> > size=39
> > smb_com=0x74
> > smb_rcls=0
> > smb_reh=0
> > smb_err=0
> > smb_flg=24
> > smb_flg2=3
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=192
> > smt_wct=2
> > smb_vwv[0]=255 (0xFF)
> > smb_vwv[1]=282 (0x11A)
> > smb_bcc=0
> > switch message SMBulogoffX (pid 1365)
> > 02/18/1998 15:16:06 ulogoffX vuid=101
> > size=39
> > smb_com=0x74
> > smb_rcls=0
> > smb_reh=0
> > smb_err=0
> > smb_flg=136
> > smb_flg2=1
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=192
> > smt_wct=2
> > smb_vwv[0]=255 (0xFF)
> > smb_vwv[1]=0 (0x0)
> > smb_bcc=0
> >
> >
> > ---------------------------------------------------------------------
> > Andrew J. Perrin - aperrin at demog.berkeley.edu - NT/Unix Admin/Support
> > Department of Demography - University of California at Berkeley
> > 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA
> > http://demog.berkeley.edu/~aperrin ----------------------------------
> >
> >
>
> <a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton </a>
> <a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
> <a href="http://www.samba.co.uk" > Samba and Network Consultancy </a>
>
-------------- next part --------------
[global]
workgroup = SANDBOX
domain sid = S-1-5-21-222-222-222-001
; Added the following four lines to see if they make profiles work.
domain master = yes
local master = yes
preferred master = yes
os level = 200
domain logons = yes
security = user
; Samba seems to require the prior line for trust logins.
wins support = yes
smbrun = /usr/LOCAL/samba/bin/smbrun
lock dir = /usr/LOCAL/samba/var/locks
debug level = 5
log file = /var/log/samba.log
load printers = no
hide dot files = no
revalidate = yes
printing = bsd
default service = homes
encrypt passwords = yes
logon path = \\vuk\profile
[netlogon]
guest ok = no
read only = no
path = /home/davis/12s7/smb/netlogon/aperrin
browseable = no
[profile]
guest ok = no
guest only = no
read only = no
browseable = yes
wide links = yes
printable = no
path = /home/davis/hdir1/%U/.ntprofile
Comment = Profile Directory (%U)
[homes]
guest ok = no
read only = no
browseable = yes
wide links = yes
printable = no
create mask = 0775
path = /home/davis/hdir1/%U
Comment = Home Directory (%U)
[test]
guest ok = no
read only = no
browseable = yes
wide links = yes
printable = no
path = /usr/LOCAL/samba/test
Comment = Sandbox
[cdrom]
guest ok =no
read only = yes
browseable = yes
path = /cdrom
wide links = no
Comment = CD-ROM
More information about the samba-ntdom
mailing list