NT Can't connect to encrypted share

Andrew Perrin - Demography aperrin at demog.Berkeley.EDU
Thu Feb 19 17:43:58 GMT 1998 

Sure - smb.conf follows -- we'll try running on p3 as the next debug
tactic.

---------------------------------------------------------------------
Andrew J. Perrin - aperrin at demog.berkeley.edu - NT/Unix Admin/Support
Department of Demography    -    University of California at Berkeley
2232 Piedmont Avenue #2120  -    Berkeley, California, 94720-2120 USA
http://demog.berkeley.edu/~aperrin ----------------------------------

On Thu, 19 Feb 1998, Luke Kenneth Casson Leighton wrote:

> hi andrew,
> 
> you wanna send your smb.conf file to samba-ntdom, so we can comment on it? 
> you tried running with 1.9.18p3 on *exactly* the same smb.conf file?  does
> it work on 18p3? 
> 
> luke
> 
> On Thu, 19 Feb 1998, Andrew Perrin - Demography wrote:
> 
> > Greetings--
> > After installing 1.9.18alpha14-ntdom, we are unable to connect to shares
> > on the Samba server from an NT (4.0, SP3) computer, regardless of whether
> > EnablePlainTextPasswords is 1 or nonexistent.
> > 
> > The same share *can* be mounted, using the encrypted SMB password, by
> > smbclient from both the samba server machine and from another unix
> > machine.
> > 
> > The relevant lines from samba.log follow.  The share is \\vuk\test, in
> > domain SANDBOX; username is aperrin, and it exists in smbpasswd.  Running
> > under Solaris 2.6.  Any help will be much appreciated!
> > 
> > Domain=[SANDBOX]  NativeOS=[Windows NT 1381] NativeLanMan=[Windows NT 4.0]
> > sesssetupX:name=[aperrin]
> > SMB Password - pwlen = 24
> > Checking SMB password for user aperrin (l=24)
> > get_smbpwd_entry: returning passwd entry for user aperrin, uid 7575, acb 0
> > Checking SMB password for user aperrin
> > Checking NT MD4 password
> > NT MD4 password check succeeded
> > sess_passwd_check: accepted password
> > adding home directory aperrin at /home/davis/hdir1/aperrin
> > aperrin is in 6 groups
> > 16 726 728 14 714 723 
> > uid 7575 registered to name aperrin
> > Clearing default real name
> > Chained message
> > size=184
> > smb_com=0x75
> > smb_rcls=0
> > smb_reh=0
> > smb_err=0
> > smb_flg=24
> > smb_flg2=3
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=128
> > smt_wct=4
> > smb_vwv[0]=255 (0xFF)
> > smb_vwv[1]=0 (0x0)
> > smb_vwv[2]=0 (0x0)
> > smb_vwv[3]=1 (0x1)
> > smb_bcc=15
> > switch message SMBtconX (pid 1365)
> > Got device type A:
> > Trying username tesT
> > 02/18/1998 15:16:06 invalid username/password for test
> > 02/18/1998 15:16:06 error packet at line 174 cmd=117 (SMBtconX) eclass=2
> > ecode=2
> > size=83
> > smb_com=0x73
> > smb_rcls=2
> > smb_reh=0
> > smb_err=2
> > smb_flg=136
> > smb_flg2=1
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=128
> > smt_wct=3
> > smb_vwv[0]=117 (0x75)
> > smb_vwv[1]=80 (0x50)
> > smb_vwv[2]=0 (0x0)
> > smb_bcc=39
> > 02/18/1998 15:16:06 Transaction 5 of length 43
> > size=39
> > smb_com=0x74
> > smb_rcls=0
> > smb_reh=0
> > smb_err=0
> > smb_flg=24
> > smb_flg2=3
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=192
> > smt_wct=2
> > smb_vwv[0]=255 (0xFF)
> > smb_vwv[1]=282 (0x11A)
> > smb_bcc=0
> > switch message SMBulogoffX (pid 1365)
> > 02/18/1998 15:16:06 ulogoffX vuid=101
> > size=39
> > smb_com=0x74
> > smb_rcls=0
> > smb_reh=0
> > smb_err=0
> > smb_flg=136
> > smb_flg2=1
> > smb_tid=0
> > smb_pid=51966
> > smb_uid=101
> > smb_mid=192
> > smt_wct=2
> > smb_vwv[0]=255 (0xFF)
> > smb_vwv[1]=0 (0x0)
> > smb_bcc=0
> > 
> > 
> > ---------------------------------------------------------------------
> > Andrew J. Perrin - aperrin at demog.berkeley.edu - NT/Unix Admin/Support
> > Department of Demography    -    University of California at Berkeley
> > 2232 Piedmont Avenue #2120  -    Berkeley, California, 94720-2120 USA
> > http://demog.berkeley.edu/~aperrin ----------------------------------
> > 
> > 
> 
> <a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
> <a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
> <a href="http://www.samba.co.uk"       > Samba and Network Consultancy </a>
> 
-------------- next part --------------
[global]
	workgroup = SANDBOX
	domain sid = S-1-5-21-222-222-222-001
;	Added the following four lines to see if they make profiles work.
	domain master = yes
	local master = yes
	preferred master = yes
	os level = 200
	domain logons = yes
	security = user
; Samba seems to require the prior line for trust logins.
	wins support = yes
	smbrun = /usr/LOCAL/samba/bin/smbrun
	lock dir = /usr/LOCAL/samba/var/locks
	debug level = 5 
	log file = /var/log/samba.log
	load printers = no
	hide dot files = no
	revalidate = yes
	printing = bsd
        default service = homes
	encrypt passwords = yes
	logon path = \\vuk\profile

[netlogon]
	guest ok = no
	read only = no
	path = /home/davis/12s7/smb/netlogon/aperrin
	browseable = no

[profile]
	guest ok = no
	guest only = no
	read only = no
	browseable = yes
	wide links = yes
	printable = no
	path = /home/davis/hdir1/%U/.ntprofile
	Comment = Profile Directory (%U)

[homes]
        guest ok = no
        read only = no
        browseable = yes
        wide links = yes
        printable = no
        create mask = 0775
	path = /home/davis/hdir1/%U
        Comment = Home Directory (%U)

[test]
	guest ok = no
	read only = no
	browseable = yes
	wide links = yes
	printable = no
	path = /usr/LOCAL/samba/test
	Comment = Sandbox

[cdrom]
	guest ok =no 
	read only = yes
	browseable = yes
	path = /cdrom
	wide links = no
	Comment = CD-ROM

More information about the samba-ntdom mailing list