NT 4 login problems
Sean E. Millichamp
sean at compu-aid.com
Mon Mar 13 23:13:29 GMT 2000
I just cvs up'd after the announcement of TNG 0.15
I have an NT4 server installed in standalone server mode which I am
effectively using as a workstation just to test TNG.
I followed the TNG FAQ, used the sample PDC configuration files there and
started Samba. I have test user accounts with passwords in smbpasswd, a
machine account, etc. I then joined NT to the domain and Windows said
that it went successfully.
However, I got the following in log.netlogon:
ERROR: setgroups call failed!
socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused
ERROR: setgroups call failed!
socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused
ERROR: setgroups call failed!
TODO: verify that the rid exists
ERROR: setgroups call failed!
I thought 0.15 was supposed to fix the "setgroups call failed" message
(Which I had been getting earlier too with code checked out Saturday)
I also saw this in log.lsarpc which bothered me:
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=99, egid=99
_lsa_open_secret failed with 0xc0000022
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=99, egid=99
_lsa_open_secret failed with 0xc0000022
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=99, egid=99
_lsa_open_secret failed with 0xc0000022
I'm not sure what this "secret_db" is. I didn't see any mention of it in
the TNG FAQ.
Then NT booted and I got added in the logfile (without typing anything at
NT):
to log.lsarpc:
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=99, egid=99
_lsa_open_secret failed with 0xc0000022
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=99, egid=99
_lsa_open_secret failed with 0xc0000022
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=99, egid=99
_lsa_open_secret failed with 0xc0000022
and to log.netlogon:
TODO: verify that the rid exists
TODO: verify that the rid exists
(which I didn't think were significant)
Then I try to logon to the NT domain as my "standard domain user" and I
get:
"The system cannot log you on to this domain because the system's computer
account in its primary domain is missing or the password on that account
is incorrect."
I checked and the machine account IS listed in the smbpasswd file, so I'm
a bit lost.
Anyone have any ideas/suggestions on what I might be doing wrong?
Thanks.
Sean
------------------------------------------
Sean E. Millichamp, Consultant
Ingematics - A Division of Compu-Aid, Inc.
More information about the samba-ntdom
mailing list