[WinXP & Updates] Problems with machine SAM LOGON due to empty "Unicode user name"?
Axel Thimm
Axel.Thimm at alfabet.de
Fri Mar 1 10:38:03 GMT 2002
Dear all,
a (german) WinXP with all current Microsoft updates cannot authenticate
against our Samba PDC (rather recent CVS), while W2K and other (german) WinXP
machines have no problem. So I believe the problem lies in recent updates from
Microsoft :(
[WinXP registry settings are fine, Unix passwd/smbpasswd machine accounts are
created etc.]
The symptom is not beeing able to logon on WinXP members ("due to problems
locating the domain controler or the machine account" ... freestanding
translation).
Looking at the exchanged packets (ethereal) I see the following happen:
- WinXP sends a "SAM LOGON request from client" trying to authenticate the
machine account
- Samba sends an "SAM Response - user unknown"
(this happens twice)
The difference between a successful W2K/WinXP logon and the one with the
failure is the missing "Unicode user name". There one usually finds the
machine name with a $ attached. Now there is nothing in this field (my
computers name is AXEL):
> Microsoft Windows Logon Protocol
> Command: 18 (SAM LOGON request from client)
> Request Count = 0
> Unicode Computer Name: AXEL
> Unicode User Name:
(see als attached output from tethereal -V)
I think that Samba probably checks against the field "Unicode User Name:" and
therefore fails to authenticate the machine account proper.
Is this a know problem? Can I "fix" WinXP to send the right User Name, or will
Samba have to adopt once again :(
I'm willing to test any patch you throw at me ...
Best Regards, Axel.
--
Axel.Thimm at alfabet.de
-------------- next part --------------
Frame 1 (271 on wire, 271 captured)
Arrival Time: Mar 1, 2002 18:14:14.9309
Time delta from previous packet: 0.000000 seconds
Time relative to first packet: 0.000000 seconds
Frame Number: 1
Packet Length: 271 bytes
Capture Length: 271 bytes
Ethernet II
Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Source: 00:50:56:07:e7:07 (VMware_07:e7:07)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 257
Identification: 0x00c3
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x2660 (correct)
Source: axel.berlin.alfabet (192.168.200.120)
Destination: broadcast.berlin.alfabet (192.168.200.255)
User Datagram Protocol
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 237
Checksum: 0xbbd2 (correct)
NetBIOS Datagram Service
Message Type: Direct_group datagram
More fragments follow: No
This is first fragment: Yes
Node Type: P node
Datagram ID: 0x8023
Source IP: axel.berlin.alfabet (192.168.200.120)
Source Port: 138
Datagram length: 215 bytes
Packet offset: 0 bytes
Source name: AXEL <00> (Workstation/Redirector)
Destination name: ALFABET <1c> (Domain Controllers)
SMB (Server Message Block Protocol)
Message Type: 0xFF
Server Component: SMB
SMB Command: SMBtrans (0x25)
Error Class: Success
Reserved: 0
Error Code: No Error
Flags: 0x00
.... ...0 = Lock&Read, Write&Unlock not supported
.... ..0. = Receive buffer not posted
.... 0... = Path names case sensitive
...0 .... = Pathnames not canonicalized
..0. .... = OpLocks not requested/granted
.0.. .... = Notify open only
0... .... = Request to server
Flags2: 0x0000
.... .... .... ...0 = Long file names not supported
.... .... .... ..0. = Extended attributes not supported
.... .... .... .0.. = Security signatures not supported
.... 0... .... .... = Extended security negotiation not supported
...0 .... .... .... = Don't resolve pathnames with DFS
..0. .... .... .... = Don't permit reads if execute-only
.0.. .... .... .... = Error codes are DOS error codes
0... .... .... .... = Strings are ASCII
Reserved: 6 WORDS
Network Path/Tree ID (TID): 0 (0000)
Process ID (PID): 0 (0000)
User ID (UID): 0 (0000)
Multiplex ID (MID): 0 (0000)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 55
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved1: 0
Flags: 0x00
.... .... .... ...0 = Dont disconnect TID
.... .... .... ..0. = Two way transaction
Timeout: 1000
Reserved2: 0
Parameter Count: 0
Parameter Offset: 0
Data Count: 55
Data Offset: 92
Setup Count: 3
Reserved3: 0
Setup1: 1
Setup2: 1
Setup3: 2
Byte Count (BCC): 78
Transact Name: \MAILSLOT\NET\NETLOGON
SMB MailSlot Protocol
Op code: 1 (Write Mail slot)
Priority of transaction: 1
Class: 2 (Unreliable & Broadcast)
Total size of mail data: 78
Mailslot Name: \MAILSLOT\NET\NETLOGON
Microsoft Windows Logon Protocol
Command: 18 (SAM LOGON request from client)
Request Count = 0
Unicode Computer Name: AXEL
Unicode User Name:
Mailslot Name: \MAILSLOT\NET\GETDC170
Account control = 0x0000
.... .... .... .... .... .0.. .... .... = User account not auto-locked
.... .... .... .... .... ..0. .... .... = User password will expire
.... .... .... .... .... ...0 .... .... = Not a Server Trust user account
.... .... .... .... .... .... 0... .... = Not a Workstation Trust user account
.... .... .... .... .... .... .0.. .... = Not an Inter-domain Trust user account
.... .... .... .... .... .... ..0. .... = Not a MNS Logon user account
.... .... .... .... .... .... ...0 .... = Not a Normal user account
.... .... .... .... .... .... .... 0... = Not a temp duplicate user account
.... .... .... .... .... .... .... .0.. = User password required
.... .... .... .... .... .... .... ..0. = User home directory required
.... .... .... .... .... .... .... ...0 = User account disabled
Domain SID Size = 0
Frame 2 (271 on wire, 271 captured)
Arrival Time: Mar 1, 2002 18:14:14.9310
Time delta from previous packet: 0.000057 seconds
Time relative to first packet: 0.000057 seconds
Frame Number: 2
Packet Length: 271 bytes
Capture Length: 271 bytes
Ethernet II
Destination: 00:e0:81:04:c8:e2 (Tyan_04:c8:e2)
Source: 00:50:56:07:e7:07 (VMware_07:e7:07)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 257
Identification: 0x00c4
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x2748 (correct)
Source: axel.berlin.alfabet (192.168.200.120)
Destination: fs1.berlin.alfabet (192.168.200.22)
User Datagram Protocol
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 237
Checksum: 0xbcbb (correct)
NetBIOS Datagram Service
Message Type: Direct_group datagram
More fragments follow: No
This is first fragment: Yes
Node Type: P node
Datagram ID: 0x8023
Source IP: axel.berlin.alfabet (192.168.200.120)
Source Port: 138
Datagram length: 215 bytes
Packet offset: 0 bytes
Source name: AXEL <00> (Workstation/Redirector)
Destination name: ALFABET <1c> (Domain Controllers)
SMB (Server Message Block Protocol)
Message Type: 0xFF
Server Component: SMB
SMB Command: SMBtrans (0x25)
Error Class: Success
Reserved: 0
Error Code: No Error
Flags: 0x00
.... ...0 = Lock&Read, Write&Unlock not supported
.... ..0. = Receive buffer not posted
.... 0... = Path names case sensitive
...0 .... = Pathnames not canonicalized
..0. .... = OpLocks not requested/granted
.0.. .... = Notify open only
0... .... = Request to server
Flags2: 0x0000
.... .... .... ...0 = Long file names not supported
.... .... .... ..0. = Extended attributes not supported
.... .... .... .0.. = Security signatures not supported
.... 0... .... .... = Extended security negotiation not supported
...0 .... .... .... = Don't resolve pathnames with DFS
..0. .... .... .... = Don't permit reads if execute-only
.0.. .... .... .... = Error codes are DOS error codes
0... .... .... .... = Strings are ASCII
Reserved: 6 WORDS
Network Path/Tree ID (TID): 0 (0000)
Process ID (PID): 0 (0000)
User ID (UID): 0 (0000)
Multiplex ID (MID): 0 (0000)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 55
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved1: 0
Flags: 0x00
.... .... .... ...0 = Dont disconnect TID
.... .... .... ..0. = Two way transaction
Timeout: 1000
Reserved2: 0
Parameter Count: 0
Parameter Offset: 0
Data Count: 55
Data Offset: 92
Setup Count: 3
Reserved3: 0
Setup1: 1
Setup2: 1
Setup3: 2
Byte Count (BCC): 78
Transact Name: \MAILSLOT\NET\NETLOGON
SMB MailSlot Protocol
Op code: 1 (Write Mail slot)
Priority of transaction: 1
Class: 2 (Unreliable & Broadcast)
Total size of mail data: 78
Mailslot Name: \MAILSLOT\NET\NETLOGON
Microsoft Windows Logon Protocol
Command: 18 (SAM LOGON request from client)
Request Count = 0
Unicode Computer Name: AXEL
Unicode User Name:
Mailslot Name: \MAILSLOT\NET\GETDC170
Account control = 0x0000
.... .... .... .... .... .0.. .... .... = User account not auto-locked
.... .... .... .... .... ..0. .... .... = User password will expire
.... .... .... .... .... ...0 .... .... = Not a Server Trust user account
.... .... .... .... .... .... 0... .... = Not a Workstation Trust user account
.... .... .... .... .... .... .0.. .... = Not an Inter-domain Trust user account
.... .... .... .... .... .... ..0. .... = Not a MNS Logon user account
.... .... .... .... .... .... ...0 .... = Not a Normal user account
.... .... .... .... .... .... .... 0... = Not a temp duplicate user account
.... .... .... .... .... .... .... .0.. = User password required
.... .... .... .... .... .... .... ..0. = User home directory required
.... .... .... .... .... .... .... ...0 = User account disabled
Domain SID Size = 0
Frame 3 (256 on wire, 256 captured)
Arrival Time: Mar 1, 2002 18:14:14.9311
Time delta from previous packet: 0.000083 seconds
Time relative to first packet: 0.000140 seconds
Frame Number: 3
Packet Length: 256 bytes
Capture Length: 256 bytes
Ethernet II
Destination: 00:50:56:07:e7:07 (VMware_07:e7:07)
Source: 00:e0:81:04:c8:e2 (Tyan_04:c8:e2)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 242
Identification: 0x0000
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x281b (correct)
Source: fs1.berlin.alfabet (192.168.200.22)
Destination: axel.berlin.alfabet (192.168.200.120)
User Datagram Protocol
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 222
Checksum: 0x8451 (correct)
NetBIOS Datagram Service
Message Type: Direct_unique datagram
More fragments follow: No
This is first fragment: Yes
Node Type: M node
Datagram ID: 0x1386
Source IP: fs1.berlin.alfabet (192.168.200.22)
Source Port: 138
Datagram length: 214 bytes
Packet offset: 0 bytes
Source name: FS1 <00> (Workstation/Redirector)
Destination name: AXEL <00> (Workstation/Redirector)
SMB (Server Message Block Protocol)
Message Type: 0xFF
Server Component: SMB
SMB Command: SMBtrans (0x25)
Error Class: Success
Reserved: 0
Error Code: No Error
Flags: 0x00
.... ...0 = Lock&Read, Write&Unlock not supported
.... ..0. = Receive buffer not posted
.... 0... = Path names case sensitive
...0 .... = Pathnames not canonicalized
..0. .... = OpLocks not requested/granted
.0.. .... = Notify open only
0... .... = Request to server
Flags2: 0x0000
.... .... .... ...0 = Long file names not supported
.... .... .... ..0. = Extended attributes not supported
.... .... .... .0.. = Security signatures not supported
.... 0... .... .... = Extended security negotiation not supported
...0 .... .... .... = Don't resolve pathnames with DFS
..0. .... .... .... = Don't permit reads if execute-only
.0.. .... .... .... = Error codes are DOS error codes
0... .... .... .... = Strings are ASCII
Reserved: 6 WORDS
Network Path/Tree ID (TID): 0 (0000)
Process ID (PID): 0 (0000)
User ID (UID): 0 (0000)
Multiplex ID (MID): 0 (0000)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 40
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved1: 0
Flags: 0x00
.... .... .... ...0 = Dont disconnect TID
.... .... .... ..0. = Two way transaction
Timeout: 0
Reserved2: 0
Parameter Count: 0
Parameter Offset: 0
Data Count: 40
Data Offset: 92
Setup Count: 3
Reserved3: 0
Setup1: 1
Setup2: 1
Setup3: 2
Byte Count (BCC): 57
Transact Name: \MAILSLOT\NET\GETDC170
SMB MailSlot Protocol
Op code: 1 (Write Mail slot)
Priority of transaction: 1
Class: 2 (Unreliable & Broadcast)
Total size of mail data: 57
Mailslot Name: \MAILSLOT\NET\GETDC170
Microsoft Windows Logon Protocol
Command: 21 (SAM Response - user unknown)
Data (38 bytes)
Frame 4 (256 on wire, 256 captured)
Arrival Time: Mar 1, 2002 18:14:14.9312
Time delta from previous packet: 0.000083 seconds
Time relative to first packet: 0.000223 seconds
Frame Number: 4
Packet Length: 256 bytes
Capture Length: 256 bytes
Ethernet II
Destination: 00:50:56:07:e7:07 (VMware_07:e7:07)
Source: 00:e0:81:04:c8:e2 (Tyan_04:c8:e2)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 242
Identification: 0x0000
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x281b (correct)
Source: fs1.berlin.alfabet (192.168.200.22)
Destination: axel.berlin.alfabet (192.168.200.120)
User Datagram Protocol
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 222
Checksum: 0x8450 (correct)
NetBIOS Datagram Service
Message Type: Direct_unique datagram
More fragments follow: No
This is first fragment: Yes
Node Type: M node
Datagram ID: 0x1387
Source IP: fs1.berlin.alfabet (192.168.200.22)
Source Port: 138
Datagram length: 214 bytes
Packet offset: 0 bytes
Source name: FS1 <00> (Workstation/Redirector)
Destination name: AXEL <00> (Workstation/Redirector)
SMB (Server Message Block Protocol)
Message Type: 0xFF
Server Component: SMB
SMB Command: SMBtrans (0x25)
Error Class: Success
Reserved: 0
Error Code: No Error
Flags: 0x00
.... ...0 = Lock&Read, Write&Unlock not supported
.... ..0. = Receive buffer not posted
.... 0... = Path names case sensitive
...0 .... = Pathnames not canonicalized
..0. .... = OpLocks not requested/granted
.0.. .... = Notify open only
0... .... = Request to server
Flags2: 0x0000
.... .... .... ...0 = Long file names not supported
.... .... .... ..0. = Extended attributes not supported
.... .... .... .0.. = Security signatures not supported
.... 0... .... .... = Extended security negotiation not supported
...0 .... .... .... = Don't resolve pathnames with DFS
..0. .... .... .... = Don't permit reads if execute-only
.0.. .... .... .... = Error codes are DOS error codes
0... .... .... .... = Strings are ASCII
Reserved: 6 WORDS
Network Path/Tree ID (TID): 0 (0000)
Process ID (PID): 0 (0000)
User ID (UID): 0 (0000)
Multiplex ID (MID): 0 (0000)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 40
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved1: 0
Flags: 0x00
.... .... .... ...0 = Dont disconnect TID
.... .... .... ..0. = Two way transaction
Timeout: 0
Reserved2: 0
Parameter Count: 0
Parameter Offset: 0
Data Count: 40
Data Offset: 92
Setup Count: 3
Reserved3: 0
Setup1: 1
Setup2: 1
Setup3: 2
Byte Count (BCC): 57
Transact Name: \MAILSLOT\NET\GETDC170
SMB MailSlot Protocol
Op code: 1 (Write Mail slot)
Priority of transaction: 1
Class: 2 (Unreliable & Broadcast)
Total size of mail data: 57
Mailslot Name: \MAILSLOT\NET\GETDC170
Microsoft Windows Logon Protocol
Command: 21 (SAM Response - user unknown)
Data (38 bytes)
Frame 5 (255 on wire, 255 captured)
Arrival Time: Mar 1, 2002 18:14:23.4606
Time delta from previous packet: 8.529481 seconds
Time relative to first packet: 8.529704 seconds
Frame Number: 5
Packet Length: 255 bytes
Capture Length: 255 bytes
Ethernet II
Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Source: 00:50:56:07:e7:07 (VMware_07:e7:07)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 241
Identification: 0x00c5
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x266e (correct)
Source: axel.berlin.alfabet (192.168.200.120)
Destination: broadcast.berlin.alfabet (192.168.200.255)
User Datagram Protocol
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 221
Checksum: 0x52d6 (correct)
NetBIOS Datagram Service
Message Type: Direct_group datagram
More fragments follow: No
This is first fragment: Yes
Node Type: P node
Datagram ID: 0x8024
Source IP: axel.berlin.alfabet (192.168.200.120)
Source Port: 138
Datagram length: 199 bytes
Packet offset: 0 bytes
Source name: AXEL <20> (Server service)
Destination name: ALFABET <1d> (Local Master Browser)
SMB (Server Message Block Protocol)
Message Type: 0xFF
Server Component: SMB
SMB Command: SMBtrans (0x25)
Error Class: Success
Reserved: 0
Error Code: No Error
Flags: 0x00
.... ...0 = Lock&Read, Write&Unlock not supported
.... ..0. = Receive buffer not posted
.... 0... = Path names case sensitive
...0 .... = Pathnames not canonicalized
..0. .... = OpLocks not requested/granted
.0.. .... = Notify open only
0... .... = Request to server
Flags2: 0x0000
.... .... .... ...0 = Long file names not supported
.... .... .... ..0. = Extended attributes not supported
.... .... .... .0.. = Security signatures not supported
.... 0... .... .... = Extended security negotiation not supported
...0 .... .... .... = Don't resolve pathnames with DFS
..0. .... .... .... = Don't permit reads if execute-only
.0.. .... .... .... = Error codes are DOS error codes
0... .... .... .... = Strings are ASCII
Reserved: 6 WORDS
Network Path/Tree ID (TID): 0 (0000)
Process ID (PID): 0 (0000)
User ID (UID): 0 (0000)
Multiplex ID (MID): 0 (0000)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 45
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved1: 0
Flags: 0x00
.... .... .... ...0 = Dont disconnect TID
.... .... .... ..0. = Two way transaction
Timeout: 1000
Reserved2: 0
Parameter Count: 0
Parameter Offset: 0
Data Count: 45
Data Offset: 86
Setup Count: 3
Reserved3: 0
Setup1: 1
Setup2: 0
Setup3: 2
Byte Count (BCC): 62
Transact Name: \MAILSLOT\BROWSE
SMB MailSlot Protocol
Op code: 1 (Write Mail slot)
Priority of transaction: 0
Class: 2 (Unreliable & Broadcast)
Total size of mail data: 62
Mailslot Name: \MAILSLOT\BROWSE
Microsoft Windows Browser Protocol
OpCode: Host Announcement
Update Count: 0
Update Periodicity: 720 Sec
Host Name: AXEL
Major Version: 5
Minor Version: 1
Server Type: 0x11003
.... .... .... .... .... .... .... ...1 = Workstation
.... .... .... .... .... .... .... ..1. = Server
.... .... .... .... .... .... .... .0.. = Not SQL Server
.... .... .... .... .... .... .... 0... = Not Domain Controller
.... .... .... .... .... .... ...0 .... = Not Backup Controller
.... .... .... .... .... .... ..0. .... = Not Time Source
.... .... .... .... .... .... .0.. .... = Not Apple Server
.... .... .... .... .... .... 0... .... = Not Novell Server
.... .... .... .... .... ...0 .... .... = Not Domain Member Server
.... .... .... .... .... ..0. .... .... = Not Print Queue Server
.... .... .... .... .... .0.. .... .... = Not Dialin Server
.... .... .... .... .... 0... .... .... = Not Xenix Server
.... .... .... .... ...1 .... .... .... = NT Workstation
.... .... .... .... ..0. .... .... .... = Not Windows for Workgroups
.... .... .... .... 0... .... .... .... = Not NT Server
.... .... .... ...1 .... .... .... .... = Potential Browser
.... .... .... ..0. .... .... .... .... = Not Backup Browser
.... .... .... .0.. .... .... .... .... = Not Master Browser
.... .... .... 0... .... .... .... .... = Not Domain Master Browser
.... .... ...0 .... .... .... .... .... = Not OSF
.... .... ..0. .... .... .... .... .... = Not VMS
.... .... .0.. .... .... .... .... .... = Not Windows 95 or above
.0.. .... .... .... .... .... .... .... = Not Local List Only
0... .... .... .... .... .... .... .... = Not Domain Enum
Election Version: 15
Signature: 43605 (0xAA55)
Host Comment: WinXP german
More information about the samba-technical
mailing list