Samba CVS + WinXP
John H Terpstra
jht at samba.org
Mon Jun 16 08:06:22 GMT 2003
On Mon, 16 Jun 2003, Alex Murphy wrote:
> Hello !!! im compile and configure Samba CVS (samba 3.0beta2) as PDC, in
> config samba used ldap, connections and addons mashine in samba domain all
> ok. login in winxp is bad, smbd.log error:
>
> [2003/06/16 10:50:14, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1339)
> Invalid auth info 68 or level 5 on schannel
> [2003/06/16 10:50:14, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(605)
> process_request_pdu: failed to do schannel processing.
Looks like you are using WinXP or Win2K. Also looks like your client is
not configured to do schannel support. If my hunch is correct, then you
are using WinXP SP1.
Logon as the local machine administrator, launch the MMC console and edit
"Local Security Policy". In there you will find a registry entry called:
"Network: Digitally sign secure channel data (when possible)"
You will likely find that it is set to Disabled. Change that to Enabled,
and the error may go away. Please let me know what you find.
- John T.
>
> smb.conf:
> [global]
> client schannel = 1
> server schannel = 1
> admin users = Administrator
> idmap only = no
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> guest account = smbguest
> dos charset = 866
> unix charset = KOI8-R
> passdb backend = ldapsam:ldap://192.168.1.4/
> ldap suffix = o=sgtp,dc=ru
> ldap admin dn = cn=Manager
> log level = 1
> ldap ssl = no
> workgroup = murphy
> netbios name = mmm
> comment = Linux RedHat Samba Server
> security = user
> null passwords = Yes
> encrypt passwords = yes
> logon drive = U:
> logon path = \\%N\profiles$\%u
> domain master = yes
> domain logons = yes
> preferred master = yes
> os level = 255
> wins support = yes
> log file = /usr/local/samba/var/log.%m
> public = Yes
> browseable = yes
> writable = No
>
> ; necessary share for domain controller
> [netlogon]
> path = /usr/local/samba/lib/netlogon
> locking = no
> read only = yes
> write list = ntadmin root
>
>
>
> please help me.....
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba-technical
mailing list