ntlm_auth only works with PDC?

Andrew Bartlett abartlet at samba.org
Fri Jan 9 21:19:58 GMT 2004

On Fri, Jan 09, 2004 at 05:58:51AM -0600, Dave Augustus wrote:
> Comments embedded....
> On Wed, 2004-01-07 at 15:59, Andrew Bartlett wrote:
> > On Wed, Jan 07, 2004 at 11:32:57AM -0600, Dave Augustus wrote:
> > > Hello fellow listers,
> > > 
> > > Using Samba V3 ntlm_auth with Squid2.5stable4, does it require that the
> > > password server in smb.conf be the PDC all the time?
> > > 
> > > I tried to put all the DC's (both PDC and the 3 BDCs) in smb.conf but we
> > > got an auth popups very often. When I switched it back to ONLY the PDC,
> > > the problem seems greatly reduced (although the auth popups do still
> > > occur, though not as often).
> > 
> > the whole point of the BDC is to be in sync with the PDC.  What is
> > your PDC/BDC setup?  What are the errors that cause the auth popups?
> > (add -d3 to your ntlm_auth config line)
> > 
> Would this show up in my log.winbindd?
> I am seeing "connection refused on port 445" of our PDC in the winbind
> log. It is a W2K server without AD. This doesn't sound normal but if it
> is broken, how do I fix it? why would they be refeused?

What exactly do you mean by 'a win2k PDC without AD'?.  Also,
connection refused to port 445 on any win2k machine is very odd, it
means you have disabled 'naked mode' (as crh like to call it).  That
is, you have configured your network ot only use the old
netbios-over-tcp, ie port 139.  This should not affect operations
however, we just fall back.

Andrew Bartlett

More information about the samba-technical mailing list