Samba4 as a member server against an NT4 PDC
Richard Sharpe
rsharpe at richardsharpe.com
Fri Apr 1 23:49:17 GMT 2005
On Sat, 2 Apr 2005, Andrew Bartlett wrote:
> > I seem to be able to join the domain OK, and good stuff gets put in the
> > secrets.ldb, but when I connect from a workstation, the samr_LogonSamLogon
> > fails in the NetrServerAuthenticate2 RPC.
>
> I'm presuming that you have set 'auth methods = guest, domain' or
> something like that? It's not like I got around to documenting this
> yet :-)
Yes, I set "auth methods = domain". I guess I can add guest ...
> You have to set 'password server = ncacn_np:server' (it's used as a
> binding string for now). But this much you seem to have got already.
Yeah, I figured that one out :-)
> > We get back ACCESS_DENIED, and Samba tells me that it failed to setup the
> > credentials ...
> >
> > The only interesting thing I can see at this point is that the negotiate
> > flags on the ServerAuthenticate2 are 0x600FFFFF, while another more
> > successful capture I have for an NT4 PDC uses 0x000001FF.
> >
> > Has anyone had success with this?
>
> The negotiate flags are setup for 128 bit, and schannel. I'll have to
> drag out my NT4 image (I tested with win2k3) and see what we mess up -
> it should negotiate down to 56bit, but something else might be wrong.
OK, thanks for the clue ... I will see how far I can get ...
Regards
-----
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
More information about the samba-technical
mailing list