schannel bug in winbindd against a Samba DC
Gerald (Jerry) Carter
jerry at samba.org
Sat Jun 11 19:39:07 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
COlker,
After a period of testing (20 minutes of so of smbclient
automated logons), smbd on a Samba DC starts reporting
errors to winbindd running on a member server. Any ideas
on this one ? It doesn't not appear to affect a member
server in an AD domain (security = ads). I have not
tested against security = domain in that case, but since
smbclient is using NTLM authentication, I doubt it makes
any difference.
Is there any known issue with extended session key use ?
cred_create
~ sess_key : 3F62E33B45D3E987
~ stor_cred: 515E7E57C1B68DE3
~ timestamp: 42ab3c0d
~ timecred : 5E9A299AC1B68DE3
~ calc_cred: 556EA84C9F9186BA
cred_assert
~ challenge : BE398F401FBC9454
~ calculated: 556EA84C9F9186BA
credentials check wrong
000000 net_io_r_sam_logon
~ 0000 buffer_creds: 00000000
~ 000004 smb_io_cred
~ 000004 smb_io_chal
~ 0004 data: 00 00 00 00 00 00 00 00
~ 00000c smb_io_utime
~ 000c time: 00000000
~ 0010 switch_value: 0003
~ 000014 net_io_user_info3
~ 0014 ptr_user_info : 00000000
~ 0018 auth_resp : 00000001
~ 001c status : NT_STATUS_INVALID_HANDLE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCqz3bIR7qMdg1EfYRAl92AJ4/ADiBLVkxyn0cO2DjxeLmdjiZ9ACeP3aI
0C4VDPZQVnDCAop4IIVq0E0=
=2exB
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list