error when connecting Outlook 2003 to OpenChange/Samba 4 authenticated against Windows Server 2003

[Wolfgang Sourdeau]

Good morning,


I am struggling to authenticate an ol2003 test user against a Samba4 
instance, joined to an AD domain hosted on a Server 2003 machine. While 
sniffing the traffic between Samba 4 and Win2003, I can see that there 
is a encryption negociation, but that the process ends up correctly. 
Also, nothing appears in the Windows event log.

On the Samba side though, I see this in my log:

GSSAPI Connection will have no cryptographic protection
Starting GENSEC mechanism schannel
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
GSSAPI credentials for WOLFOMACHINE$@INVERSE.LOCAL will expire in 36000 secs
Received smb_krb5 packet of length 1300
Received smb_krb5 packet of length 1272
gensec_gssapi: credentials were delegated
GSSAPI Connection will be cryptographically sealed
rpc fault: WERR_ACCESS_DENIED
Starting GENSEC mechanism schannel
wb_irpc_SamLogon_callback called
auth_check_password_recv: winbind authentication for user 
[INVERSE\ocuser] FAILED with error NT_STATUS_RPC_CANNOT_SUPPORT
../auth/ntlmssp/ntlmssp_server.c:462: Checking NTLMSSP password for 
INVERSE\ocuser failed: NT_STATUS_RPC_CANNOT_SUPPORT
../auth/ntlmssp/ntlmssp_server.c:661: Checking NTLMSSP password for 
INVERSE\ocuser failed: NT_STATUS_RPC_CANNOT_SUPPORT
GENSEC mech rejected the incoming authentication at bind_auth3: 
NT_STATUS_RPC_CANNOT_SUPPORT
mapiproxy::mapiproxy_op_ndr_pull
User is not authenticated, cannot process
../source4/rpc_server/dcerpc_server.c:950: Unknown RPC call 0 on 
exchange_ds_rfr
mapiproxy::mapiproxy_op_bind: [session = 0x1] [session server id = 0:0.71]
mapiproxy::mapiproxy_op_bind: [session = 0x1] [session server id = 0x0 
0x47 0x0]
Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'

I have no idea where to look in order to debug this issue. Does a kind 
soul on this list have a clue about what is happening?


Thanks in advance,


Wolfgang