Authentication of non-Domain joined clients with Samba 3.6.12+ joined to W2K12 fails with ACCESS DENIED

Richard Sharpe realrichardsharpe at
Thu May 8 11:53:40 MDT 2014

Hi folks,

Does anyone know what is going on here.

Non-domain-joined client. Samba 3.6.12+ and W2K12 server.

Winbindd says this:

[2014/05/07 15:13:33.936864,  1]
       netr_LogonSamLogonEx: struct netr_LogonSamLogonEx
          out: struct netr_LogonSamLogonEx
              validation               : *
                  validation               : union netr_Validation(case 6)
                  sam6                     : NULL
              authoritative            : *
                  authoritative            : 0x00 (0)
              flags                    : *
                  flags                    : 0x00000000 (0)
              result                   : NT_STATUS_ACCESS_DENIED

Is it possible that they are configured for too high an encryption level for us?

I know that the credentials are good, because I can use rpcclient with
those credentials againts the DC.

Richard Sharpe

More information about the samba-technical mailing list