Authentication of non-Domain joined clients with Samba 3.6.12+ joined to W2K12 fails with ACCESS DENIED
Jeremy Allison
jra at samba.org
Thu May 8 15:28:44 MDT 2014
On Thu, May 08, 2014 at 02:24:36PM -0700, Richard Sharpe wrote:
> On Thu, May 8, 2014 at 10:53 AM, Richard Sharpe
> <realrichardsharpe at gmail.com> wrote:
> > Hi folks,
> >
> > Does anyone know what is going on here.
> >
> > Non-domain-joined client. Samba 3.6.12+ and W2K12 server.
> >
> > Winbindd says this:
> >
> > [2014/05/07 15:13:33.936864, 1]
> > ../librpc/ndr/ndr.c:284(ndr_print_function_debug)
> > netr_LogonSamLogonEx: struct netr_LogonSamLogonEx
> > out: struct netr_LogonSamLogonEx
> > validation : *
> > validation : union netr_Validation(case 6)
> > sam6 : NULL
> > authoritative : *
> > authoritative : 0x00 (0)
> > flags : *
> > flags : 0x00000000 (0)
> > result : NT_STATUS_ACCESS_DENIED
> >
> > Is it possible that they are configured for too high an encryption level for us?
> >
> > I know that the credentials are good, because I can use rpcclient with
> > those credentials againts the DC.
>
> By the way, wbinfo -t returns success. The trust password does not
> seem to have changed ...
What does the Windows syslog say ? That might
give you a clue as to why it's failing there..
Jeremy.
More information about the samba-technical
mailing list