Failed Logins (ntang@rga.com)

Steve Weaver sweaver at jump.com
Tue Apr 27 21:11:33 GMT 1999 

Nicholas:

Regarding your problem:

"The SGI server is only serving files, no home directories, no printers (we have separate NT servers for each of those
functions), and it is using "SERVER" level security.  Encryption is on. Guest logins are disabled
...
I'm confused greatly by this - one day, a user's login will work, another day, it'll suddenly stop working.  "

Please read the text document DOMAIN_MEMBER.TXT, that came with the Samba code and try authenticating with  "domain" rather than "server"
In brief here's what you'll do:

1) Run from an NT server or workstation with access to, SRVMGR.EXE and added your Samba machine to the domain. 

2) Edit SMB.CONF [global] section

 [global]

security = domain
encrypt passwords = yes

3) Enter the following from your Samba server's command line:

>./smbpasswd -j  YOUR-NT-DOMAIN -r YOUR-PDC-NAME

I was inspired to try this by reading the article Linux World Article "Doing the NIS/NT Samba"  http://www.linuxworld.com/linuxworld/lw-1998-10/lw-10-samba.html I have Implement "domain" rather than "server" and it works well. 

>From the DOMAIN_MEMBER.TXT here's what tipped me off the to probable cause of your troubles:

"In addition, with "security=server" every Samba daemon on a server has to keep a connection open to the authenticating server for
as long as that daemon lasts. This can drain the connection resources on a Microsoft NT server and cause it to run out of available
connections. With "security =domain", however, the Samba daemons connect to the PDC/BDC only for as long as is necessary to
authenticate the user, and then drop the connection, thus conserving PDC connection resources. "

I hope that resolves your problem.   The best advice I can give you regarding computer systems is to stress the economic benefits of a system and 
don't forget to include intangibles like uptime and reliability.  How much does it cost when a system shuts down.  How much is your company's yearly expenditures 
in licensing/support?  What benefit does your company derive from it.  Being hit across the head by the bottom line inspires more change than some of the
best technical arguments.

Cheers,
Steve

"The  pictures, words, and descriptions of these comments are my own and not PeopleSoft Inc or Major League Baseball."

__________________________________________________________________
Jump! on '99 with FREE calendars and e-mail at http://www.jump.com

More information about the samba mailing list