NT Always prompting for User-ID/Password

Patrick Van de Casteele casteepa at se.bel.alcatel.be
Tue Jul 20 13:22:42 GMT 1999 

Hi Folks,

I've been trying to find a solution for this, but can't seem to find it
in the doumentation, nor in the lists.

We're running Samba-2.0.4b on Solaris 2.6. My smb.conf is included here:

[global]
        server string = Test Server, Samba %v
        workgroup = <Workgroup Name>
        printing = sysv
        browseable = yes
        debuglevel = 2
        netbios name = <Server name>
        remote announce = <IP-Address of PDC>/<Domain name>
        wins server = <IP-Address of WINS>
        log file = /var/adm/samba/log.smb.%U
        max log size = 50
        security = user
        encrypt passwords = no
        update encrypted = yes
        smb passwd file = /opt/samba/private/smbpasswd
        include = /opt/samba/lib/smb.conf.%L
[homes]
        comment = Home Directory
        browseable = no
        guest ok = no
        read only = no
        create mode = 0755
[printers]
        postscript = Yes
        printable = Yes
        public = No

Samba was compiled with the options --prefix=/opt/samba-2.0.4b
--with-syslog, and I link /opt/samba to /opt/samba-2.0.4b (or more
accurately, the latest production version in use).

Our clients are all NT WS 4.0 (minimum SP3, upgrading all to SP4
shortly, with some SP5) in a domain, located across 2 subnets, the PDC
(which is also WINS) located in the subnet other than the Samba Servers.

When a user connects to a share (e.g. his home-directory, but it also
happens on other shares), NT will always prompt for a user-id/password
combination, even when that user-id and password are the same as on
Unix.

Is there a way around this? The only way out seems to be to have the
PDC/BDC validate the users, but that's something I'd like to avoid if
possible.

Also, I used to have security=share, and no encrypted passwords.
The security=user is OK by me, but if we could avoid the prompting with
plain-text passwords, that would be a benefit (although I think it isn't
possible if I interpreted everything correctly).

Thanks in advance for any input.

Kind regards,

Patrick.

-- 
   ______   Patrick Van de Casteele - UNIX & NT System Administrator
   \    /   Alcatel - Switching & Routing Division - VJ93
    \  /    F. Wellesplein 1, B-2018 Antwerp, Belgium
     \/     Phone: +32-(0)3-240.44.62        Fax: +32-(0)3-240.99.49

More information about the samba mailing list