Ziemann szi at khs-ag.de
Wed Oct 27 18:08:27 GMT 1999


I have a problem with the NT domain password validation.

When I define a user a local Unix user with the same name like the Windows user the password
validation works fine:

[1999/10/27 19:52:19, 1] smbd/service.c:make_connection(488)
  miriam ( connect to service fax as user lp (uid=4, gid=501) (pid 18676)

The above service fax was configured with

  force user = lp

Because of this I had the idea that the local Unix user definition must not be necessary,
because the UID is forced and the password will be checked by the NT domain controller.
So I removed the local user from passwd and now I get this error:

[1999/10/27 19:52:58, 0] smbd/service.c:make_connection(285)
  Couldn't find account ziemann
[1999/10/27 19:53:02, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(371)
  cli_net_sam_logon: NT_STATUS_WRONG_PASSWORD
[1999/10/27 19:53:02, 0] smbd/password.c:domain_client_validate(1365)
  domain_client_validate: unable to validate password for user ziemann in domain KHSWNT01 to Domain controller DOZITS06. Error was NT_STATUS_WRONG_PASSWORD.

The first warning is ok, because the user does not exists, but who cares, when the user
is forced to lp?  But the second and third log must be nonsens, because I did not changed
anything on the PDC.

So my question:  Why do I need the user in /etc/passwd and why are the error messages
completely wrong?


More information about the samba mailing list