Samba - NT Terminal Server error

Smith, Michael Michael.Smith at state.me.us
Tue Feb 8 16:12:34 GMT 2000 

Hi all,

I have a Dell PowerEdge 6300 running Windows NT Server 4.0, Terminal   
Server Edition (SP5) + Citrix MetaFrame 1.8.  We are running Samba 2.0.4   
on a Sun Enterprise 4500 with Solaris 7.  The smb.conf specifies   
server-based authentication, and specifies the Terminal Server as the   
password server.  The users are not allowed to directly log on to the Sun   
box, so on that server they all share a common cryptic password which   
only I know.  They access applications on the Terminal Server which use   
the Samba share to store project files and data, which they access with   
their own personal passwords.  The applications are 'published'   
applications, which start in the Samba share (so when the user clicks on   
the 'open' button, it starts in the share, not on a local NT drive).  I   
have an intermittent problem with authentication however, which I can't   
resolve (hope you can help).  Occasionally, when a user starts the   
application, it responds with an error message stating 'invalid password   
 - failing component //depsuna/workspace' (happens about 5% of the time).   
 When this happens, if I look at the smbd processes (ps -ef | grep smbd),   
I can kill all those owned by root except the parent process and it's   
fixed.  However, this screws up the other users currently connected via   
Samba and therefore is not effective (if no other users are on the system   
I can effectively fix it this way).  Clearly, this is not a viable   
solution for that reason (plus I have to babysit it).  This also   
manifests itself in another way, when users map a drive from their PC to   
the server it responds with the 'invalid password' and prompts the user   
for a different password (even though they one they've entered IS   
correct).  In this case, it will continue to prompt for a password and   
never connect until the user logs off and I kill the child processes.  If   
I enable security auditing on the NT side I see in the Event Viewer that   
authentication happens 4 times for each successful logon -

fails once logging on to Terminal Server
succeeds logging on to Terminal Server
fails once authenticating samba share
succeeds authenticating samba share

The log file offers no help, for when this fails it apparently doesn't   
log any activity (since the service was never started).  For example a   
user complained of this behavior this morning (Feb. 8), yet there are no   
entries of any kind for this morning in log.smb or the user's log   
(log.%m).

My smb.conf file is below (minus all the comments for brevity).

 ---------------
Michael Smith
GIS Unit
Maine Department of Environmental Protection
207-287-4292
michael.smith at state.me.us

#======================= Global Settings
[global]

workgroup = GIS
server string = Sun E4500 Server
log file = /var/log/samba/log.%m
max log size = 50
security = server
password server = termserver
socket options = TCP_NODELAY
dns proxy = no

#============================ Share Definitions

[data1]
comment = /data1
path = /data1
valid users = @gisstaff
browsable = yes
writable = yes
create mode = 0777
directory mode = 0777

[workspace]
comment = user workspaces
path = /data6/work
browsable = yes
writable = yes
create mode = 0777
directory mode = 0777

More information about the samba mailing list