Possible bug in 2.0.7?
Bill Grzanich
organix4 at mindspring.com
Wed Jul 19 15:53:55 GMT 2000
Hi.
I'm setting up a Linux server (VA Linux version of Red Hat 6.2, kernel
2.2.14),
and I've installed Samba 2.0.7 from the rpm samba-2.0.7-20000425.i386.rpm,
packager John H Terpstra [Samba Team], build date Wed Apr 26 02:46:34 GMT
2000.
My smb.conf file, and a portion of the log file, are at the end of this
message.
I'm trying to replace a NetWare server, which co-exists with an NT PDC.
I'd like users to authenticate to the NT server, and run a logon script from
the Linux box to map drive letters. I'd also like the NT server to age
passwords, and prompt the users to change their passwords every so many
days.
It seems these are somehow mutually exclusive. I have security = domain.
If
I set domain logons = yes, the user logs in, and the login script runs. The
user can change his NT password, too, from the Windows 98 tools. If, on
the NT server, I check "User Must Change Password at Next Login", then the
user is simply denied access to the network. The Samba log file for that
computer shows "Error was NT_PASSWORD_MUST_CHANGE", but it seems Samba
doesn't
pass this along to the Windows 98 client.
If I change domain logons to No, then the prompts to change the password go
through, but the Linux-based logon scripts don't run.
Am I missing something, or is this the way it's supposed to be?
Also, even though I have scripts defined and built to automatically create
the
Linux accounts "on the fly" a new user is authenticated on the NT domain,
there appears to be no attempt to run them. The new user logs in, but has
no
access to the Linux box. This isn't a real big deal, but would be nice to
have working. Perhaps this feature isn't fully implemented yet? The docs
are
a bit contradictory.
Thanks in advance and sorry for the long message. If there is any other
information you need, please let me know. Thanks very much for a great
product.
-Bill Grzanich
IT Manager
ORGANICS/LaGrange, Inc.
Northbrook, IL
847-480-1800
To make it even longer, here's the relevant part of my smb.conf and log
files:
# Samba config file
#
[global]
workgroup = ORGANICS
netbios name = LINUX02
server string = Samba Server
security = DOMAIN
domain logons = Yes
encrypt passwords = Yes
password server = NTTESTSERVER
passwd program = /usr/bin/passwd
passwd chat = *new password* %n\n *new password* %n\n *success*
unix password sync = Yes
log file = /var/log/samba/log.%m
max log size = 50
add user script = /usr/local/bin/add_user "%u"
delete user script = /usr/local/bin/del_user "%u"
logon script = %m.bat
os level = 0
message command = /usr/bin/linpopup "%f" "%m" %s; rm %s
guest account = guest
hosts allow = localhost, 10.111.1.0/255.255.255.0
print command = lpr -r -P%p %s
printer driver file = /home/samba/printer/printers.def
...
[netlogon]
comment = Share for user logon scripts
path=/home/samba/netlogon
browseable = No
writeable = No
guest ok = No
share modes = No
locking = No
root preexec=/home/samba/netlogon/make_logon_script %m "%U" %a %N
Windows 98 client PC log file:
[2000/07/13 13:50:50, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:50, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:50, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:50, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:50, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:50, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:51, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:51, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:51, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:52, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:52, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:52, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:52, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:52, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:52, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:53, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:53, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:53, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:53, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:53, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:53, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:54, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:54, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:54, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:54, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:54, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:54, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:55, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:55, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:55, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:55, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:55, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:55, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:56, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:56, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:56, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:56, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:56, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:56, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:57, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:57, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:57, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:57, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:57, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:57, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:58, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:58, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:58, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:59, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:59, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:59, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:50:59, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:50:59, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:50:59, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
[2000/07/13 13:51:00, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon(391)
cli_net_sam_logon: NT_STATUS_PASSWORD_MUST_CHANGE
[2000/07/13 13:51:00, 0] smbd/password.c:domain_client_validate(1470)
domain_client_validate: unable to validate password for user michael in
domain ORGANICS to Domain controller NTTESTSERVER. Error was
NT_STATUS_PASSWORD_MUST_CHANGE.
[2000/07/13 13:51:00, 1] smbd/reply.c:reply_sesssetup_and_X(925)
Rejecting user 'michael': authentication failed
More information about the samba
mailing list