Security errors in the eventlog

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Fri Sep 28 06:13:02 GMT 2001 

It appears to me that you are using Samba with security = server.  This
means that when a client attempts to access a share on samba, samba is going
to try to get authentication from one of the domain controllers in the NT
domain that you have specified in the 'workgroup='
parameter in the smb.conf file.  If the user gives a bad password, or
misspells his username, then you will see these events in the event log.
Nothing wrong with samba.
Hope this helps,
Don

-----Original Message-----
From: paul.frans.musolf at philips.com
[mailto:paul.frans.musolf at philips.com]
Sent: Friday, September 28, 2001 4:42 AM
To: samba at samba.org
Subject: Security errors in the eventlog



Dear Sirs,

We are using for the integration between UNIX and Windows your Product
samba.
Versions we use are : 2.07 and 1.9.18p10
UNIX version : HP-UX 10.20 and 11.00

We can connect to the samba shares with no problems or error messages.

BUT if we look in the domain controlers event log chapter security we
receive the following message:

Event Type:    Failure Audit
Event Source:  Security
Event Category:     Logon/Logoff
Event ID: 529
Date:          2001-09-28
Time:          9:49:09 AM
User:          NT AUTHORITY\SYSTEM
Computer: IDCSRV01
Description:
Logon Failure:
     Reason:        Unknown user name or bad password
     User Name:     I103455
     Domain:        PHLRSDIDC
     Logon Type:    3
     Logon Process: KSecDD
     Authentication Package:  MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
     Workstation Name:   \\IDCSRV16

I think I have checked every thing.

Do you have any experience what can cause this message ? What is the best
way to debug this kind of problem ??

Thank you for your help in advance.

Regards,


Paulfrans Musolf
Email: paul.frans.musolf at philips.com
Tel: +31 165 577603
Fax: +31 165 577433

International Distribution Centre                                    Philips
Lighting BV
Bredaseweg 203          4705 RN    Roosendaal       The Netherlands






-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list