[Samba] ldap authentification suddenly fails partially
zmoelnig at iem.kug.ac.at
Tue Aug 20 05:35:01 GMT 2002
my systems started to behave weird today.
i am running a debian/linux-fileserver (woody/2.4.18) that exports the
user-homes and acts as a PDC via samba (2.2.4 --with-ldapsam) to my
i am using ldap as authentification database.
everything worked like a charme, until today.
suddenly some users cannot authenticate against the windoze-machines any
other users still work !
-the users exist
-they can log in under unix (against the posixAccount in their LDAP-entry)
-i can do a "smbclient -L \\sambaserver -U faultyuser" and
authentication works !
-when i log into the win-machine with a local account, i can then mount
the user's-directories from the sambaserver. (as would be without the
when such faulty users try to login, they get an error like "i couldn't
authenticate you! check, whether your CAPS-LOCK is pressed...".
This errors flushes promptly after hitting "OK" (i mean: there is not
much file-exchange between PDC and client)
i experimented with my personal account:
1. i could log into windoze machines (like most users)
2. i exported my ldap-entry into a ldif-file
3. i changed things (uid)
4. i could NOT log into windoze with the new username (but still old
5. i deleted the modified ldap-entry and imported the original from the
6. i still cannot log into any windoze machine !
the problem first occured with a person, who's username is 9 characters
long. (and i think, he had never logged into windoze (or linux) before).
so i thought this might have been the problem,
but new test-users i create (with short usernames) won't work too, and
finally my own account became also faulty
any ideas ??
i would have sent log-files, but i don't have a clue about what
log-level to use (these are badly documented). a log level of 10 didn't
really give quite the information i looked for - no errors or the like
(but maybe, i should look again)
More information about the samba