[Samba] Problem authenticating with Samba (security=domain) + Windows 2000 PDC
Javier Castillo Alcibar
javier.castillo at euroview-spain.com
Mon Dec 16 17:20:01 GMT 2002
I'm doing more tests.....with the Microsoft Network Monitor, I
capture a packet which contains:
.......................
TCP: .AP..., len: 438, seq:3042228556-3042228994, ack:3265237668,
win:64240, src: 445 dst:35027
NBT: SS: Session Message, Len: 434
SMB: R transact - NT error, System, Warning, Code = (5)
STATUS_BUFFER_OVERFLOW
MSRPC: c/o RPC Response: call 0x4 context 0x0 hint 0x16C cancels
0x0
R_LOGON: RPC Server response logon:NetrLogonSamLogon(..)
R_LOGON: PNETLOGON_AUTHENTICATOR ReturnAuthenticator {..}
R_LOGON: NETLOGON_CREDENTIAL Credential {..}
R_LOGON: DWORD timestamp = 1040057871 (0x3DFE060F)
R_LOGON: PNETLOGON_VALIDATION ValidationInformation {..}
R_LOGON: Switch Value = 3 (0x3)
R_LOGON: PNETLOGON_VALIDATION_SAM_INFO2 ValidationSam2
{..}
R_LOGON: OLD_LARGE_INTEGER LogonTime {..}
.........................
.........................
so, is possible that samba fails to interpret the pdc's answer
because of the smb warning??
Thx a lot.
Javier.
-----Mensaje original-----
De: Javier Castillo Alcibar
Enviado el: lunes 16 de diciembre de 2002 8:33
Para: 'John H Terpstra'
CC: 'samba at lists.samba.org'
Asunto: RE: [Samba] Problem authenticating with Samba (security=domain)
+ Windows 2000 PDC
Sure, I did it without problem.....
-----Mensaje original-----
De: John H Terpstra [mailto:jht at samba.org]
Enviado el: viernes, 13 de diciembre de 2002 18:44
Para: Javier Castillo Alcibar
CC: samba at lists.samba.org
Asunto: Re: [Samba] Problem authenticating with Samba (security=domain)
+ Windows 2000 PDC
On Fri, 13 Dec 2002, Javier Castillo Alcibar wrote:
> I'd set up my samba 2.2.7 to auth with "security=domain" mode, but my
> clients cannot auth successfully never because the samba server cannot
> "talk" correctly with my PDC(w2k adv. Server).
>
> In the computer manager event, I see authentication request but with
> empty usernames......so the PDC reject the authentication request.
Did you use "smbpasswd -j mydomain -r pdc_name" to join the domain?
> Is this a know behaviour??
Yes, if your samba server did not join the domain.
> Here is my config:
> [global]
> workgroup = MYDOMAIN
> netbios name = DEBIANXFS
> server string = %h server (Samba %v)
> guest account = nobody
> invalid users = root
> security = domain
> max log size = 100000
> password server = *
> syslog = 0
> encrypt passwords = Yes
> socket options = TCP_NODELAY
> wins support = no
> wins server = 192.168.4.12
> dns proxy = yes
> name resolve order = wins lmhosts host bcast
> unix password sync = false
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n .
> pam password change = no
> obey pam restrictions = yes
> winbind uid = 10000-20000
> winbind gid = 10000-20000
> winbind use default domain = yes
- John T.
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list