[Samba] authentication question: NT4 PDC, Win2k clients

Bill Earl bearl at bestbill.com
Mon Dec 30 20:19:01 GMT 2002

Hello everyone!

I'm having a strange issue with Samba. Here's the setup:

WindowsNT 4 PDC
Windows 2000 clients.
Samba 2.2.7 on a Mandrake 9 system that has successfully joined the domain and is visible when the client systems browse the network. (config files and error log samples below)

The problem is getting the Win2k clients to authenticate when they try to connect to shares that aren't open to everyone. The Samba machine does appear to be communicating with the NT4 PDC, but it appears that the clients are sending a user name with the domain name added to the front of the actual user name (or Samba is sending it that way to the PDC anyway).  So if there's a user named "bearl" in the domain "pc-alpha," the Samba system is checking with the domain controller for a user named "pc-alphabearl" and the PDC correctly replies that there is no user by that name.

Does anyone have any suggestions for what could be causing this and how to fix it?

Thanks very much!

<error recorded in /var/log/messages>
Dec 30 13:31:38 dganger rmbd[2314]: domain_client_validate: unable to validate password for user pc-alphabearl in domain PC-ALPHA to Domain controller *. Error was NT_STATUS_NO_SUCH_USER.

<smb.conf file>
 workgroup = PC-ALPHA
 netbios name = DGANGER
 server string = Samba Server %v
 security = DOMAIN
 encrypt passwords = Yes
 password server = *
 pam password change = Yes
 add user script = /usr/sbin/useradd -s /sbin/false %u
 log file = /var/log/samba/log.%m
 max log size = 150
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 printcap name = lpstat
 local master = No
 dns proxy = No
 remote announce =
 winbind separator = +
 winbind cache time = 10
 template shell = /bin/bash
 template homedir = /home/%D/%U
 winbind uid = 10000-20000
 winbind gid = 10000-20000
 winbind use default domain = Yes
 printing = cups

 comment = Main file share
 path = /storage/sharedvolume
 public = Yes
 writable = Yes
 guest ok = Yes
 printable = No
 hide dot files = Yes
 browseable = Yes

 comment = Test folder for Bill
 path = /storage/bill
 valid users = bearl
 public = No
 writeable = Yes
 printable = No
 hide dot files = No
 browseable = Yes
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba mailing list