[Samba] password server authentication

Systems Administrator sysadmin at gfm.co.uk
Tue Feb 12 12:19:12 GMT 2002 

I have installed Samba 2.2.3a on a Solaris 2.6 box,
and it has been configured with a small smb.conf that
sets security = domain, workgroup = GFMNET, password server = GFMNET01,
I have succesfully joined domain GFMNET (controlled by
GFMNET01).

I can attach to resources anywhere in the domain from
this new box(E250), but any attempt to connect to its
resources results in failed authentication.

I earlier had 2.2.2 running on GFMNET01, but have just upgraded
to 2.2.3a to match that on E250 (in case that was the
problem).  I also previously had "password server = *"
on E250.  It claims (in the log files) that it cannot
find the password server so I specified GFMNET01, and
still have the same error.

I feel that the GFMNET01<Domain Controller> machine needs to authenticate
itself to E250 even though E250 is using GFMNET01 as its' password
server, but how would this be done?  I could be barking
up the wrong tree here... Anybody?


The errors are as follows from running this on E250:
smbclient //e250/SystemReports -U <Valid username>
====Begin snippet====
[2002/02/12 20:00:22, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
   cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2002/02/12 20:00:22, 0] rpc_client/cli_login.c:cli_nt_setup_creds(74)
   cli_nt_setup_creds: auth2 challenge failed
[2002/02/12 20:00:22, 0] 
smbd/password.c:connect_to_domain_password_server(1336)
   connect_to_domain_password_server: unable to setup the PDC credentials 
to machine GFMNET01. Error was : SUCCESS - 0.
[2002/02/12 20:00:22, 0] smbd/password.c:domain_client_validate(1554)
   domain_client_validate: Domain password server not available.
[2002/02/12 20:00:28, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
   cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2002/02/12 20:00:28, 0] rpc_client/cli_login.c:cli_nt_setup_creds(74)
   cli_nt_setup_creds: auth2 challenge failed
[2002/02/12 20:00:28, 0] 
smbd/password.c:connect_to_domain_password_server(1336)
   connect_to_domain_password_server: unable to setup the PDC credentials 
to machine GFMNET01. Error was : SUCCESS - 0.
[2002/02/12 20:00:28, 0] smbd/password.c:domain_client_validate(1554)
   domain_client_validate: Domain password server not available.
====End snippet====

The E250 machine then falls back to using the local smbpasswd file
(verified by different passwords between local and remote smbpasswd
for a valid username).

Any and all comments appreciated...

Con.

More information about the samba mailing list