[Samba] HPUX 11.00 & CIFS/9000 Server - Domain authenticatio n problem

Javid Abdul-AJAVID1 AJAVID1 at motorola.com
Thu Jul 25 11:14:02 GMT 2002


can you post your smb.conf

you should set encryption to yes 
and put wins,dc server name in password server paratmeter

-----Original Message-----
From: Cheney, Richard [mailto:Richard.Cheney at infores.com]
Sent: Thursday, July 25, 2002 11:32 AM
To: samba at lists.samba.org
Subject: [Samba] HPUX 11.00 & CIFS/9000 Server - Domain authentication
problem


Hi,

I have been using Samba and CIFS/9000 happily with  security=user for
some time now, for simple read-only filesharing. Three days ago I
decided to get a bit more clever....

I now have a test server and I'm trying to get it to work against our
Win2K PDC (UKNT19), which is running Active Directory in native mode for
our Windows domain UKNT001. The UNIX server (uk209) is HPUX 11.00 and
the CIFS is v2.2a, based on the Samba 2.2.3a source. 

I got it working with security=user, then with security=server, but I
cannot get it working with security=domain. I have added the UNIX server
into the domain using the Active Directory User and Computers plug-in. I
have also added the machine into the domain using "smbpasswd -j UKNT001
-r UKNT19 -Uadministrator%domain_password". 

When I issue "net use Y: \\uk209\tmp" from a WinXP client, I get the
following:

> C:\Documents and Settings\uerrc\Desktop>net use Y: \\uk209\uerrc
> System error 1240 has occurred.
> 
> The account is not authorized to log in from this station.

When I try smbclient from uk209, I get the following:

> root at uk209:/etc/opt/samba> smbclient //uk209/tmp -Uuerrc%beckham7 |
sed 's/^/> /1'
> added interface ip=170.118.131.12 bcast=170.118.131.255
nmask=255.255.255.0     
> session setup failed: NT_STATUS_LOGON_FAILURE


and the /var/opt/samba/log.uk209 has the following lines:

> [2002/07/25 17:26:14, 2] libsmb/namequery.c:(420)

>   Got a positive name query response from 170.118.131.10 (
170.118.131.10 )                                          
> [2002/07/25 17:26:15, 0] rpc_client/cli_netlogon.c:(157)

>   cli_net_auth2: Error NT_STATUS_ACCESS_DENIED

> [2002/07/25 17:26:15, 0] rpc_client/cli_login.c:(74)

>   cli_nt_setup_creds: auth2 challenge failed

> [2002/07/25 17:26:15, 0] smbd/password.c:(1335)

>   connect_to_domain_password_server: unable to setup the PDC
credentials to machine UKNT19. Error was : NT_STATUS_OK.
> [2002/07/25 17:26:15, 0] smbd/password.c:(1554)

>   domain_client_validate: Domain password server not available.

> [2002/07/25 17:26:15, 2] smbd/reply.c:(971)

>   NT Password did not match for user 'uerrc'!

> [2002/07/25 17:26:15, 2] smbd/reply.c:(981)

>   Defaulting to Lanman password for uerrc

> [2002/07/25 17:26:15, 1] smbd/reply.c:(1002)

>   Rejecting user 'uerrc': authentication failed

> [2002/07/25 17:26:15, 2] smbd/server.c:(458)

>   Closing connections                     

Can anyone help?

Thanks,

Rich.





More information about the samba mailing list