[Samba] HPUX 11.00 & CIFS/9000 Server - Domain authentication
eroseme at emonster.rose.hp.com
Thu Jul 25 15:12:02 GMT 2002
Log a Response Center call and ask for site-specific patch PHNE-27562.
This contains fixes to smbpasswd for 15-char NetBIOS name, and for
smbpasswd -j -r -U. However, you also must have EVERYONE nested in
"pre-Windows 2000 compatibile access" (check the pre-windows box when
using the W2000 computer managment snap-in). This should work even
in Native Mode.
"Cheney, Richard" wrote:
> I have been using Samba and CIFS/9000 happily with security=user for
> some time now, for simple read-only filesharing. Three days ago I
> decided to get a bit more clever....
> I now have a test server and I'm trying to get it to work against our
> Win2K PDC (UKNT19), which is running Active Directory in native mode for
> our Windows domain UKNT001. The UNIX server (uk209) is HPUX 11.00 and
> the CIFS is v2.2a, based on the Samba 2.2.3a source.
> I got it working with security=user, then with security=server, but I
> cannot get it working with security=domain. I have added the UNIX server
> into the domain using the Active Directory User and Computers plug-in. I
> have also added the machine into the domain using "smbpasswd -j UKNT001
> -r UKNT19 -Uadministrator%domain_password".
> When I issue "net use Y: \\uk209\tmp" from a WinXP client, I get the
> > C:\Documents and Settings\uerrc\Desktop>net use Y: \\uk209\uerrc
> > System error 1240 has occurred.
> > The account is not authorized to log in from this station.
> When I try smbclient from uk209, I get the following:
> > root at uk209:/etc/opt/samba> smbclient //uk209/tmp -Uuerrc%beckham7 |
> sed 's/^/> /1'
> > added interface ip=220.127.116.11 bcast=18.104.22.168
> > session setup failed: NT_STATUS_LOGON_FAILURE
> and the /var/opt/samba/log.uk209 has the following lines:
> > [2002/07/25 17:26:14, 2] libsmb/namequery.c:(420)
> > Got a positive name query response from 22.214.171.124 (
> 126.96.36.199 )
> > [2002/07/25 17:26:15, 0] rpc_client/cli_netlogon.c:(157)
> > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
> > [2002/07/25 17:26:15, 0] rpc_client/cli_login.c:(74)
> > cli_nt_setup_creds: auth2 challenge failed
> > [2002/07/25 17:26:15, 0] smbd/password.c:(1335)
> > connect_to_domain_password_server: unable to setup the PDC
> credentials to machine UKNT19. Error was : NT_STATUS_OK.
> > [2002/07/25 17:26:15, 0] smbd/password.c:(1554)
> > domain_client_validate: Domain password server not available.
> > [2002/07/25 17:26:15, 2] smbd/reply.c:(971)
> > NT Password did not match for user 'uerrc'!
> > [2002/07/25 17:26:15, 2] smbd/reply.c:(981)
> > Defaulting to Lanman password for uerrc
> > [2002/07/25 17:26:15, 1] smbd/reply.c:(1002)
> > Rejecting user 'uerrc': authentication failed
> > [2002/07/25 17:26:15, 2] smbd/server.c:(458)
> > Closing connections
> Can anyone help?
> Name: smb.conf
> smb.conf Type: unspecified type (application/octet-stream)
> Encoding: base64
> Description: smb.conf
More information about the samba