[Samba] Password/Username not valid for SOME users
Darryl Milczarek
darryl.milczarek at emsusa.com
Wed May 1 08:08:02 GMT 2002
Samba_Version: 2.2.0a
Samba_Server_HDWR: DEC Alpha 4100
Samba_Server_OS: Tru64 v.4.0g
PDC_Server_OS: Windows 2000 Server sp2
Client_OS: Windows 2000 sp2
I have two identical Alpha 4100 UNIX servers, and both are running Tru64
ver. 4.0g and each has Samba 2.2.0a installed and operating. Both have been
functioning with no configuration changes for over a year. However,
something has happened to one of the installations. While all users can
still map drives to the Samba share on one server (alpha-ems), only a few
users can map a drive to the Samba share on the other server (alpha-ems2)
and the rest of us can not. When they try, they are challenged with a
user/pass screen.
I have tried the tests in the documentation including ping from both server
and client and they succeed, but this test fails:
# smbpasswd -j EMSPHX -r EMSINTERNET -U%
cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine
EMSINTERNET. Error was : NT_STATUS_ACCESS_DENIED.
2002/04/18 08:28:16 : change_trust_account_password: Failed to change
password for domain EMSPHX.
Unable to join domain EMSPHX.
If I don't put the -U% on the end, then I am again presented with the
user/pass screen. However, when I check smbstatus, I see two or 3 users
successfully attached each day (but only the same 2 or 3).
# smbstatus
Samba version 2.2.0a
Service uid gid pid machine
----------------------------------------------
inv-fin applmgr dba 9535 tealy_gx150 (172.20.1.114) Thu Apr 18
06:35:05 2002
inv-fin applmgr dba 11180 jhooper_gx150 (172.16.1.109) Thu Apr
18 08:13:55 2002
No locked files
Prior to last Thursday I could map my I: drive to the inv-fin share on
server alpha-ems2. But now, here is what happens when I try to connect from
my Windows 2000 computer using net use (which used to work just fine):
net use i: \\alpha-ems2\inv-fin
The password or username is invalid for \\alpha-ems2\inv-fin
Type the password for \\alpha-ems2\inv-fin :
And here are the typical entries from the log.smbd when I try to map the
drive and fail:
[2002/05/01 07:03:14, 0] smbd/password.c:(1519)
domain_client_validate: could not fetch trust account password for domain
EMSPHX
[2002/05/01 07:06:35, 0] lib/util_sock.c:(479)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2002/05/01 07:16:21, 0] lib/util_sock.c:(165)
Failed to set socket option SO_KEEPALIVE (Error Bad file number)
[2002/05/01 07:16:21, 0] lib/util_sock.c:(165)
Failed to set socket option TCP_NODELAY (Error Socket operation on
non-socket)
[2002/05/01 07:20:19, 0] lib/util_sock.c:(1084)
getpeername failed. Error was Invalid argument
[2002/05/01 07:20:19, 0] lib/util_sock.c:(542)
write_socket_data: write failure. Error = Broken pipe
[2002/05/01 07:20:19, 0] lib/util_sock.c:(565)
write_socket: Error writing 4 bytes to socket 10: ERRNO = Broken pipe
[2002/05/01 07:20:19, 0] lib/util_sock.c:(753)
Error writing 4 bytes to client. -1. Exiting
[2002/05/01 07:46:59, 0] smbd/password.c:(1519)
domain_client_validate: could not fetch trust account password for domain
EMSPHX
[2002/05/01 07:52:27, 0] lib/util_sock.c:(479)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2002/05/01 07:52:55, 0] smbd/password.c:(1519)
domain_client_validate: could not fetch trust account password for domain
EMSPHX
#
This is so strange, as just a couple of weeks ago our users NEVER had a
problem connecting to this Samba share! Now three users can connect, but the
rest of us can not!
Here are the results when I run 'smbclient' but note the fact I have to add
'-U%' at the end, otherwise I am presented with a password request, and no
password I enter will work. However, if I just hit [Enter] instead of typing
in a password, I get the message 'Anonymous login successful' and the
requested data is presented. This may be a clue as to my problems.
# smbclient -L alpha-ems2 -U%
added interface ip=172.16.1.17 bcast=172.16.255.255 nmask=255.255.0.0
Domain=[EMSPHX] OS=[Unix] Server=[Samba 2.2.0a]
Sharename Type Comment
--------- ---- -------
inv-fin Disk Invoice & Financial output (APPU)
temp Disk Temp directory on alpha-ems2
IPC$ IPC IPC Service (Samba 2.2.0a)
ADMIN$ Disk IPC Service (Samba 2.2.0a)
Server Comment
--------- -------
ALPHA-EMS2 Samba 2.2.0a
EMSINTERNET EMS Primary Domain Controller
Workgroup Master
--------- -------
EMSPHX EMSINTERNET
Here is the entire content of my smb.conf file on server alpha-ems2, which
has remained unchanged for over a year:
[global]
security=domain
workgroup=EMSPHX
encrypt passwords=yes
password server = EMSINTERNET PHX2K
add user script=/usr/local/samba/bin/add_user
[inv-fin]
comment = Invoice & Financial output (APPU)
guest account = applmgr
guest ok = yes
path = /u07/app/appuappl/admin/reports/out
public = yes
read only = yes
[temp]
comment = Temp directory on alpha-ems2
guest ok = no
path = /temp
writeable = yes
valid users = dmilczar ikahn dgeddes
Have you any ideas where I might look for a solution?
Darryl Milczarek
CIO, Equipment Maintenance Services
Phoenix, AZ
darryl.milczarek at emsusa.com
More information about the samba
mailing list