FW: [Samba] (no subject)

Troy.A Johnson troy.johnson at health.state.mn.us
Tue Oct 29 16:16:47 GMT 2002 

Jon,

I think that the "encrypt passwords" 
option is what controls how Samba interacts with 
the client. It is necessary to make the clients 
use encrypted passwords when Samba is relaying 
authentication to a domain controller because 
those are the only kind of password credentials 
the domain controller likes (by default, I think).

If you don't force the client to use encrypted 
passwords, you relay clear text stuff to the 
domain controller, which rejects it, and then 
Samba is obligated to reject the client connection.

I hope that's right, understandable, and helpful.

Good luck,

Troy

>>> "Rend, Jon (Jon) %" <rend at agere.com> 10/29/02 08:58AM >>>
OK, I'm just a thick bod sometimes. I remembered 1 thing I changed
which I
thought was only relevant if the SAMBA server was authenticating and
using
it's smb passwd file, which I'm not. I commented out:
 
encrypted passwords = yes
 
Now it all works again now I have uncommented it. Can someone enlighten
me
why this is relevant if my DOMAIN Controller is doing the
authentication
which is an NT Box, shame on it. I'll tell you I commented it out and I
get
the original problem. Weird.
 
-----Original Message-----
From: Rend, Jon (Jon) % 
Sent: Tuesday, October 29, 2002 8:23 AM
To: samba at samba.org 
Subject: FW: [Samba] (no subject)


Jesus how do u post something, it always comes back :(
-----Original Message-----
From: Rend, Jon (Jon) % [mailto:rend at agere.com] 
Sent: Tuesday, October 29, 2002 8:05 AM
To: 'samba at lists.samba.org' 
Subject: [Samba] (no subject)


On friday we changed our smb.conf file to test the security model that
uses
DOMAIN authenticacion. It worked fine testing two seperate usernames
from
Multiple Workstations connecting to a WORLD access share on the SAMBA
server.
 
I have to say nothing has changed at all since friday, apart from the
weekend :) and we now get this MS error message when trying to connect
the
same share again from WINDOWS:
 
"The account is not authorized to log in from this station"
 
Just to confirm that on both WorkStations no network shares existed
when we
tried again today?
 
Should I update to the latest version of SAMBA and include the and/or
parameter Trusted Domains = yes wlthough I believe this is default (we
are
in a trusted DOMAIN)?????

This is an example of our smb.conf file:
 
++++++++++
 
Our Version = Samba 2.2.0 on Solairs 8.0
 
#  BROWSING

   workgroup = VTC

   server string = mn01m0008.agere.com

   announce as = NT

   local master = no

   preferred master = no

   domain master = no

   os level = 33

   wins server = 135.149.49.50

   remote announce = 135.149.49.50

 

#  AUTHENTICATION

   password server = *

#  security=server

   security = domain

#  encrypt passwords = yes
 
++++++++++
 
Any help would be truly GREAT, even the NT boyz are stumped??????  

Jon :-) 

agere  systems 
Office 651-675-3064*         1230 Northland DriveF 
Cell Phone 651-253-3703       Mendota, MN 55120 
mailto: rend at agere.com *

More information about the samba mailing list