[Samba] problem with Samba in domain

Helge Bahmann bahmann at math.tu-freiberg.de
Mon Sep 30 16:55:01 GMT 2002


Hi!

> Try disabling ipchains, iptables

not active

>, and set security=share (no security)
> in smb.conf.

Even easier, I just created a password for one of the Samba users
(smbpasswd -a); then I am able to mount the directory using this password
as Samba falls back to the smbpasswd database when the DC is not available

> If this works, you have a firewall or user name problem.

no filtering rules active on either client or server; user name in domain
and on the fileserver are identical too

the messages logged by samba are similiar to those quoted below, apart
from the fact the fallback to passdb database succeeds in this case

> Firewall must be open for tcp and udp on 137, 138 and 139. Get that
> working and then work on the security issue.

I am afraid this does not help me at all. Thanks for your assistance
nevertheless.

> >Hello!
> >
> >I have a samba fileserver (Debian Woody, Samba 2.2.3a) that I am
> >trying to join into an NT domain (smbpasswd -j ...); the command says that
> >it joined the domain successfully.
> >
> >Then I setup security=domain, workgroup name etc. as outlined in the samba
> >howtos. However whenever I try to access a share on the Samba server I am
> >prompted for a password (even though I already logged in through the
> >domain controller) and am subsequently denied access.
> >
> >The logfiles on the fileserver contain the following on the failed mount
> >attempt:
> >
> >[2002/09/26 18:53:28, 0] rpc_client/cli_netlogon.c:cli_net_req_chal(246)
> >  cli_net_req_chal: Error NT_STATUS_INVALID_COMPUTER_NAME
> >[2002/09/26 18:53:28, 0] rpc_client/cli_login.c:cli_nt_setup_creds(48)
> >  cli_nt_setup_creds: request challenge failed
> >[2002/09/26 18:53:28, 0]
> >smbd/password.c:connect_to_domain_password_server(1336)
> >  connect_to_domain_password_server: unable to setup the PDC credentials
> >to machine ADLER.INFORMATIK.TU-FREIBERG.DE. Error was : NT_STATUS_OK.
> >[2002/09/26 18:53:28, 0] smbd/password.c:domain_client_validate(1554)
> >  domain_client_validate: Domain password server not available.
> >[2002/09/26 18:53:28, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
> >  unable to open passdb database.
> >[2002/09/26 18:53:28, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367)
> >  unable to open passdb database.
> >
> >I don't know what to make of this -- does someone have any suggestion on
> >what went wrong? I am rather green on this.
> >
> >Things that may be notable to our setup:
> >- Samba server and PDC live in different IP domains and different IP
> >subnets
> >- I had to manually insert the machine name of the PDC in the smb.conf
> >file; putting in "*" to let Samba find out the PDC on it's own results
> >in "Domain password server not available" message in the logfiles
> >
> >Thanks for your patience.
-- 
Helge Bahmann <bahmann at math.tu-freiberg.de>             /| \__
The past: Smart users in front of dumb terminals       /_|____\
                                                     _/\ |   __)
$ ./configure                                        \\ \|__/__|
checking whether build environment is sane... yes     \\/___/ |
checking for AIX... no (we already did this)            |




More information about the samba mailing list