[Samba] Windows 2000 clients won't authenticate when using winbind

Richard Greaney greaneyr at inspire.net.nz
Wed Apr 9 07:19:58 GMT 2003

Here is the configuration of the network:

Server: 	Windows NT Server 4.0
Windows 2000 Professional
Linux Svr:	Debian 3.0 running Samba 2.2.3a with winbind

I have set up the smb.conf file along with the nsswitch.conf and the 
pam.d files as required. wbinfo -u gives me the correct list, and getent 
passwd returns a list which indicates all is well. I can also chown 
files on the Linux server to users from the NT Domain.

The problem i am having is when I attempt to access a samba share from 
the Windows 2000 clients. The share was set with "Domain Users - full 
control" so in theory, anybody who has first been authenticated by the 
domain controller will have access. I type in the UNC path to the linux 
server, and wait for an indefinite length of time. Eventually, I am 
prompted for a username and password, none of which work. If I do the 
same from the NT 4.0 server, the shares are displayed perfectly almost 
instantly and I can work with them as required.

After looking at a debug from 'winbind -d3 -i', it appears that the NT 
Server is using encrypted passwords for it's authentication, but that 
winbind thinks the 2000 clients are not using encrypted passwords. Of 
course, if this is the case it will be trying the access on the NT 
server with a non-decrypted password and of course it will fail.

I have tried looking for some info on this online but have found 
nothing. Any help is very much appreciated.


More information about the samba mailing list