[Samba] 3.0.1 problem with domain authentication.
Jason Gauthier
jgauthier at lastar.com
Fri Dec 19 15:31:09 GMT 2003
Hey Gang,
I'm having some trouble getting my domain authentication to work.
My config looks like this:
[global]
workgroup = MYWORKGROUP
realm = MYDOMAIN
server string = SERVER22
security = DOMAIN
password server = SERVER5
obey pam restrictions = Yes
smb passwd file = /etc/samba/smbpasswd
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log level = 3
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
wins server = 192.168.74.23
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
winbind cache time = 10
Pretty Basic.
So, I tried to hit the server and I see this:
check_ntlm_password: Checking password for unmapped user
[MYDOMAIN]\[jgauthier]@[JGAUTHIER] with the new password interface
[2003/12/19 10:20:42, 3] auth/auth.c:check_ntlm_password(221)
check_ntlm_password: mapped user is: [MYDOMAIN]\[jgauthier]@[JGAUTHIER]
[2003/12/19 10:20:42, 3] smbd/sec_ctx.c:push_sec_ctx(255)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/12/19 10:20:42, 3] smbd/uid.c:push_conn_ctx(286)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/12/19 10:20:42, 3] smbd/sec_ctx.c:set_sec_ctx(287)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/12/19 10:20:42, 3] smbd/sec_ctx.c:pop_sec_ctx(385)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/12/19 10:20:42, 2] auth/auth.c:check_ntlm_password(310)
check_ntlm_password: Authentication for user [jgauthier] -> [jgauthier]
FAILED with error NT_STATUS_ACCOUNT_LOCKED_OUT
[2003/12/19 10:20:42, 3] smbd/process.c:timeout_processing(1104)
timeout_processing: End of file from client (client has disconnected).
Great! My account is locked out. That's EASY to fix. So I unlock my account
and try again:
check_ntlm_password: Checking password for unmapped user
[MYDOMAIN]\[jgauthier]@[JGAUTHIER] with the new password interface
[2003/12/19 10:23:02, 3] auth/auth.c:check_ntlm_password(221)
check_ntlm_password: mapped user is: [MYDOMAIN]\[jgauthier]@[JGAUTHIER]
[2003/12/19 10:23:02, 3] smbd/sec_ctx.c:push_sec_ctx(255)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/12/19 10:23:02, 3] smbd/uid.c:push_conn_ctx(286)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/12/19 10:23:02, 3] smbd/sec_ctx.c:set_sec_ctx(287)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/12/19 10:23:02, 3] smbd/sec_ctx.c:pop_sec_ctx(385)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/12/19 10:23:02, 3] auth/auth_util.c:make_server_info_info3(1071)
User jgauthier does not exist, trying to add it
[2003/12/19 10:23:02, 0] auth/auth_util.c:make_server_info_info3(1080)
make_server_info_info3: pdb_init_sam failed!
[2003/12/19 10:23:02, 2] auth/auth.c:check_ntlm_password(310)
check_ntlm_password: Authentication for user [jgauthier] -> [jgauthier]
FAILED with error NT_STATUS_NO_SUCH_USER
[2003/12/19 10:23:02, 3] smbd/process.c:timeout_processing(1104)
timeout_processing: End of file from client (client has disconnected).
No such user?!? But it found it 3 minutes ago to determine it was locked :(
I'd really appreciate any help anyone can offer me. I'm completely stuck,
and I've been tinkering with this for over a week.
Thanks!
Jason
More information about the samba
mailing list