[Samba] security = domain and Mac OS X

Michael Bartosh mbartosh at mac.com
Mon Jan 6 05:38:01 GMT 2003 

At 5:05 PM -0800 1/5/03, Michael Bartosh wrote:
>I've set up Samba on Mac OS X to do pass through authentication to 
>the nt domain in AD several times now. No big deal, it usually just 
>works.
>
>Now, however, it doesn't appear to be working. Note the relevant 
>part of the transaction below (loglevel 4).
>
>Steps to replicate:
>
>	a) Add pre-Win2K account with AD Users and computers
>	b) sudo smbpasswd -j EXAMPLE -r WINSERVER -U Administrator%passwd
>		(happens successfully)
>	c) in smb.conf:
>		security = domain
>		password server = WINSERVER
>
>nmblookup works for WINSERVER.

ps (to answer a couple of off list questions) I should also point out 
that there's no need for winbindd in this case since the system can 
lookup AD users via LDAP.

Again- this has always worked before- so I'm a little confused.

The errors again (none of which seem to have much of an answer on google)

[2003/01/05 16:49:38, 3]
/SourceCache/samba/samba-21/source/lib/util_sock.c:open_socket_out(830)
    Connecting to 192.168.1.2 at port 445
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_req_chal(221)
    cli_net_req_chal: LSA Request Challenge from WINSERVER to XSERVE:
965B45EE4F419A71
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/libsmb/credentials.c:cred_session_key(60)
    cred_session_key
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/libsmb/credentials.c:cred_create(91)
    cred_create
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_auth2(132)
    cli_net_auth2: srv:\\WINSERVER acct:XSERVE$ sc:2 mc: XSERVE chal
B58AF439B186C221 neg: 1ff
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_auth2(157)
    cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/rpc_client/cli_login.c:cli_nt_setup_creds(74)
    cli_nt_setup_creds: auth2 challenge failed
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/smbd/password.c:connect_to_domain_password_server(1340)
    connect_to_domain_password_server: unable to setup the PDC
credentials to machine WINSERVER. Error was : NT_STATUS_OK.
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/smbd/password.c:domain_client_validate(1558)
    domain_client_validate: Domain password server not available.

-- 
http://www.4am-media.com
Mac OS X Consulting and Training
Michael Bartosh
mbartosh at 4am-media.com
303.517.0272
Denver, CO


"The surest way to corrupt a youth is to instruct him to hold in higher
regard those who think alike than those who think differently."

- -- Nietzsche
         
			Think Different.

More information about the samba mailing list