[Samba] security = domain and Mac OS X
Michael Bartosh
mbartosh at mac.com
Mon Jan 6 05:38:01 GMT 2003
At 5:05 PM -0800 1/5/03, Michael Bartosh wrote:
>I've set up Samba on Mac OS X to do pass through authentication to
>the nt domain in AD several times now. No big deal, it usually just
>works.
>
>Now, however, it doesn't appear to be working. Note the relevant
>part of the transaction below (loglevel 4).
>
>Steps to replicate:
>
> a) Add pre-Win2K account with AD Users and computers
> b) sudo smbpasswd -j EXAMPLE -r WINSERVER -U Administrator%passwd
> (happens successfully)
> c) in smb.conf:
> security = domain
> password server = WINSERVER
>
>nmblookup works for WINSERVER.
ps (to answer a couple of off list questions) I should also point out
that there's no need for winbindd in this case since the system can
lookup AD users via LDAP.
Again- this has always worked before- so I'm a little confused.
The errors again (none of which seem to have much of an answer on google)
[2003/01/05 16:49:38, 3]
/SourceCache/samba/samba-21/source/lib/util_sock.c:open_socket_out(830)
Connecting to 192.168.1.2 at port 445
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_req_chal(221)
cli_net_req_chal: LSA Request Challenge from WINSERVER to XSERVE:
965B45EE4F419A71
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/libsmb/credentials.c:cred_session_key(60)
cred_session_key
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/libsmb/credentials.c:cred_create(91)
cred_create
[2003/01/05 16:49:38, 4]
/SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_auth2(132)
cli_net_auth2: srv:\\WINSERVER acct:XSERVE$ sc:2 mc: XSERVE chal
B58AF439B186C221 neg: 1ff
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/rpc_client/cli_netlogon.c:cli_net_auth2(157)
cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/rpc_client/cli_login.c:cli_nt_setup_creds(74)
cli_nt_setup_creds: auth2 challenge failed
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/smbd/password.c:connect_to_domain_password_server(1340)
connect_to_domain_password_server: unable to setup the PDC
credentials to machine WINSERVER. Error was : NT_STATUS_OK.
[2003/01/05 16:49:38, 0]
/SourceCache/samba/samba-21/source/smbd/password.c:domain_client_validate(1558)
domain_client_validate: Domain password server not available.
--
http://www.4am-media.com
Mac OS X Consulting and Training
Michael Bartosh
mbartosh at 4am-media.com
303.517.0272
Denver, CO
"The surest way to corrupt a youth is to instruct him to hold in higher
regard those who think alike than those who think differently."
- -- Nietzsche
Think Different.
More information about the samba
mailing list