[Samba] win bind authentication

Chere Zhou qzhou at isilon.com
Wed Jun 11 21:25:12 GMT 2003


I looked back at your message, and it seems that you can ping, can list users 
and groups, but -t and user login always fail, is that right?  That's kind of 
strange to me.  Did you do -t and user login with the password server set 
too?  Maybe you should bump up debug level and send us the logs. 


On Wednesday 11 June 2003 12:51 pm, Tod B. Schmidt wrote:
> I can ping the winbindd and I have tried both with and without the password
> server set.
>
> -Tod
>
> -----Original Message-----
> From: Chere Zhou [mailto:qzhou at isilon.com]
> Sent: Wednesday, June 11, 2003 2:42 PM
> To: tschmidt at tnc.org; samba at lists.samba.org
> Subject: Re: [Samba] win bind authentication
>
>
> Is "wbinfo -p" fine? if not, restart winbindd.  If still not, try put
> "password server = pdc-name" into your smb.conf and restart again.
>
> On Wednesday 11 June 2003 11:09 am, Tod B. Schmidt wrote:
> > Yes, I can do kinit and then log into my win2k machines with smbclient
> > fine, but cannot log into my samba accounts from my win2k box.
> >
> > I think the fact that winbind -t fails is significant, but I can join the
> > domain fine, so I am not sure what is happening here.
> >
> > [root at maildev etc]# net join
> > [2003/06/11 14:01:38, 0] libads/ldap.c:ads_join_realm(1352)
> >   Host account for maildev already exists - deleting old account
> > Joined 'MAILDEV' to realm 'TNCTEST.ORG'
> >
> > [root at maildev etc]# wbinfo -t
> > checking the trust secret via RPC calls failed
> > error code was NT_STATUS_UNSUCCESSFUL (0xc0000001)
> > Could not check secret
> >
> > Also, when I list wbinfo -u or getent passwd I get entries that start
> > with TNCTEST and not TNCTEST.ORG, not sure if that is important. Kerberos
> > will not authenticate against the realm TNCTEST so I think it has to be
> > TNCTEST.ORG
> >
> > Thanks,
> > Tod Schmidt
> >
> >
> > -----Original Message-----
> > From: Brandon Lederer [mailto:brandonl at hms4emc.com]
> > Sent: Wednesday, June 11, 2003 1:41 PM
> > To: 'tschmidt at tnc.org'; samba at lists.samba.org
> > Subject: RE: [Samba] win bind authentication
> >
> >
> > You guys got the encryption on?
> >
> > -----Original Message-----
> > From: Tod B. Schmidt [mailto:tschmidt at tnc.org]
> > Sent: Wednesday, June 11, 2003 12:38 PM
> > To: samba at lists.samba.org
> > Subject: Re: [Samba] winbind authentication
> >
> >
> >
> >
> > I am getting this same error when trying to authenticate. Very
> > frustrating because everything else works, wbinfo, getent. I can login to
> > Win2K server wth kerberos, but I always see NT_STATUS_NO_LOGON_SERVERS 
> > when trying to authenticate.
> >
> > [root at maildev etc]# wbinfo -a user+password
> > plaintext password authentication failed
> > error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
> > error messsage was: No logon servers
> > Could not authenticate user user+password with plaintext password
> > challenge/response password authentication failed
> > error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
> > error messsage was: No logon servers
> > Could not authenticate user user+password with challenge/response
> >
> > The only other thing that fails is wbinfo -t
> >
> > [root at maildev etc]# wbinfo -t
> > checking the trust secret via RPC calls failed
> > error code was NT_STATUS_UNSUCCESSFUL (0xc0000001)
> > Could not check secret
> >
> > I have joined the computer to the domain but am just beating my head
> > against this issue.
> >
> > Any thoughts out there?
> >
> > TIA,
> > T Schmidt
> >
> > >>I am having the same issue. I am running Samba 3 Alpha 24 trying to
> >
> > connect to a W2K3 Server with AD. If I getent or chown I can see all my
> >
> > >>domain users, but sshd, login, etc (PAM apps) cant see the accounts.
>
> When
>
> > I try to login to the console as a AD user or SSH I get the following
> > >>in /var/log/messages Jun 2 20:38:58 gonzo pam_winbind[1900]: request
> > failed: No logon servers, PAM error was 4, NT error was
> >
> > >>NT_STATUS_NO_LOGON_SERVERS The issue is when I do wbinfo I can see
> >
> > everything.... My config is as follows: [global]



More information about the samba mailing list