[Samba] RES: Winbind broken after 2.2.8 upgrade

FRANCO facatena at surson.com.br
Sun Mar 30 12:15:51 GMT 2003

thank you very much for the answer. I should say that my version is to 2.3a
that it comes with the distribution CONECTIVA. Before posting the messages I
make several tests and I place the maximum of information that I possess. If
my messages not answered they leave the frustrated people it is because many
of them pass for the same as me. So that you answered me I had to take
advantage of SUBJECT of a message. Excuse for that.

>> I hve 3 installations with problems... I never saw this I think that 
>> Im not a god SAMBA Administrator but I did read all the doc.... I 
>> dont have any troubles with other soft, but with samba ehehehehehe

>Samba is a complex peice of software.  It's interactions with (often
>separately maintained) Windows DCs is particularly complex.

>If it doesn't occur on all your DCs, then you should look at what is
>different.  This information should be present when you contact the 

My intranets are composed by PDCs, the only thing that can be different it
is that plan them linux he/she has firewall installed in them. I/you had
been that everything it is inside of the pattern of installation of
MICROSOFT. I also ordered already the configurations of my firewall for you
with the messages. and I already made COUNTLESS TEST WITH AND WITHOUT
FIREWALL. I wait to be being very clear on this subject. I wait that my
translator (portugues/ingles) it is not causing confusion. ;-)

> Can yoiu help m?
> [root at firewall /etc]# smbpasswd -j surson -r cleo -U Administrator
> Password:
> Joined domain SURSON.
> [root at firewall /etc]#
> [root at firewall /etc]# smbclient //firewall/PUBLICO -UAdministrator
> added interface ip= bcast= nmask= 
> Got a positive name query response from ( )
> Password:
> session setup failed: NT_STATUS_LOGON_FAILURE
> When I try \\firewall\PUBLICO in the NT I receive a BOX to type USER
> and PASSWD
> Joe log.cleo
> [2003/03/25 04:38:27, 0]
> smbd/password.c:connect_to_domain_password_server(1307)
>   connect_to_domain_password_server: machine CLEO rejected the tconX
> on the IPC$ share. Error was : NT_STATUS_ACCESS_DENIED. [2003/03/25 
> 04:38:27, 0]
> smbd/password.c:domain_client_validate(1554)
>   domain_client_validate: Domain password server not available.

This looks like an issue with your PDC, not with Samba.

Your PDC is has 'restrict anonymous = 2' set.  The two options are to set a
username for Samba to use (wbinfo -Auser%pass), or to disable it. 

The webinfo -u works. The one that doesn't work is SMBCLIENT for the SAMBA
from within of LINUX and the connections comings of the NT. That that left
me was perplexed. He/she/you seems that PAM not this allowing the auth or
thing of the type. The smb_auth that I use in my SQUID makes everything

If you already have a username/pw set (by wbinfo -A), then I would suspect
that you have SMB signing required, on a 'fixed' DC (MS did not used to
enforce this).

I don't know more than to do, therefore I already read countless documents
to I respect. If you want I give him/her the password of the ssh for that
you among in the system and verify. I am very depressed, because they are 2
facilities with the same problem.  

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.465 / Virus Database: 263 - Release Date: 25/3/2003

More information about the samba mailing list