[Samba] root can't login to smb-ldap-pdc

Bas Goes b.e.a.goes at student.utwente.nl
Sat May 24 15:36:19 GMT 2003

Hi all,

I'm using samba 2.2.8a and trying to set it up as pdc using ldapsam with
a big help from idealx.
I have a test pdc working almost the same except it doesn't have acl
support and it's using 2.2.6. But I haven't configured acl yet on the
new system.
Both seem to have the same entries in ldap (even encrypted passwords for
root are the same) but when I to logon with root to the new machine it
says NT_STATUS_WRONG_PASSWORD. Any other user I've created can login but
root can't.
Root can logon using pam_ldap on a shell and can authenticate to the
When I logon with the rpcclient or smbclient I get from both
NT_STATUS_WRONG_PASSWORD. But in the log files just above it i get
different messages. smbclient tells me:
[2003/05/24 16:54:08, 2] smbd/service.c:make_connection(331)
  Invalid username/password for root [root]
[2003/05/24 16:54:08, 3] smbd/error.c:error_packet(113)
  error packet at smbd/reply.c(166) cmd=117 (SMBtconX)
But a bit further back it gives a password challenge:
[2003/05/24 16:54:08, 4] smbd/password.c:smb_password_ok(501)
  smb_password_ok: NT MD4 password check succeeded
I don't know if this means the password is ok or if it is just that the
check happened, but just after that it says it created the //mai/root
share and why would it do that after a wrong password?

anyway with the rpcclient the logs tell me something different:
[2003/05/24 17:29:17, 5] lib/util_seaccess.c:se_access_check(325)
  se_access_check: access (2) granted.
[2003/05/24 17:29:17, 3] smbd/vfs.c:vfs_init_default(123)
  Initialising default vfs hooks
[2003/05/24 17:29:17, 0] smbd/service.c:make_connection(563)
  Can't become connected user!
[2003/05/24 17:29:17, 3] smbd/connection.c:yield_connection(48)
  Yielding connection to IPC$
[2003/05/24 17:29:17, 3] smbd/error.c:error_packet(113)
  error packet at smbd/reply.c(166) cmd=117 (SMBtconX)
[2003/05/24 17:29:17, 5] lib/util.c:show_msg(275)
 Password challenge had the same output.

If I look at the rpcclient it looks like it can not become user root
(smbd runs as root btw)
But why?

Has anyone got any ideas? 

Thanks in advance,


More information about the samba mailing list