[Samba] Samba 3.0.0 - LDAP Authetication trouble

Bart Bekker bartro at go.ro
Tue Nov 11 12:42:22 GMT 2003 


For quite some time I am trying to get samba 3.0.0 woring with an LDAP
backend.
The latest problem I have is that user authenticaltion doe not work. The
passwords are right, added them with the ldaptools from the samba
source, I can browse the ldap server, samba aslo can successfully search
(see logfile level 10 below), but just no successfull password
verification. 
I aslo attached my smb.conf, there is (I know..) probably some incorrect
stuff in there, but asfik not related to authentication.
I hope somebody can point a finger in the right direction..

 Bart.


log.smbd
--------
[2003/11/11 14:17:42, 5] auth/auth_util.c:make_user_info_map(216)
  make_user_info_map: Mapping user [TRECO]\[BART] from workstation [x]
[2003/11/11 14:17:42, 5] auth/auth_util.c:make_user_info(132)
  attempting to make a user_info for BART (BART)
[2003/11/11 14:17:42, 5] auth/auth_util.c:make_user_info(142)
  making strings for BART's user_info struct
[2003/11/11 14:17:42, 5] auth/auth_util.c:make_user_info(184)
  making blobs for BART's user_info struct
[2003/11/11 14:17:42, 10] auth/auth_util.c:make_user_info(193)
  made an encrypted user_info for BART (BART)
[2003/11/11 14:17:42, 3] auth/auth.c:check_ntlm_password(216)
  check_ntlm_password:  Checking password for unmapped user
[TRECO]\[BART]@[x] with the new password interface
[2003/11/11 14:17:42, 3] auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  mapped user is: [LINUX]\[BART]@[x]
[2003/11/11 14:17:42, 10] auth/auth.c:check_ntlm_password(228)
  check_ntlm_password: auth_context challenge created by random
[2003/11/11 14:17:42, 10] auth/auth.c:check_ntlm_password(230)
  challenge is:
[2003/11/11 14:17:42, 5] lib/util.c:dump_data(1825)
  [000] 3A 67 CA 97 F1 72 94 2A                           :gÊ.ñr.*
[2003/11/11 14:17:42, 10] auth/auth.c:check_ntlm_password(256)
  check_ntlm_password: guest had nothing to say
[2003/11/11 14:17:42, 8] lib/util.c:is_myname(1677)
  is_myname("LINUX") returns 1
[2003/11/11 14:17:42, 3] smbd/sec_ctx.c:push_sec_ctx(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2003/11/11 14:17:42, 3] smbd/uid.c:push_conn_ctx(287)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2003/11/11 14:17:42, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2003/11/11 14:17:42, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2003/11/11 14:17:42, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2003/11/11 14:17:42, 2] lib/smbldap.c:smbldap_search_suffix(1066)
  smbldap_search_suffix: searching
for:[(&(&(uid=BART)(objectclass=sambaSamAccount))(objectclass=sambaSamAccount))]
[2003/11/11 14:17:42, 2] passdb/pdb_ldap.c:init_sam_from_ldap(460)
  init_sam_from_ldap: Entry found for user: bart
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_username(585)
  pdb_set_username: setting username bart, was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 11 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_domain(612)
  pdb_set_domain: setting domain LINUX, was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_nt_username(639)
  pdb_set_nt_username: setting nt username bart, was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 14 -> now SET
[2003/11/11 14:17:42, 10]
passdb/pdb_get_set.c:pdb_set_user_sid_from_string(525)
  pdb_set_user_sid_from_string: setting user sid
S-1-5-21-66398397-639006455-1170665433-3000
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_user_sid(512)
  pdb_set_user_sid: setting user sid
S-1-5-21-66398397-639006455-1170665433-3000
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 17 -> now SET
[2003/11/11 14:17:42, 10]
passdb/pdb_get_set.c:pdb_set_group_sid_from_string(560)
  pdb_set_group_sid_from_string: setting group sid
S-1-5-21-66398397-639006455-1170665433-2027
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_group_sid(548)
  pdb_set_group_sid: setting group sid
S-1-5-21-66398397-639006455-1170665433-2027
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 18 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 20 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 5 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 6 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 7 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 8 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 9 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_fullname(666)
  pdb_set_full_name: setting full name System User, was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 12 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_dir_drive(747)
  pdb_set_dir_drive: setting dir drive _HOMEDRIVE_, was NULL
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 3 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_homedir(774)
  pdb_set_homedir: setting home dir \\_PDCNAME_\homes, was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 1 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_logon_script(693)
  pdb_set_logon_script: setting logon script bart.cmd, was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 4 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_profile_path(720)
  pdb_set_profile_path: setting profile path \\_PDCNAME_\profiles\bart,
was
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 2 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 22 -> now SET
[2003/11/11 14:17:42, 10]
lib/smbldap.c:smbldap_get_single_attribute(299)
  smbldap_get_single_attribute: [sambaUserWorkstations] = [<does not
exist>]
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 30 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 31 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 19 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 15 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 16 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 25 -> now SET
[2003/11/11 14:17:42, 10] passdb/pdb_get_set.c:pdb_set_init_flags(485)
  element 26 -> now SET
[2003/11/11 14:17:42, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/11/11 14:17:42, 4] auth/auth_sam.c:sam_password_ok(218)
  sam_password_ok: Checking NT MD4 password
[2003/11/11 14:17:42, 3] auth/auth_sam.c:sam_password_ok(225)
  sam_password_ok: NT MD4 password check failed for user bart
[2003/11/11 14:17:42, 5] auth/auth.c:check_ntlm_password(268)
  check_ntlm_password: sam authentication for user [BART] FAILED with
error NT_STATUS_WRONG_PASSWORD
[2003/11/11 14:17:42, 2] auth/auth.c:check_ntlm_password(309)
  check_ntlm_password:  Authentication for user [BART] -> [BART] FAILED
with error NT_STATUS_WRONG_PASSWORD
[2003/11/11 14:17:42, 5] auth/auth_util.c:free_user_info(1185)
  attempting to free (and zero) a user_info structure
[2003/11/11 14:17:42, 10] auth/auth_util.c:free_user_info(1188)
  structure was created for BART
[2003/11/11 14:17:42, 3] smbd/error.c:error_packet(129)
  error packet at smbd/sesssetup.c(781) cmd=115 (SMBsesssetupX) eclass=1
ecode=5
[2003/11/11 14:17:42, 5] lib/util.c:show_msg(456)
[2003/11/11 14:17:42, 5] lib/util.c:show_msg(466)
  size=35
  smb_com=0x73
  smb_rcls=1
  smb_reh=0
  smb_err=5
  smb_flg=136
  smb_flg2=2049
  smb_tid=0
  smb_pid=3945
  smb_uid=0
  smb_mid=1
  smt_wct=0
  smb_bcc=0
[2003/11/11 14:17:42, 6] lib/util_sock.c:write_socket(407)
  write_socket(17,39)
[2003/11/11 14:17:42, 6] lib/util_sock.c:write_socket(410)
  write_socket(17,39) wrote 39
[2003/11/11 14:17:42, 10] lib/util_sock.c:read_socket_data(336)
  read_socket_data: recv of 4 returned 0. Error = Success
[2003/11/11 14:17:42, 10] lib/util_sock.c:receive_smb(512)
  receive_smb: length < 0!
[2003/11/11 14:17:42, 3] smbd/process.c:timeout_processing(1099)
  timeout_processing: End of file from client (client has disconnected).
[2003/11/11 14:17:42, 5] lib/gencache.c:gencache_shutdown(88)
  Closing cache file
[2003/11/11 14:17:42, 5] libsmb/namecache.c:namecache_shutdown(79)
  namecache_shutdown: netbios namecache closed successfully.
[2003/11/11 14:17:42, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2003/11/11 14:17:42, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2003/11/11 14:17:42, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2003/11/11 14:17:42, 5] smbd/uid.c:change_to_root_user(218)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2003/11/11 14:17:42, 2] smbd/server.c:exit_server(558)
  Closing connections
[2003/11/11 14:17:42, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2003/11/11 14:17:42, 5] smbd/oplock.c:receive_local_message(107)
  receive_local_message: doing select with timeout of 1 ms
[2003/11/11 14:17:42, 3] smbd/server.c:exit_server(601)
  Server exit (normal exit)
-------
/end log.smbd

smb.conf
-------
 Samba config file created using SWAT
# from 10.0.0.79 (10.0.0.79)
# Date: 2003/11/11 10:19:24

# Global parameters
[global]
	encrypt passwords = Yes
	workgroup = TRECO
	passdb backend = ldapsam:ldap://127.0.0.1
	add user script = /usr/local/sbin/smbldap-useradd.pl -m "%u"
	delete user script = /usr/local/sbin/smbldap-userdel.pl "%u"
	add group script = /usr/local/sbin/smbldap-groupadd.pl -p "%g"
	delete group script = /usr/local/sbin/smbldap-groupdl.pl "%g"
	add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m "%u"
"%g"
	delete user from group script = /usr/local/sbin/smbldap-groupmod.pl -x
"%u" "%g"
	set primary group script = /usr/local/sbin/smbldap-usermod.pl -g '%g'
'%u'
	add machine script = /usr/local/sbin/smbldap-useradd.pl -w "%u"
	logon home = \\linux\homes\%U
	logon drive = J:
	logon path = \\x\profiles\%a\%U
	ldap port = 329
	ldap suffix = dc=treco,dc=ro
	ldap machine suffix = ou=Computers
	ldap user suffix = ou=People
	ldap group suffix = ou=Groups
	ldap idmap suffix = ou=People
	ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
	ldap admin dn = cn=root,dc=treco,dc=ro
	ldap passwd sync = Yes
	admin users = bart, administrator

[homes]
	comment = Home Directory
	#path = /home/%U

More information about the samba mailing list