[Samba] W2K RAS Server in Samba 3.0.0 Domain

Beschorner Daniel Daniel.Beschorner at facton.de
Fri Oct 10 16:37:40 GMT 2003 

We set up a DialIn W2K SP4 member server in our Samba 3.0.0 domain.

When a client dials in the RAS server complains:

Error 930: The authentication server did not respond to authentication
requests in a timely fashion. 


I tracked down the RAS logfile IASSAM.LOG:

[576] 18:30:34:921: NT-SAM Names handler received request with user identity
root.
[576] 18:30:34:921: Prepending default domain.
[576] 18:30:34:921: SAM-Account-Name is "DOMAIN\root".
[576] 18:30:34:921: NT-SAM Authentication handler received request for
DOMAIN\root.
[576] 18:30:34:921: Processing MS-CHAP v2 authentication.
[576] 18:30:34:968: LogonUser succeeded.
[576] 18:30:34:968: NT-SAM User Authorization handler received request for
DOMAIN\root.
[576] 18:30:34:968: Using downlevel dial-in parameters.
[576] 18:30:34:968: DS not installed for domain DOMAIN.
[576] 18:30:34:968: Connecting to SAM server on \\SERVER.
[576] 18:30:35:093: Connecting to SAM server on \\SERVER.
[576] 18:30:35:093: Per-user attribute retrieval failed: Access denied


Here a corresponding "suspect" part of the level 10 smbd.log that breaks
it?!?


[2003/10/10 18:30:37, 5] rpc_parse/parse_prs.c:dbg_rw_punival(806)
          0028 buffer     : D.O.M.A.I.N.
[2003/10/10 18:30:37, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
  Found policy hnd[0] [000] 00 00 00 00 02 00 00 00  00 00 00 00 AD DE 86 3F
........ ....­Þ.?
  [010] 56 50 00 00                                       VP..
[2003/10/10 18:30:37, 5]
rpc_server/srv_samr_nt.c:access_check_samr_function(106)
  _samr_lookup_domain: access check ((granted: 0x00000020;  required:
0x00000010)
[2003/10/10 18:30:37, 2]
rpc_server/srv_samr_nt.c:access_check_samr_function(115)
  _samr_lookup_domain: ACCESS DENIED (granted: 0x00000020;  required:
0x00000010)
[2003/10/10 18:30:37, 5] rpc_parse/parse_prs.c:prs_debug(81)
  000000 samr_io_r_lookup_domain
[2003/10/10 18:30:37, 5] rpc_parse/parse_prs.c:prs_uint32(634)
      0000 ptr: 00000000
[2003/10/10 18:30:37, 5] rpc_parse/parse_prs.c:prs_ntstatus(664)
      0004 status: NT_STATUS_ACCESS_DENIED

Or is it a configuration problem?
Anyone got this configuration to work???

Thanks
Daniel

More information about the samba mailing list