[Samba] samba-3.0.0rc dc domain logon problem
Yann Brillouet
yann.brillouet at supelec.fr
Wed Sep 3 14:30:38 GMT 2003
I run for tests a domain controller and a samba server with
samba-3.0.0rc2. Domain users can authenticate locally on the domain
controller, but I get a logon failure when I try to list the shares on
the member server.
The error the user gets is: "session setup failed:
NT_STATUS_LOGON_FAILURE" but digging the logs of the member server , I
get "domain_client_validate: unable to validate password for user test
in domain LOTR to Domain controller \\STRIDER. Error was
NT_STATUS_WRONG_PASSWORD."
This error first came up with an LDAP passdb backend, but reproduced
with a smbpasswd backend as well.
I attach the config files for both machines.
If anyone has an idea.
cheers.
--
Yann Brillouet
-------------- next part --------------
#======================= Global Settings =====================================
[global]
workgroup = LOTR
netbios name = STRIDER
server string = Samba Server
username map = /etc/samba/smbusers
log file = /var/log/samba/samba.%m
max log size = 1000
security = user
smb passwd file = /etc/samba/smbpasswd
unix password sync = no
passwd program = /usr/bin/passwd
passwd chat = *New* %n\n *Re* %n\n *pa*
encrypt passwords = yes
lm announce = yes
lm interval = 5
time server = yes
name resolve order = bcast wins
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 IPTOS_THROUGHPUT
local master = yes
os level = 127
domain master = yes
preferred master = yes
domain logons = yes
domain admin group = @admin
logon path =
logon home =
wins support = yes
wins proxy = yes
dns proxy = no
#============================ Share Definitions ==============================
#[homes]
# comment = Home Directories
# browseable = no
# writable = yes
# valid users= @users @smbusers
# Un-comment the following and create the netlogon directory for Domain Logons
[netlogon]
comment = Network Logon Service
path = /home/smbusers/netlogon
browseable = no
guest ok = yes
writable = no
share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
[Profiles]
path = /home/smbusers/profiles
browseable = no
guest ok = yes
[Public]
path = /home/smbusers/public
browseable = yes
writeable = no
valid users = @users @smbusers
-------------- next part --------------
[global]
netbios name = GANDALF
server string = "Do not meddle in the affairs..."
workgroup = LOTR
security = domain
password server = 192.168.0.2 STRIDER
log file = /var/log/samba/samba.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
encrypt passwords = yes
; wins support = yes
wins server = 192.168.0.2 STRIDER
load printers = yes
printing = cups
printcap name = cups
[public]
path = /tmp
guest ok = yes
writeable = yes
[printers]
comment = All Printers
path = /var/spool/samba
public = yes
guest ok = yes
writable = no
printable = yes
printer admin = root, @ntadmins
[special_printer]
comment = A special printer with his own settings
path = /var/spool/samba-special
printing = sysv
; printcap = lpstat
print command = echo "NEW: �ate: printfile %f" >> /tmp/smbprn.log ;\
echo " �ate: p-%p s-%s f-%f" >> /tmp/smbprn.log ;\
echo " �ate: j-%j J-%J z-%z c-%c" >> /tmp/smbprn.log :\
rm %f
public = no
guest ok = no
writeable = no
printable = yes
printer admin = kurt
hosts deny = 0.0.0.0
hosts allow = 192.168.0.10, 192.168.0.100
More information about the samba
mailing list