[Samba] Problem connecting linux box to linux box in ad

Hakan Bjork hakan.bjork at bjorknet.com
Sat Dec 4 15:06:57 GMT 2004 

Hi

I have a customer running 2 RedHat 7.3 servers. These are running to gether with w2k and w2k3 
machines in an Active Directory.
I ran samba 2.0.7 and upgraded to 3.0.8 because of that the customer had to use restrict anonymous 
= 2 in windows, that stops the IPC$ share to be seen by anonymous connections.
I configured Kerberos and could connect windows boxes to one of the linux boxes, the other linux 
box connected to the first linux box also through smb.
After that the first linux box was rebooted, I hadn't rebooted the linux box after upgrading to 
samba 3.0.8, the second linux box can't connect to the first linux box.
The windows boxes can still connect to the first linux box and the linux box can connect to 
windows boxes.
On the second box I get this whe I try to mount the share:
12874: session setup failed: ERRDOS - ERRnoaccess (Access denied.)
SMB connection failed

In the log file on the first linux box I get:
[2004/12/04 16:00:08, 1] libsmb/cliconnect.c:cli_full_connection(1482)
  failed tcon_X with NT_STATUS_ACCESS_DENIED
[2004/12/04 16:00:08, 1] libsmb/cliconnect.c:cli_full_connection(1482)
  failed tcon_X with NT_STATUS_ACCESS_DENIED
[2004/12/04 16:00:08, 1] libsmb/cliconnect.c:cli_full_connection(1482)
  failed tcon_X with NT_STATUS_ACCESS_DENIED
[2004/12/04 16:00:08, 1] libsmb/cliconnect.c:cli_full_connection(1482)
  failed tcon_X with NT_STATUS_ACCESS_DENIED
[2004/12/04 16:00:08, 0] auth/auth_domain.c:domain_client_validate(170)
  domain_client_validate: Domain password server not available.

It's like when I connect from a linux box the first linux server tries to contact the dc's in the 
old style.

The smb.conf looks like this:
-------------------------------
[global]

# workgroup = NT-Domain-Name or Workgroup-Name
   workgroup = fha

# server string is the equivalent of the NT Description field
   server string = Finans
   realm = FHA.SE
# Security mode. Most people will want user level security. See
# security_level.txt for details.
;   security = user
   security = ads
;   security = share
   password server = SRVSCALA SRV-FILE01


[fdp$]
   comment = Blanketter
   path = /usr/xforms/finans/exp_imp/to_sc/pdf
   public = no
   writable = no
   guest ok = yes
;   create mask = 0766
;   printable = no
;   write list = @staff

----------------------------

It dosn't matter what account I use. I use the one that could connect and I try other accounts 
that is used on the windows boxes.

Anyone having a clue?

--
Mvh
Håkan Björk



-- 
Meddelandet har kontrollerats mot virus samt skadligt 
innehåll av MailScanner och förmodas vara säkert.

More information about the samba mailing list