[Samba] Samba3 Ldap on Suse 8.2
Marco Schulze
ms at mmdnc.de
Mon Jan 19 11:36:57 GMT 2004
Hi
I can't get a Windows 2000 SP4 client login on my PDC (SAMBA SERVER).
Here are some infos about the server Samba version 3.0.2pre1 running Suse 8.2 with a OpenLDAP server version 2.1.12, nss_ldap and pam_ldap.
I constantly get the message : User / Password is wrong from the client.
The root is created.Here are the debug messages I get, starting by the LDAP and SMBD logs:
###log.ldap###
Jan 16 16:01:05 tiger4 slapd[2813]: conn=37 fd=15 ACCEPT from IP=10.100.1.4:32863 (IP=:: 389)
Jan 16 16:01:05 tiger4 slapd[2894]: conn=37 op=0 BIND dn="cn=Manager,dc=samba,dc=local" method=128
Jan 16 16:01:05 tiger4 slapd[2894]: conn=37 op=0 AUTHZ dn="cn=Manager,dc=samba,dc=local" mech=simple ssf=0
Jan 16 16:01:05 tiger4 slapd[2894]: conn=37 op=0 RESULT tag=97 err=0 text=
Jan 16 16:01:05 tiger4 slapd[2875]: conn=37 op=1 SRCH base="dc=samba,dc=local" scope=2 filter="(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))"
Jan 16 16:01:05 tiger4 slapd[2875]: conn=37 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jan 16 16:01:05 tiger4 slapd[2851]: conn=37 op=2 SRCH base="dc=samba,dc=local" scope=2 filter="(&(&(uid=root)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))"
Jan 16 16:01:05 tiger4 slapd[2851]: conn=37 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jan 16 16:01:05 tiger4 slapd[2813]: conn=37 fd=15 closed
###lo.ldap end###
###log.machine###
[2004/01/16 16:01:05, 6] param/loadparm.c:lp_file_list_changed(2670)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jan 16 16:00:33 2004
[2004/01/16 16:01:05, 5] smbd/connection.c:claim_connection(170)
claiming 0
[2004/01/16 16:01:05, 5] smbd/reply.c:reply_special(154)
init msg_type=0x81 msg_flags=0x0
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(407)
write_socket(5,4)
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(410)
write_socket(5,4) wrote 4
[2004/01/16 16:01:05, 10] lib/util_sock.c:read_smb_length_return_keepalive(463)
got smb length of 133
[2004/01/16 16:01:05, 6] smbd/process.c:process_smb(889)
got message type 0x0 of len 0x85
[2004/01/16 16:01:05, 3] smbd/process.c:process_smb(890)
Transaction 1 of length 137
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(456)
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(466)
size=133
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=51283
smb_tid=0
smb_pid=65279
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=98
[2004/01/16 16:01:05, 10] lib/util.c:dump_data(1830)
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4C 41 4E 4D 41 4E 31 RAM 1.0. .LANMAN1
[020] 2E 30 00 02 57 69 6E 64 6F 77 73 20 66 6F 72 20 .0..Wind ows for
[030] 57 6F 72 6B 67 72 6F 75 70 73 20 33 2E 31 61 00 Workgrou ps 3.1a.
[040] 02 4C 4D 31 2E 32 58 30 30 32 00 02 4C 41 4E 4D .LM1.2X0 02..LANM
[050] 41 4E 32 2E 31 00 02 4E 54 20 4C 4D 20 30 2E 31 AN2.1..N T LM 0.1
[060] 32 00 2.
[2004/01/16 16:01:05, 3] smbd/process.c:switch_message(685)
switch message SMBnegprot (pid 2980)
[2004/01/16 16:01:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_nt_user_token(486)
NT user token: (NULL)
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_unix_user_token(505)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2004/01/16 16:01:05, 5] smbd/uid.c:change_to_root_user(218)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
Requested protocol [LANMAN1.0]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
Requested protocol [Windows for Workgroups 3.1a]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
Requested protocol [LM1.2X002]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
Requested protocol [LANMAN2.1]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
Requested protocol [NT LM 0.12]
[2004/01/16 16:01:05, 10] lib/util.c:set_remote_arch(1805)
set_remote_arch: Client arch is 'Win2K'
[2004/01/16 16:01:05, 6] param/loadparm.c:lp_file_list_changed(2670)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jan 16 16:00:33 2004
[2004/01/16 16:01:05, 6] param/loadparm.c:lp_file_list_changed(2670)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jan 16 16:00:33 2004
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_nt1(329)
using SPNEGO
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(532)
Selected protocol NT LM 0.12
[2004/01/16 16:01:05, 5] smbd/negprot.c:reply_negprot(538)
negprot index=5
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(456)
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(466)
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=65279
smb_uid=0
smb_mid=0
smt_wct=17
smb_vwv[ 0]= 5 (0x5)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 65 (0x41)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]=41984 (0xA400)
smb_vwv[ 8]= 11 (0xB)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=32995 (0x80E3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=25742 (0x648E)
smb_vwv[13]=16784 (0x4190)
smb_vwv[14]=50140 (0xC3DC)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=15103 (0x3AFF)
smb_bcc=58
[2004/01/16 16:01:05, 10] lib/util.c:dump_data(1830)
[000] 74 69 67 65 72 34 00 00 00 00 00 00 00 00 00 00 tiger4.. ........
[010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0...
[020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7.....
[030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(407)
write_socket(5,131)
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(410)
write_socket(5,131) wrote 131
[2004/01/16 16:01:05, 10] lib/util_sock.c:read_smb_length_return_keepalive(463)
got smb length of 198
[2004/01/16 16:01:05, 6] smbd/process.c:process_smb(889)
got message type 0x0 of len 0xc6
[2004/01/16 16:01:05, 3] smbd/process.c:process_smb(890)
Transaction 2 of length 202
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(456)
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(466)
size=198
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=51207
smb_tid=0
smb_pid=65279
smb_uid=0
smb_mid=64
smt_wct=12
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 198 (0xC6)
smb_vwv[ 2]=16644 (0x4104)
smb_vwv[ 3]= 50 (0x32)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 66 (0x42)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 212 (0xD4)
smb_vwv[11]=32768 (0x8000)
smb_bcc=139
[2004/01/16 16:01:05, 10] lib/util.c:dump_data(1830)
[000] 60 40 06 06 2B 06 01 05 05 02 A0 36 30 34 A0 0E `@..+... ...604..
[010] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A2 22 0...+... ..7...."
[020] 04 20 4E 54 4C 4D 53 53 50 00 01 00 00 00 97 82 . NTLMSS P.......
[030] 08 E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[040] 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 ...W.i.n .d.o.w.s
[050] 00 20 00 32 00 30 00 30 00 30 00 20 00 32 00 31 . .2.0.0 .0. .2.1
[060] 00 39 00 35 00 00 00 57 00 69 00 6E 00 64 00 6F .9.5...W .i.n.d.o
[070] 00 77 00 73 00 20 00 32 00 30 00 30 00 30 00 20 .w.s. .2 .0.0.0.
[080] 00 35 00 2E 00 30 00 00 00 00 00 .5...0.. ...
[2004/01/16 16:01:05, 3] smbd/process.c:switch_message(685)
switch message SMBsesssetupX (pid 2980)
[2004/01/16 16:01:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_nt_user_token(486)
NT user token: (NULL)
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_unix_user_token(505)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2004/01/16 16:01:05, 5] smbd/uid.c:change_to_root_user(218)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X(629)
wct=12 flg2=0xc807
[2004/01/16 16:01:05, 2] smbd/sesssetup.c:setup_new_vc_session(582)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(509)
Doing spnego session setup
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(540)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[]
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(418)
Got OID 1 3 6 1 4 1 311 2 2 10
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(421)
Got secblob of size 32
[2004/01/16 16:01:05, 5] auth/auth.c:make_auth_context_subsystem(477)
Making default auth method list for DC, security=user, encrypt passwords = yes
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend rhosts
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'rhosts'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend hostsequiv
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'hostsequiv'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend sam
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'sam'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend sam_ignoredomain
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'sam_ignoredomain'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend unix
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'unix'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend winbind
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'winbind'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend smbserver
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'smbserver'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend trustdomain
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'trustdomain'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend ntdomain
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'ntdomain'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend guest
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'guest'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend fixed_challenge
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'fixed_challenge'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
Attempting to register auth backend name_to_ntstatus
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
Successfully added auth method 'name_to_ntstatus'
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match guest
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method guest has a valid init
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match sam
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method sam has a valid init
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match winbind:trustdomain
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
load_auth_module: Attempting to find an auth method to match trustdomain
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method trustdomain has a valid init
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
load_auth_module: auth method winbind has a valid init
[2004/01/16 16:01:05, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0xe0088297
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_NEGOTIATE_OEM
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_LM_KEY
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(95)
auth_get_challenge: module guest did not want to specify a challenge
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(95)
auth_get_challenge: module sam did not want to specify a challenge
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(95)
auth_get_challenge: module winbind did not want to specify a challenge
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(135)
auth_context challenge created by random
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(136)
challenge is:
[2004/01/16 16:01:05, 5] lib/util.c:dump_data(1830)
[000] 40 A2 D8 A1 B0 A2 1C DD @.......
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_so