[Samba] Samba3 Ldap on Suse 8.2

Marco Schulze ms at mmdnc.de
Mon Jan 19 11:36:57 GMT 2004


Hi

I can't get a Windows 2000 SP4 client login on my PDC (SAMBA SERVER).
Here are some infos about the server Samba version 3.0.2pre1 running Suse 8.2 with a OpenLDAP server version 2.1.12, nss_ldap and pam_ldap.
I constantly get the message : User / Password is wrong from the client.
The root is created.Here are the debug messages I get, starting by the LDAP and SMBD logs:

###log.ldap###
Jan 16 16:01:05 tiger4 slapd[2813]: conn=37 fd=15 ACCEPT from IP=10.100.1.4:32863 (IP=:: 389)
Jan 16 16:01:05 tiger4 slapd[2894]: conn=37 op=0 BIND dn="cn=Manager,dc=samba,dc=local" method=128
Jan 16 16:01:05 tiger4 slapd[2894]: conn=37 op=0 AUTHZ dn="cn=Manager,dc=samba,dc=local" mech=simple ssf=0
Jan 16 16:01:05 tiger4 slapd[2894]: conn=37 op=0 RESULT tag=97 err=0 text=
Jan 16 16:01:05 tiger4 slapd[2875]: conn=37 op=1 SRCH base="dc=samba,dc=local" scope=2 filter="(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))"
Jan 16 16:01:05 tiger4 slapd[2875]: conn=37 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jan 16 16:01:05 tiger4 slapd[2851]: conn=37 op=2 SRCH base="dc=samba,dc=local" scope=2 filter="(&(&(uid=root)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))"
Jan 16 16:01:05 tiger4 slapd[2851]: conn=37 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jan 16 16:01:05 tiger4 slapd[2813]: conn=37 fd=15 closed
###lo.ldap end###

###log.machine###
[2004/01/16 16:01:05, 6] param/loadparm.c:lp_file_list_changed(2670)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Fri Jan 16 16:00:33 2004

[2004/01/16 16:01:05, 5] smbd/connection.c:claim_connection(170)
  claiming  0
[2004/01/16 16:01:05, 5] smbd/reply.c:reply_special(154)
  init msg_type=0x81 msg_flags=0x0
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(407)
  write_socket(5,4)
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(410)
  write_socket(5,4) wrote 4
[2004/01/16 16:01:05, 10] lib/util_sock.c:read_smb_length_return_keepalive(463)
  got smb length of 133
[2004/01/16 16:01:05, 6] smbd/process.c:process_smb(889)
  got message type 0x0 of len 0x85
[2004/01/16 16:01:05, 3] smbd/process.c:process_smb(890)
  Transaction 1 of length 137
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(456)
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(466)
  size=133
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=24
  smb_flg2=51283
  smb_tid=0
  smb_pid=65279
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=98
[2004/01/16 16:01:05, 10] lib/util.c:dump_data(1830)
  [000] 02 50 43 20 4E 45 54 57  4F 52 4B 20 50 52 4F 47  .PC NETW ORK PROG
  [010] 52 41 4D 20 31 2E 30 00  02 4C 41 4E 4D 41 4E 31  RAM 1.0. .LANMAN1
  [020] 2E 30 00 02 57 69 6E 64  6F 77 73 20 66 6F 72 20  .0..Wind ows for
  [030] 57 6F 72 6B 67 72 6F 75  70 73 20 33 2E 31 61 00  Workgrou ps 3.1a.
  [040] 02 4C 4D 31 2E 32 58 30  30 32 00 02 4C 41 4E 4D  .LM1.2X0 02..LANM
  [050] 41 4E 32 2E 31 00 02 4E  54 20 4C 4D 20 30 2E 31  AN2.1..N T LM 0.1
  [060] 32 00                                             2. 
[2004/01/16 16:01:05, 3] smbd/process.c:switch_message(685)
  switch message SMBnegprot (pid 2980)
[2004/01/16 16:01:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2004/01/16 16:01:05, 5] smbd/uid.c:change_to_root_user(218)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
  Requested protocol [LANMAN1.0]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
  Requested protocol [Windows for Workgroups 3.1a]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
  Requested protocol [LM1.2X002]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
  Requested protocol [LANMAN2.1]
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(455)
  Requested protocol [NT LM 0.12]
[2004/01/16 16:01:05, 10] lib/util.c:set_remote_arch(1805)
  set_remote_arch: Client arch is 'Win2K'
[2004/01/16 16:01:05, 6] param/loadparm.c:lp_file_list_changed(2670)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Fri Jan 16 16:00:33 2004

[2004/01/16 16:01:05, 6] param/loadparm.c:lp_file_list_changed(2670)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Fri Jan 16 16:00:33 2004

[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_nt1(329)
  using SPNEGO
[2004/01/16 16:01:05, 3] smbd/negprot.c:reply_negprot(532)
  Selected protocol NT LM 0.12
[2004/01/16 16:01:05, 5] smbd/negprot.c:reply_negprot(538)
  negprot index=5
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(456)
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(466)
  size=127
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=65279
  smb_uid=0
  smb_mid=0
  smt_wct=17
  smb_vwv[ 0]=    5 (0x5)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   65 (0x41)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=41984 (0xA400)
  smb_vwv[ 8]=   11 (0xB)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=32995 (0x80E3)
  smb_vwv[11]=32896 (0x8080)
  smb_vwv[12]=25742 (0x648E)
  smb_vwv[13]=16784 (0x4190)
  smb_vwv[14]=50140 (0xC3DC)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]=15103 (0x3AFF)
  smb_bcc=58
[2004/01/16 16:01:05, 10] lib/util.c:dump_data(1830)
  [000] 74 69 67 65 72 34 00 00  00 00 00 00 00 00 00 00  tiger4.. ........
  [010] 60 28 06 06 2B 06 01 05  05 02 A0 1E 30 1C A0 0E  `(..+... ....0...
  [020] 30 0C 06 0A 2B 06 01 04  01 82 37 02 02 0A A3 0A  0...+... ..7.....
  [030] 30 08 A0 06 1B 04 4E 4F  4E 45                    0.....NO NE
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(407)
  write_socket(5,131)
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_socket(410)
  write_socket(5,131) wrote 131
[2004/01/16 16:01:05, 10] lib/util_sock.c:read_smb_length_return_keepalive(463)
  got smb length of 198
[2004/01/16 16:01:05, 6] smbd/process.c:process_smb(889)
  got message type 0x0 of len 0xc6
[2004/01/16 16:01:05, 3] smbd/process.c:process_smb(890)
  Transaction 2 of length 202
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(456)
[2004/01/16 16:01:05, 5] lib/util.c:show_msg(466)
  size=198
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=24
  smb_flg2=51207
  smb_tid=0
  smb_pid=65279
  smb_uid=0
  smb_mid=64
  smt_wct=12
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  198 (0xC6)
  smb_vwv[ 2]=16644 (0x4104)
  smb_vwv[ 3]=   50 (0x32)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=   66 (0x42)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=  212 (0xD4)
  smb_vwv[11]=32768 (0x8000)
  smb_bcc=139
[2004/01/16 16:01:05, 10] lib/util.c:dump_data(1830)
  [000] 60 40 06 06 2B 06 01 05  05 02 A0 36 30 34 A0 0E  `@..+... ...604..
  [010] 30 0C 06 0A 2B 06 01 04  01 82 37 02 02 0A A2 22  0...+... ..7...."
  [020] 04 20 4E 54 4C 4D 53 53  50 00 01 00 00 00 97 82  . NTLMSS P.......
  [030] 08 E0 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 57 00 69 00 6E  00 64 00 6F 00 77 00 73  ...W.i.n .d.o.w.s
  [050] 00 20 00 32 00 30 00 30  00 30 00 20 00 32 00 31  . .2.0.0 .0. .2.1
  [060] 00 39 00 35 00 00 00 57  00 69 00 6E 00 64 00 6F  .9.5...W .i.n.d.o
  [070] 00 77 00 73 00 20 00 32  00 30 00 30 00 30 00 20  .w.s. .2 .0.0.0. 
  [080] 00 35 00 2E 00 30 00 00  00 00 00                 .5...0.. ...
[2004/01/16 16:01:05, 3] smbd/process.c:switch_message(685)
  switch message SMBsesssetupX (pid 2980)
[2004/01/16 16:01:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2004/01/16 16:01:05, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2004/01/16 16:01:05, 5] smbd/uid.c:change_to_root_user(218)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X(629)
  wct=12 flg2=0xc807
[2004/01/16 16:01:05, 2] smbd/sesssetup.c:setup_new_vc_session(582)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(509)
  Doing spnego session setup
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(540)
  NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[]
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(418)
  Got OID 1 3 6 1 4 1 311 2 2 10
[2004/01/16 16:01:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(421)
  Got secblob of size 32
[2004/01/16 16:01:05, 5] auth/auth.c:make_auth_context_subsystem(477)
  Making default auth method list for DC, security=user, encrypt passwords = yes
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend rhosts
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'rhosts'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend hostsequiv
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'hostsequiv'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend sam
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'sam'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend sam_ignoredomain
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'sam_ignoredomain'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend unix
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'unix'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend winbind
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'winbind'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend smbserver
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'smbserver'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend trustdomain
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'trustdomain'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend ntdomain
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'ntdomain'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend guest
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'guest'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend fixed_challenge
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'fixed_challenge'
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend name_to_ntstatus
[2004/01/16 16:01:05, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'name_to_ntstatus'
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
  load_auth_module: Attempting to find an auth method to match guest
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
  load_auth_module: auth method guest has a valid init
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
  load_auth_module: Attempting to find an auth method to match sam
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
  load_auth_module: auth method sam has a valid init
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
  load_auth_module: Attempting to find an auth method to match winbind:trustdomain
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(384)
  load_auth_module: Attempting to find an auth method to match trustdomain
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
  load_auth_module: auth method trustdomain has a valid init
[2004/01/16 16:01:05, 5] auth/auth.c:load_auth_module(409)
  load_auth_module: auth method winbind has a valid init
[2004/01/16 16:01:05, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0xe0088297
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_NEGOTIATE_OEM
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_LM_KEY
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_KEY_EXCH
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(95)
  auth_get_challenge: module guest did not want to specify a challenge
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(95)
  auth_get_challenge: module sam did not want to specify a challenge
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(95)
  auth_get_challenge: module winbind did not want to specify a challenge
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(135)
  auth_context challenge created by random
[2004/01/16 16:01:05, 5] auth/auth.c:get_ntlm_challenge(136)
  challenge is: 
[2004/01/16 16:01:05, 5] lib/util.c:dump_data(1830)
  [000] 40 A2 D8 A1 B0 A2 1C DD                           @....... 
[2004/01/16 16:01:05, 6] lib/util_sock.c:write_so