AW: [Samba] Domain logon against a Windows Server 2003 based AD

Tue Jul 13 09:10:23 GMT 2004

> hi, 
> did you joined your samba-server to the W2K Domain? 
>  

yes, more than once, do I need to do more cleanups than 
deleting the computer account in ads? 

> > Jul 12 16:56:22 linux winbindd[2410]: [2004/07/12 16:56:22, 0]  
> > nsswitch/winbindd_util.c:get_trust_pw(951)   
> > Jul 12 16:56:22 linux winbindd[2410]:   get_trust_pw: could not fetch  
> > trust account password for my domain IDEALTEC.LOCAL   
> > Jul 12 16:56:22 linux pam_winbind[3610]: request failed:  
> > NT_STATUS_CANT_ACCESS_DOMAIN_INFO, PAM error was 4, NT error was  
> > NT_STATUS_CANT_ACCESS_DOMAIN_INFO  
> this doesn?t look like you did it... 

did it, and now I get other error codes, as there 
was a possible mistake in the row with the realm directive. 
I did remove the .nf in front of realm, as I found an error 
message about realm in the messages log. And now I get other  
error messages, that look better/other :) 

>  
> and i hope that 
> password server = *  
> means that you only removed the name for that posting... 
no, this was unchanged from the configuration drakauth did. 
I can change this to the server, as my test installation only 
has one, but I did understand the directive to support several 
servers when you insert the star. 

I guessed it would look inside the DNS service for the _msdcs 
zone, where all those services entries for the ads are being stored. 

The slightly new errors, after restarting the DC, changed the group 
membership of "Everyone" to "Pre-Windows 2000 Compatible Access", 
and restarting smbd, nmbd, and winbind is: 

Jul 13 11:06:56 linux winbindd[20394]: [2004/07/13 11:06:56, 0] 
libsmb/cliconnect.c:cli_session_setup_spnego(724) 
Jul 13 11:06:56 linux winbindd[20394]:   Kinit failed: Cannot find KDC for 
requested realm 
Jul 13 11:06:56 linux pam_winbind[2634]: request failed: No trusted SAM 
account, PAM error was 4, NT error was NT_STATUS_NO_TRUST_SAM_ACCOUNT 
Jul 13 11:06:56 linux pam_winbind[2634]: internal module error (retval = 
4, user = `franke' 
Jul 13 11:06:56 linux login(pam_unix)[2634]: check pass; user unknown 
Jul 13 11:06:56 linux login(pam_unix)[2634]: authentication failure; 
logname= uid=0 euid=0 tty=vc/6 ruser= rhost= 
Jul 13 11:06:56 linux login(pam_unix)[2634]: check pass; user unknown 
Jul 13 11:06:59 linux winbindd[20394]: [2004/07/13 11:06:59, 0] 
libsmb/cliconnect.c:cli_session_setup_spnego(724) 
Jul 13 11:06:59 linux winbindd[20394]:   Kinit failed: Cannot find KDC for 
requested realm 
Jul 13 11:06:59 linux pam_winbind[2634]: request failed: No trusted SAM 
account, PAM error was 4, NT error was NT_STATUS_NO_TRUST_SAM_ACCOUNT 
Jul 13 11:06:59 linux pam_winbind[2634]: internal module error (retval = 
4, user = `franke' 
Jul 13 11:07:01 linux login[2634]: FAILED LOGIN 1 FROM (null) FOR franke, 
Authentication failure 

Marcus 

-- 
pedo mellon a minno