[Samba] simple migration 2.8 -> 3.02; simple test cases fail
Linda W
samba at tlinx.org
Sat Mar 13 23:10:10 GMT 2004
I've been going back and forth over the HOWTO on bringing up a new samba
3.0 server in place of
an old 2.8.
I only have about 2-3 users, so even recreating them isn't a major pain
-- but what does seem to be
a pain is password authentication. I was using smbpasswd before, and am
using it in my 3.0 setup
as well. I'm running a version for Suse90 pointed to off of their
support pages so shadow passwords are
enabled by default -- so I don't think they'd build a suse release w/o
support for shadow pw's. I've
tried domain and user security and neither work from either an XP
workstation nor on the
samba server using smbclient -- i.e. I can't connect to a share on the
client from the client due to
"NT_STATUS_LOGON_FAILURE".
I've reset the user passwords via smbpasswd -a username, I also tried
wiping out my smbpasswd
file and adding a user with pdbpasswd (no luck), restoring file and
forcing re-initialization of account passwords
with the "--force-initizlied-passwords", then resetting passwords...no
luck -- still can't connect to a share
(though they are anonymously listable) without getting the FAILURE message.
looking over the chat between the XP client, I see a message
STATUS_MORE_PROCESSING_REQUIRED,
then it retrying with another password which then fails.
I'm a bit at my wits end -- I thought this would be a reasonably simple
upgrade for a small network but it
taking hours going down deadends.
I've checked settings in the local security policy including limiting
password talk to lower levels (below ntlmv2),
I've also tried explicitly allowing various security options in my
smb.conf file.
Testparm says all sections 'ok', server role is "Role_domain_pdc" --
which was it's role under 2.8. I had been
using domain security, so a login as user 'workstation/linda' could
access anything owned by user 'linda' on
the server, though I got a message from testparm telling me I should try
security=user ...tried it both
ways...no go.
Do I need to deleted the machine lines from the old smbusers file's and
"re-add" the machines to get them
recognized properly? But I don't see what that would have to do with a
user being able to mount a share
on the same samba-linux machine and still getting login failures....
Do any of these symptoms sound familiar to some fundamental booboo I'm
making? If not, any ideas on what directions to go for debugging other
than going back to 2.8 where I'm obviously safer? (sigh)....
thanks,
-linda
More information about the samba
mailing list