[Samba] cupsaddsmb: can't authenticate smbpasswd user with ADS security

ryan.suarez at sheridanc.on.ca ryan.suarez at sheridanc.on.ca
Wed Mar 31 21:58:48 GMT 2004

Greetings Admins,

I have a samba3.0.2 machine with security = ADS.  This samba will work with CUPS to serve print
request to XP clients.  I can authenticate the domain users just fine.

I am now trying to copy the printer drivers to the [print$] share by using the 'cupsaddsmb'
command but I am getting an "NT_STATUS_LOGON_FAILURE".  It cannot find the root user in the
domain.  Of course, a 'root' does not exist in the domain but I have defined it using smbpasswd.
I need to use root because is the owner of [print$] share.

Can someone please help??

I have included some interesting debugging info below.



pykota:/usr/local/samba/logs# cupsaddsmb -U root -v -a
Password for root required to access localhost via SAMBA:
Running command: smbclient //localhost/print\$ -N -U'root%secret' -c 'mkdir W32X86;put
/var/spool/cups/tmp/406b3d53c47f3 W32X86/oa-a125-e1.ppd;put /usr/share/cups/drivers/cupsdrv5.dll
W32X86/cupsdrv5.dll;put /usr/share/cups/drivers/cupsui5.dll W32X86/cupsui5.dll;put
/usr/share/cups/drivers/cups5.hlp W32X86/cups5.hlp'
session setup failed: NT_STATUS_LOGON_FAILURE

pykota:/usr/local/samba/private# cat smbpasswd

pykota:/usr/local/samba/logs# cat pykota.log
[2004/03/31 16:51:17, 0] auth/auth_domain.c:domain_client_validate(204)
  domain_client_validate: unable to validate password for user root in domain SHERNET-T to Domain
[2004/03/31 16:51:17, 5] auth/auth.c:check_ntlm_password(271)
  check_ntlm_password: winbind authentication for user [root] FAILED with error
[2004/03/31 16:51:17, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [root] -> [root] FAILED with error

pykota:/usr/local/samba/lib# cat smb.conf
        workgroup = SHERNET-T1
        netbios name = pykota
        log file = /usr/local/samba/logs/%m.log
        max log size = 50000
        debug level = auth:10
        name resolve order = wins host bcast

        wins server = dc.shernet-t.sheridanc.ca
        wins proxy = no
        wins support = no
        dns proxy = yes
        local master = no
        preferred master = no
        domain master = no
        os level = 0

        security = ADS
        encrypt passwords = yes
        password server = *
        realm = SHERNET-T.SHERIDANC.CA

        interfaces =
        allow hosts = 142.55. localhost

        printing = cups
        printcap name = cups
        load printers = yes

        socket options = TCP_NODELAY

        comment = All Printers
        path = /var/spool/samba
        browseable = no
        guest ok = yes
        public = yes
        writeable = no
        printable = yes
        printer admin = root
        create mode = 0700

        comment = Printer Drivers
        path = /usr/local/samba/drivers
        browseable = yes
        guest ok = no
        read only = yes
        write list = root

More information about the samba mailing list