[Samba] Re: upgrade to 3.0.11, lost domain control

Gordon Russell russell at co.clarke.va.us
Wed Feb 9 01:59:06 GMT 2005



Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Tue, 8 Feb 2005, Gordon Russell wrote:
> 
> 
>>I have determined that members of the root group can logon to domain, no 
>>problem. If you are not a member of the unix root group, you are sol... 
>>file permissions somewhere not right?  please, i dont want to have to 
>>add all my users to root group before tomorrow morning ;-) g
> 
> 
> I would look for name resolution issues.  Perhaps you have a bad wins.dat.
> Also get a level 10 debug log from smbd and `grep NT_STATUS log.smbd | 
> grep -v OK`.  Then locate any messages in the log file such as 
> ACCESS_DENIED, NONE_MAPPED, etc...
> 

I had upped the debug level to 3 and started seeing 
NT_STATUS_WRONG_PASSWORD errors when users were failing to log in. I 
reset those users passwords in smbpasswd and passwd and everything works 
fine.  At this point I have about 6 out of 50+ users whose passwords 
seem to have been corrupted for some reason.  -- the root group logon 
was a red herring.  As usual, thanks for the quick responses and great work

gordon


More information about the samba mailing list