[Samba] Migration PDC from Samba 2.2.8a to 3.0.9 -> Error
NT_STATUS_WRONG_PASSWORD
JJunge at paritaet-th.de
JJunge at paritaet-th.de
Fri Jan 14 07:30:40 GMT 2005
Hello
im trying to migrate from Samba 2.2.8a to 3.0.9.
The Server is a PDC using ldap and winbind.
I used the convertSambaAccount script to convert the ldap schema from old
to new.
I shut down the old smb server and started the new one.
The share one the new server are accessible from my still running W2k
machine.
If I start another machine und log in as a user, that was logged in before
from this machine,
everything is fine too. But if i try to log in as User, that was not logged
in from that machine before
the user can not be authenticated. (Error NT_STATUS_WRONG_PASSWORD, see
log)
(The registry on my machines is configurated, to keep the registry settings
from the last user.
So I think the last logged in user ist authenticated through the cached
registry)
Why can't I authenticate the user towards the PDC?
Cheers JJ
Machine log:
---snip---
[2005/01/14 07:02:06, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2005/01/14 07:02:06, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2005/01/14 07:02:06, 2] lib/access.c:check_access(324)
Allowed connection from (172.30.0.101)
[2005/01/14 07:02:14, 2] lib/access.c:check_access(324)
Allowed connection from (172.30.0.101)
[2005/01/14 07:02:14, 2] rpc_parse/parse_prs.c:netsec_decode(1585)
netsec_decode: FAILED: packet sequence number:
[2005/01/14 07:02:14, 2] lib/util.c:dump_data(1977)
[000] 23 47 9E 7C DA 18 69 4E #G.|..iN
[2005/01/14 07:02:14, 2] rpc_parse/parse_prs.c:netsec_decode(1587)
should be:
[2005/01/14 07:02:14, 2] lib/util.c:dump_data(1977)
[000] 00 00 00 00 80 00 00 00 ........
[2005/01/14 07:02:14, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511)
init_sam_from_ldap: Entry found for user: p220fdie$
[2005/01/14 07:02:14, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511)
init_sam_from_ldap: Entry found for user: adminneu
[2005/01/14 07:02:14, 2] passdb/pdb_ldap.c:init_ldap_from_sam(893)
init_ldap_from_sam: Setting entry for user: adminneu
[2005/01/14 07:02:14, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [adminneu] -> [adminneu]
FAILED with error NT_STATUS_WRONG_PASSWORD
[2005/01/14 07:03:12, 2] smbd/server.c:exit_server(571)
Closing connections
---/snip---
smb.conf
---snip---
###########################################################################
#
# /etc/smb.conf
#
###########################################################################
[global]
#
# Basic Server Settings
#
netbios name = linux
workgroup = paritaet-th
server string = Paritaet Thueringen Srv (PDC %v)
#
# PDC and master browser settings
#
os level = 250
wins support = yes
local master = yes
preferred master = yes
domain master = yes
name resolve order = wins host bcast
#
# LDAP
#
ldap suffix = dc=paritaet-th,dc=de
ldap admin dn = cn=Manager,dc=paritaet-th,dc=de
passdb backend = ldapsam:ldap://127.0.0.1/
ldap group suffix = ou=groups
ldap user suffix = ou=users
ldap machine suffix = ou=computers
ldap ssl = off
ldap delete dn = Yes
add machine script = /usr/local/sbin/smbldap-useradd -w "%U"
add user script = /usr/local/sbin/smbldap-useradd -m "%U"
#delete user script = /usr/local/sbin/smbldap-userdel "%U"
add machine script = /usr/local/sbin/smbldap-useradd -w "%U"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%U" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%U"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%U"
#
# Security
#
security = user
encrypt passwords = yes
domain logons = yes
hosts allow = 127.0.0.1 172.30.0.0/255.255.0.0 172.29.0.0/255.255.0.0
#
# Log
#
syslog = 0
log level = 2
# log file = /var/log/samba/log
log file = /var/log/samba/log.%m
max log size = 100
#
# Password
#
unix password sync = yes
min password length = 4
passwd program = /usr/local/sbin/smbldap-passwd.pl %U
passwd chat = *password* %n\n *password* %n\n *uccessfull*
#
# User Profiles and home directory
#
logon home = \\linux\%U
logon drive = W:
logon script = netlogon.bat
#
# General Printer
#
load printers = yes
printing = cups
printcap = cups
printer admin = @smbadmin
#
# Server Options
#
time server = yes
map archive = no
map hidden = no
map system = no
#
# Char Set
#
Dos charset = 850
Unix charset = ISO8859-1
###########################################################################
#
# Special Shares (home netlogon printers)
#
###########################################################################
---/snip---
-----------------------------------------------------------------------------------------------
Jörg Junge
IT-Koordinator
Paritätischer Wohlfahrtsverband
Landesverband Thüringen e.V.
Bergstr. 11
99192 Neudietendorf
Deutschland
Tel : +49 36202 26 204
Fax: +49 36202 26 234
http://www.paritaet-th.de
More information about the samba
mailing list