[Samba] Re: Unable to authenticate against an OS/2 PDC

[Olivier Eymere]

Jeremy Allison wrote:

> On Wed, Jun 01, 2005 at 04:48:17PM -0700, Olivier Eymere wrote:
>> 
>> I also have a iptrace of an OS/2 client - OS/2 PDC login that is
>> successful
>> and the Session Setup AndX Request does specify a user in the request.  I
>> can provide the iptraces and smb.conf files if needed.  Has anyone tried
>> to
>> configure Samba to use an OS/2 PDC for authentication?  Is it possible?
> 
> Currenly only under security=server mode I believe. OS/2 does have it's
> own RAP methods of doing domain logons I think but Samba doesn't currently
> support them from smbd. It could be added, but it's not a high priority
> right now.

Does that mean that logons should be possible with security=server mode?  I
can attest that security=domain does not work at all.  It was when I had
set security to server that I was able to get some semblance of a
coversation between Samba and the OS/2 server.  However, the Session Setup
AndX request is made with an empty Account field.  To that the OS/2 domain
controller responds with an access denied error and that is the end of it.

If it is possible using security=server mode does anyone have an idea of how
Samba needs to be configured?  This is what I have in smb.conf that is
relevant to this issue:
[global]
workgroup = MYWG
netbios name = SMBSRV
security = server
password server = PDC
preferred master = no
domain master = no
domain logons = no
encrypt passwords = yes

[netlogon]
comment = "NT Domain netlogon commands"
path = /opt/samba/netlogon
writeable = no
guest ok = no
share modes = no

[profiles]
comment = "User profiles"
path = /opt/samba/profiles
browseable = no
writeable=yes