[Samba] Problem with domain membership

Jochen Witte devnull at alpha-lab.net
Tue Mar 22 21:18:07 GMT 2005


OKOK no attachements here. On the PDC side I get:

---snip---

account_policy_get: password history:0
pdb_set_user_sid: setting user sid
S-1-5-21-1790986081-3911417905-1778689532-132098
pdb_set_user_sid_from_rid:
  setting user sid S-1-5-21-1790986081-3911417905-1778689532-132098 from
rid 132098
pdb_set_group_sid: setting group sid
S-1-5-21-1790986081-3911417905-1778689532-61001
pdb_set_group_sid_from_rid:
  setting group sid S-1-5-21-1790986081-3911417905-1778689532-61001 from
rid 61001
pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0
[000] 4A 8C 6C 14 69 D1 72 B8  46 71 33 55 75 F8 01 C3  J.l.i.r.
Fq3Uu...
cred_session_key
  clnt_chal: E166CA9056B37776
  srv_chal : 5EC8E922D299E1CE
  clnt+srv : 3F2FB4B3284D5945
  sess_key : 629F7453EFF68A4B
cred_create
  sess_key : 629F7453EFF68A4B
  stor_cred: E166CA9056B37776
  timestamp: 0
  timecred : E166CA9056B37776
  calc_cred: FE38AA70FD16006A
cred_assert
  challenge : 4C87E9631DF688E5
  calculated: FE38AA70FD16006A
credentials check wrong
000000 net_io_r_auth_2
    000000 smb_io_chal
        0000 data: c8 d8 ff bf 3b 5f 0e 08
    000008 net_io_neg_flags
        0008 neg_flags: 400001ff
    000c status: NT_STATUS_ACCESS_DENIED
api_rpcTNP: called NETLOGON successfully
free_pipe_context: destroying talloc pool of size 78
write_to_pipe: data_used = 140
read_from_pipe: 712c name: NETLOGON len: 156
read_from_pipe: NETLOGON: fault_state = 0 : data_sent_length = 0,
prs_offset(&p->out_data.rdata) = 16.
---snip---

Am Dienstag, den 22.03.2005, 22:07 +0100 schrieb Jochen Witte:
> Attached are the logs with the according log-level.
> 
> ---snip---
> doing parameter workgroup = <DOMAINNAME>
> doing parameter netbios name = HAL
>     000018 smb_io_chal 
>         0018 data: c8 d8 ff bf 3b 5f 0e 08 
>     000020 net_io_neg_flags 
>         0020 neg_flags: 400001ff
>     0024 status: NT_STATUS_ACCESS_DENIED
> cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
> cli_nt_setup_creds: auth2 challenge failed
> connect_to_domain_password_server: unable to setup the PDC credentials
> to machine <PDCHOST>. Ewrite_socket(19,45)
> ---snip---
> 
> Do I have a wrong secrets.tdb ? I deleted it completely and then joined
> the domain again (after removing the machine account in my ldap server).
> 
> Am Dienstag, den 22.03.2005, 05:07 -0600 schrieb Gerald (Jerry) Carter:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Jochen Witte wrote:
> > | One update: when trying security=server
> > | on the fileserver side, I can log on
> > | to the fileserver. But i do not want
> > | security=server! Any hints out there?
> > 
> > You need to look at a level 10 log on the server
> > (and set 'debug timestamp = no' for high debug logs).
> > There's not enough information here to really offer
> > sound advice.
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > cheers, jerry
> > =====================================================================
> > Alleviating the pain of Windows(tm)      ------- http://www.samba.org
> > GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
> > "I never saved anything for the swim back."     Ethan Hawk in Gattaca
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.2.5 (GNU/Linux)
> > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
> > 
> > iD8DBQFCP/xZIR7qMdg1EfYRAsfVAJ9GqO/9UVgJpgTJmHdODPU+YO2x6gCg3bHl
> > STOznlGLrgKRJuZGUFH0h/E=
> > =Je16
> > -----END PGP SIGNATURE-----
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
Jochen Witte <devnull at alpha-lab.net>



More information about the samba mailing list