[Samba] Cannot get logged in using Server=DOMAIN
Stephen Carville
effcee at heronforge.net
Tue Oct 11 15:37:57 GMT 2005
I have an FC3 intallation with samba-3.0.10-1. I cannot get it to accept
a login with server=DOMAIN. I can join the domain with no problem:
# net rpc join member -U scarville
passwd:
Joined domain TOTALFLOOD.
I can browse the shares:
$ smbclient -L amazon
added interface ip=192.168.124.230 bcast=192.168.124.255 nmask=255.255.255.0
Password:
Anonymous login successful
Domain=[TOTALFLOOD] OS=[Unix] Server=[Samba 3.0.10-1.fc3]
Sharename Type Comment
--------- ---- -------
netapps Disk Network Applications
common Disk Common Files
public Disk Public Files
IPC$ IPC IPC Service (Main File Server)
ADMIN$ IPC IPC Service (Main File Server)
Server Comment
--------- -------
AMAZON Main File Server
ATLANTIC DC-PDC
Workgroup Master
--------- -------
TOTALFLOOD ATLANTIC
but if I actually try to login with an NT username:
$ smbclient -v //amazon/common -U scarville -d 3
lp_load: refreshing parameters
Initialising global parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
added interface ip=192.168.124.232 bcast=192.168.124.255 nmask=255.255.255.0
Client started (version 3.0.10-1.fc2).
resolve_lmhosts: Attempting lmhosts lookup for name amazon<0x20>
resolve_wins: Attempting wins lookup for name amazon<0x20>
resolve_wins: WINS server resolution selected and no WINS servers listed.
resolve_hosts: Attempting host lookup for name amazon<0x20>
Connecting to 192.168.124.222 at port 445
Password:
Doing spnego session setup (blob length=58)
got OID=1 3 6 1 4 1 311 2 2 10
got principal=NONE
Got challenge flags:
Got NTLMSSP neg_flags=0x60890215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60080215
SPNEGO login failed: Logon failure
session setup failed: NT_STATUS_LOGON_FAILURE
My configuration lookslike:
$ testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netapps]"
Processing section "[common]"
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = TOTALFLOOD
server string = Main File Server
security = DOMAIN
username map = /etc/samba/smbusers
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
disable spoolss = Yes
preferred master = No
local master = No
domain master = No
dns proxy = No
ldap ssl = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell =
winbind use default domain = Yes
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No
[netapps]
comment = Network Applications
path = /export/netapps
force user = procman
force group = users
read only = No
[common]
comment = Common Files
path = /export/common
force group = users
read only = No
create mask = 0775
force create mode = 0664
directory mask = 0775
force directory mode = 0775
[public]
comment = Public Files
path = /export/public
force user = procman
force group = users
read only = No
create mask = 0774
In smbusers I have the line maping my NT username to my UNIX name:
stephen = scarville
My old samba 2.2 server on Redhat 7.2 is working OK but I'd like to
upgrade if possible.
--
Stephen Carville -- polluting the ranks of skeptics since 1995.
---------------------------------------------------------------
Government is actually the worst failure of civilized man. There has
never been a really good one, and even those that are most tolerable are
arbitrary, cruel, grasping and unintelligent.
-- H. L. Mencken
More information about the samba
mailing list