[Samba] AD users and non-AD samba servers

Jiann-Ming Su sujiannming at gmail.com
Thu Sep 8 21:07:00 GMT 2005

I'm having a problem where users logged into an Active Directory
domain cannot access standalone Samba shares.  I get the following in
the log files when using security=user:

  [2005/09/06 18:09:12, 0] passdb/pampass.c:smb_pam_passcheck(827)
  smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User some_ad_user !

And the following when using security=server:

  [2005/09/08 16:22:59, 1] auth/auth_server.c:check_smbserver_security(363)
  password server MY.PASSWORD.SERVER rejected the password

If I try connecting to the samba server from a non-AD computer
(Windows or using smbclient), it works fine.  Is there something about
logging into an AD domain that's preventing users from authenticating
to a standalone samba server?
Jiann-Ming Su
"I have to decide between two equally frightening options. 
 If I wanted to do that, I'd vote." --Duckman

More information about the samba mailing list