[Samba] member server can't authenticate users?

Henrik Hudson lists at rhavenn.net
Tue Aug 29 22:57:13 GMT 2006


Hey List-

I've got 2 samba servers.

PDC: FreeBSD 5.4; samba: 3.0.23   name: bugs
member server: FreeBSD 6-stable; samba: 3.0.23   name: daffy

note: config files are at the bottom of the email

The PDC was running an older version, but I just upgraded and it didn't fix 
the below issue. The member server was running fine with the old smb.conf 
file, but I rebuilt the server and now it doesn't work. Here is the problem:

the member server is dual-homed and firewalled. note: I did try totally 
disabling the firewall and this didn't help or change the error.

Using Konqueror and smb://daffy/  I can see the share I want to connect to, 
but it nevers lets me authenticate.

I did also do a net join  back into the domain and that worked fine.

on the member server I can do the following:
pw group show ecwusers   -> works fine
wbinfo -u  -> works fine
smbclient -L bugs -U username  -> works fine
smbclient -L daffy -U username -> get an error

error =  session setup failed: NT_STATUS_NO_LOGON_SERVERS

smbclient -d 3 -L daffy -U username   shows:

Client started (version 3.0.23b).
Connecting to 127.0.0.1 at port 445
Password: 
Doing spnego session setup (blob length=58)
got OID=1 3 6 1 4 1 311 2 2 10
got principal=NONE
Got challenge flags:
Got NTLMSSP neg_flags=0x60890215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60080215
SPNEGO login failed: No logon servers
session setup failed: NT_STATUS_NO_LOGON_SERVERS

The only error which repeats when I try and make a connection is in the 
log.wb-ECW file on daffyand it  shows:
[2006/08/29 17:30:47, 1] 
rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from remote machine bugs.int.ecreativeworks.com pipe \lsarpc fnum 
0x74eb!


PDC smb.conf:
# Global parameters
[global]
workgroup = ECW
netbios name = ECWSERVER
passdb backend = tdbsam:/usr/local/etc/samba/private/passwd.tdb
os level = 65
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
wins support = yes
#server string = Samba %v on %L
server string =
security = USER
encrypt passwords = yes 
disable spoolss = Yes
guest ok = no
follow symlinks = no
case sensitive = no
idmap uid = 15000-20000
idmap gid = 15000-20000
username map = //usr/local/etc/samba/smbusers

name resolve order = wins bcast hosts
time server = Yes

#printing options
printing = cups
printcap name = cups
load printers = yes
show add printer wizard = Yes
printer admin = @ecwadmins, at wheel

#user scripts
add user script = /usr/sbin/pw useradd -n %u -g 
ecwusers -s /usr/sbin/nologin -c ""
delete user script = /usr/sbin/pw userdel -n %u
add group script = /usr/sbin/pw groupadd -n %g
delete group script = /usr/sbin/pw groupdel -n %g
add user to group script = /usr/sbin/pw usermod -n %u -g %g
#add machine script = /usr/sbin/pw useradd -n %u -g 
100 -s /usr/sbin/nologin -d /dev/null

#user directories
logon home = \\%N\%U\
logon drive = H:

#roaming profiles
logon path =

#####SHARES BELOW
#######END PDC CONF

member server smb.conf:
# Global parameters
[global]
workgroup = ECW
netbios name = ECWTEST
#server string = Samba %v on %L
server string =
security = domain
password server = bugs.int.domainname.com
encrypt passwords = yes 
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind use default domain = yes
guest ok = no
follow symlinks = no
case sensitive = no

preferred master = no
domain master = no

bind interfaces only = yes
interfaces = fxp0 lo0



Henrik
-- 
Henrik Hudson
lists at rhavenn.net
------------------------------
"God, root, what is difference?" Pitr; UF (http://www.userfriendly.org/)


More information about the samba mailing list