[Samba] member server can't authenticate users?

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Wed Aug 30 14:51:26 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/29/2006 07:57 PM, Henrik Hudson escreveu:
> Hey List-

Hey there! :)


> I've got 2 samba servers.
> PDC: FreeBSD 5.4; samba: 3.0.23   name: bugs
> member server: FreeBSD 6-stable; samba: 3.0.23   name: daffy
> note: config files are at the bottom of the email
> The PDC was running an older version, but I just upgraded and it didn't fix 
> the below issue. The member server was running fine with the old smb.conf 
> file, but I rebuilt the server and now it doesn't work. Here is the problem:
> 
> the member server is dual-homed and firewalled. note: I did try totally 
> disabling the firewall and this didn't help or change the error.
> 
> Using Konqueror and smb://daffy/  I can see the share I want to connect to, 
> but it nevers lets me authenticate.
> 
> I did also do a net join  back into the domain and that worked fine.
> 
> on the member server I can do the following:
> pw group show ecwusers   -> works fine
> wbinfo -u  -> works fine
> smbclient -L bugs -U username  -> works fine
> smbclient -L daffy -U username -> get an error
> 
> error =  session setup failed: NT_STATUS_NO_LOGON_SERVERS
> 
> smbclient -d 3 -L daffy -U username   shows:
> 
> Client started (version 3.0.23b).
> Connecting to 127.0.0.1 at port 445
> Password: 
> Doing spnego session setup (blob length=58)
> got OID=1 3 6 1 4 1 311 2 2 10
> got principal=NONE
> Got challenge flags:
> Got NTLMSSP neg_flags=0x60890215
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x60080215
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x60080215
> SPNEGO login failed: No logon servers
> session setup failed: NT_STATUS_NO_LOGON_SERVERS
> 
> The only error which repeats when I try and make a connection is in the 
> log.wb-ECW file on daffyand it  shows:
> [2006/08/29 17:30:47, 1] 
> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
>   cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
> received from remote machine bugs.int.ecreativeworks.com pipe \lsarpc fnum 
> 0x74eb!
> 
> 
> PDC smb.conf:
> # Global parameters
> [global]
> netbios name = ECWSERVER
> passdb backend = tdbsam:/usr/local/etc/samba/private/passwd.tdb
[...]

> member server smb.conf:
> # Global parameters
> [global]
> workgroup = ECW
> netbios name = ECWTEST
> #server string = Samba %v on %L
> server string =
> security = domain
> password server = bugs.int.domainname.com

	If you use ECWSERVER here, instead of the bugs.int...,
does it works?

	From what I've seen, there are two very common cases for
that situation:

1) DNS (or name related problems)
2) ADS related problems (which certainly, is not the case :D).

> Henrik

	Kind regards,

- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFE9aXuCj65ZxU4gPQRAkrsAJ9uTZzsLyT9j0dsVD7XwIltWy4sJgCgzP9j
XxEDgDCogI2ubmpXbLHZ/Ew=
=z2ns
-----END PGP SIGNATURE-----


More information about the samba mailing list