[Samba] Could not authenticate user user%password with plaintext password

Dale Schroeder dale at BriannasSaladDressing.com
Fri Dec 22 14:36:21 GMT 2006


There are numerous steps and possibilties, so it's hard to know where to 
start.  First, if you're going to use "valid users", make sure you're 
using Samba version 3.0.23c or 3.0.23d.  Second, since you're using 
winbind, you might have better luck with *valid users = @"CAD+Domain 
Users"*.  Two good how-to's for winbind setup and ADS membership are  
at http://www.enterprisenetworkingplanet.com/netos/article.php/3487081 
and 
http://www.enterprisenetworkingplanet.com/netos/article.php/10951_3502441_1 
.  They worked well for me.  Windows 2003 may not be exactly the same, 
but should be similar.

Good luck,
Dale

M Azer wrote:
> Hello,
>
> I am new to samba however i am trying configure samba to attach to 
> 2003 AD
> as ADS which worked ok however i am getting this error message:
> [root at linux user]# wbinfo -a user%password
> plaintext password authentication failed
> error code was NT_STATUS_ACCESS_DENIED (0xc0000022)
> error messsage was: Access denied
> Could not authenticate user user%password with plaintext password
> challenge/response password authentication succeeded
>
> I am able to run wbinfo -g and wbinfo -u and from windows xp client 
> machine
> i am able to browse the network and see the samba server but  its not
> accessible. you might not have permission error.
> my smb.conf is
> [global]
>        workgroup = CAD
>        security = ADS
>        realm = CAD.TESTDOMAIN
>        client use spnego = no
>        server signing = auto
>        netbios name = linux
>        winbind use default domain = yes
>        winbind separator = +
>       encrypt passwords = yes
>        log level = 3
>        log file = /var/log/samba/%m
>        max log size = 50
>
>        password server = VDC2.CAD.TESTDOMAIN
>        template shell = /bin/bash
> [test]
>        comment = Test Share using Active Directory
>        path = /data
>        valid users = @"VDC2\Users"
>        writeable = yes
>        browseable = yes


More information about the samba mailing list