[Samba] secure channel & ntlmssp in 3.0.21b
werner maes
werner.maes at cc.kuleuven.be
Wed Feb 1 11:39:21 GMT 2006
hello
Apparently something seems to be changed since 3.0.20b.
I have two servers: one domain PDC and one domain member server
On both servers I had set
server schannel = No
client schannel = No
I installed 3.0.21b and I could no longer make connections to shares
defined on the domain member server
When I tried to add another server to the domain I got this error
[root at ls-cc3-tst samba]# net rpc join -S domPDC -U root
Password:
[2006/02/01 12:27:06, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
cli_rpc_pipe_open_schannel: failed to get schannel session key
from server yyyyyy for domain xxxxxx
[2006/02/01 12:27:06, 0] utils/net_rpc_join.c:net_rpc_join_ok(61)
Error connecting to NETLOGON pipe. Error was
NT_STATUS_INVALID_NETWORK_RESPONSE
Unable to join domain xxxxxxx.
[root at ls-cc3-tst samba]#
After uncommenting the options "server schannel & client schannel" on
both servers, it worked fine
[root at ls-cc3-tst samba]# net rpc join -S domPDC -U root
Password:
Joined domain xxxxxx.
==> the secret keys appeart in /etc/samba/schannel_store.tdb
So something is still not ok in libsmb/ntlmssp.c ??
kind regards
werner
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
More information about the samba
mailing list