[Samba] secure channel & ntlmssp in 3.0.21b

werner maes werner.maes at cc.kuleuven.be
Wed Feb 1 11:39:21 GMT 2006


	hello

Apparently something seems to be changed since 3.0.20b.
I have two servers: one domain PDC and one domain member server

On both servers I had set
server schannel = No
client schannel = No

I installed 3.0.21b and I could no longer make connections to shares 
defined on the domain member server

When I tried to add another server to the domain I got this error

[root at ls-cc3-tst samba]# net rpc join -S domPDC -U root
Password:
[2006/02/01 12:27:06, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
   cli_rpc_pipe_open_schannel: failed to get schannel session key 
from server yyyyyy for domain xxxxxx
[2006/02/01 12:27:06, 0] utils/net_rpc_join.c:net_rpc_join_ok(61)
   Error connecting to NETLOGON pipe. Error was 
NT_STATUS_INVALID_NETWORK_RESPONSE
Unable to join domain xxxxxxx.
[root at ls-cc3-tst samba]#

After uncommenting the options "server schannel & client schannel" on 
both servers, it worked fine

[root at ls-cc3-tst samba]# net rpc join -S domPDC -U root
Password:
Joined domain xxxxxx.
  ==> the secret keys appeart in /etc/samba/schannel_store.tdb

So something is still not ok in libsmb/ntlmssp.c ??

kind regards

werner


Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm



More information about the samba mailing list