[Samba] Can't access Samba server with NetBIOS Name but OK with IP

[Martin Zielinski]

Hi,

I suspect, that you're AD connection fails (by whatever reason).

If you are using the IP address the client falls back to NTLM 
authentication.

The reason is, that the client requests a ticket at the AD-Server for 
e.g. 10.1.2.3. This machine is not known on the AD-Server and replies 
with a "I don't have a ticket for this machine" to the client.

Then the client tries to use NTLM authentication with the Samba server 
and might succeed.
If the client receives a ticket - and the ticket verification fails, the 
client says "access denied".

~ Martin

Yujie Liang wrote:
> Hi, folks
> 
> I installed samba 3.0.21b-2 with winbind on a Fedora 5 server. I edited 5 files (show below) and join Windows AD by "net join ADS" command.
> 
> It worked in the first month. I could access to folders with appropriate permission. Then I found I couldn't access to the server by keying-in "\\smbservername". A pop-up Windows box say "Incorrect password or unknown user". I tried domain\domain-username, domain-username, userNo-in-getent-passwd but none of them worked. However, if I use its IP address such as \\10.10.10.2, it worked as normal. I check DNS record. They all exist in the DNS server. I even key in the DNS record in all hosts file. But no difference.
> 
> I also noticed one thing. When I use Windows XP I check the security tag of the folder shared on this FC5. I can see AD username, AD group name and everyone which stand for user, group and others. All check-boxed in front of these username, groupname and everyone are un-checked even if I can access the folders.
> 
> What did I do wrong? Shall I edit /etc/pam.d/login file as well? How?
> 
[...]


-- 
Martin Zielinski             mz at seh.de
Software Development
SEH Computertechnik GmbH     www.seh.de