[Samba] weird winbind problem
Paolo Negri
p_negri at modiano.com
Wed Mar 22 11:04:37 GMT 2006
I'm setting up a samba server that should authenticate against a samba
3.0 +Ldap PDC server.
This is the situation
1) getenet passwd and getent group are ok
2) wbinfo -t -> checking the trust secret via RPC calls succeeded
3) wbinfo -g -> lists all the groups on PDC (nice!)
4) wbinfo -u -> lists all the users on PDC (nice again!)
the problem is wbinfo -a
test 1: a non existing user
---------------------------
wbinfo -a fakeuser%fakepwd
error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
error messsage was: No such user
Could not authenticate user fakeuser%fakepwd with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
error messsage was: No such user
Could not authenticate user fakeuser with challenge/response
so this is ok
test 2: existing user with wrong password
-----------------------------------------
wbinfo -a realuser%fakepwd
plaintext password authentication failed
error code was NT_STATUS_WRONG_PASSWORD (0xc000006a)
error messsage was: Wrong Password
Could not authenticate user realuser%fakepwd with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_WRONG_PASSWORD (0xc000006a)
error messsage was: Wrong Password
Could not authenticate user realuser with challenge/response
If I do this test multiple times the account gets correctly locked
this is ok
test 3: existing user with real password
----------------------------------------
wbinfo -a realuser%realpwd
plaintext password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user realuser%realpwd with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user realuser with challenge/response
What's wrong?
I'm using OpenSuSE 10.0
samba-3.0.21c-9.1.8
samba-client-3.0.21c-9.1.8
samba-winbind-3.0.21c-9.1.8
my smb.conf
[global]
workgroup = MYDOMAIN
netbios name = MYSERVER
wins server = MY.PDC.IP.NUMBER
winbind separator = +
map to guest = Bad User
include = /etc/samba/dhcp.conf
winbind use default domain = yes
auth methods = guest winbind
log level = 3 passdb:5 auth:10 winbind:5
security = domain
Thanks
Paolo
More information about the samba
mailing list