[Samba] Subsequent Authentication Failures
Markus Iturriaga Woelfel
miturria at cs.utk.edu
Wed Jun 27 18:54:45 GMT 2007
Hi all - I couldn't find an answer to this problem, so maybe someone
out there can help me. I'd definitely appreciate it.
I've been running a domain using a Samba PDC for quite a while now
and this appears to be a new problem. The PDC uses LDAP as the
backend and that has worked fine; the version is 3.0.25a. I have a
number of Samba servers that are members of this domain, also running
3.0.25a. The domain name is CSSMB. Here is the problem which has just
recently appeared. I'm guessing something has changed:
Say, I have a server set up like this:
; Tuning Parameters
socket options = TCP_NODELAY IPTOS_LOWDELAY
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
workgroup = CSSMB
os level = 33
log level = 2
security = domain
password server = *
comment = Images
path = /export/unused5/images
browseable = yes
read only = no
valid users = "CSSMB\miturria"
After I start the samba server I can authenticate just fine.
# smbclient -W CSSMB -U miturria \\\\anhur\\images
Domain=[CSSMB] OS=[Unix] Server=[Samba 3.0.25a]
However if I log out, any subsequent authentications just fail. The
log on "anhur" shows:
[2007/06/27 14:50:41, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [miturria] ->
[miturria] FAILED with error NT_STATUS_NO_SUCH_USER
However, on the domain controller "thoth"
[2007/06/27 14:50:41, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [miturria] ->
[miturria] -> [miturria] succeeded
Any ideas what's going on? I've removed anhur from the domain and
removed it's machine account and re-added it. That didn't seem to
help. If I restart Samba on anhur, it authenticates fine once and
then no more. This happens whether I specify "valid users = miturria"
or "valid users = CSSMB\miturria".
User "miturria" (me) works fine in Linux itself using pam_ldap on
both client and domain controller.
Any hints would be appreciated.
Markus A. Iturriaga Woelfel, SysAdmin
Department of Computer Science
University of Tennessee, Knoxville
miturria at cs.utk.edu / (865) 974-3837
More information about the samba