[Samba] Auth issues in 3.0.25
Matt Baker
m at wheres.co.uk
Thu May 17 12:47:30 GMT 2007
Hi All,
since an upgrade from 3.0.24 to 3.0.25 on 2 separate sun solaris
(v3.8,v3.9) boxes I have experienced an inability to authenticate.
$ smbclient -L //serverbox -U username
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
My global config is as follows:
workgroup = WORKGROUP
server string = SERVERBOX Samba Server
security = SERVER
obey pam restrictions = Yes
password server = roundrobindnsof.adboxes.com
pam password change = Yes
restrict anonymous = 1
log file = /usr/local/packages/samba/var/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = No
dns proxy = No
wins server = xxx.xxx.xxx.xxx
hosts allow = xxx.xxx.xxx., 127.
In my log (debug=9) I have this:
[2007/05/16 16:58:52, 5] auth/auth_util.c:make_user_info_map(161)
make_user_info_map: Mapping user [WORKGROUP]\[username] from
workstation [CLIENTBOX]
[2007/05/16 16:58:52, 5] auth/auth_util.c:make_user_info(75)
attempting to make a user_info for username (username)
[2007/05/16 16:58:52, 5] auth/auth_util.c:make_user_info(85)
making strings for username's user_info struct
[2007/05/16 16:58:52, 5] auth/auth_util.c:make_user_info(117)
making blobs for username's user_info struct
[2007/05/16 16:58:52, 3] auth/auth.c:check_ntlm_password(221)
check_ntlm_password: Checking password for unmapped user
[WORKGROUP]\[username]@[CLIENTBOX] with the new password interface
[2007/05/16 16:58:52, 3] auth/auth.c:check_ntlm_password(224)
check_ntlm_password: mapped user is: [SERVERBOX]\[username]@[CLIENTBOX]
[2007/05/16 16:58:52, 5] lib/util.c:dump_data(2261)
[000] 40 25 4A 1F 8B 8B 8E 9F @%J.....
[2007/05/16 16:58:52, 8] lib/util.c:is_myname(2073)
is_myname("SERVERBOX") returns 1
[2007/05/16 16:58:52, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2007/05/16 16:58:52, 3] smbd/uid.c:push_conn_ctx(350)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2007/05/16 16:58:52, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2007/05/16 16:58:52, 5] auth/auth_util.c:debug_nt_user_token(448)
NT user token: (NULL)
[2007/05/16 16:58:52, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2007/05/16 16:58:52, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(585)
getsmbfilepwent: end of file reached.
[2007/05/16 16:58:52, 7] passdb/pdb_smbpasswd.c:endsmbfilepwent(347)
endsmbfilepwent_internal: closed password file.
[2007/05/16 16:58:52, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2007/05/16 16:58:52, 3] auth/auth_sam.c:check_sam_security(281)
check_sam_security: Couldn't find user 'username' in passdb.
[2007/05/16 16:58:52, 5] auth/auth.c:check_ntlm_password(273)
check_ntlm_password: sam authentication for user [username] FAILED
with error NT_STATUS_NO_SUCH_USER
[2007/05/16 16:58:52, 8] lib/util.c:is_myname(2073)
is_myname("SERVERBOX") returns 1
[2007/05/16 16:58:52, 3] auth/auth_server.c:check_smbserver_security(240)
check_smbserver_security: Requested domain was for this machine.
[2007/05/16 16:58:52, 2] auth/auth.c:check_ntlm_password(319)
check_ntlm_password: Authentication for user [username] -> [username]
FAILED with error NT_STATUS_NO_SUCH_USER
[2007/05/16 16:58:52, 5] auth/auth_util.c:free_user_info(1991)
attempting to free (and zero) a user_info structure
[2007/05/16 16:58:52, 3] smbd/error.c:error_packet_set(106)
error packet at smbd/sesssetup.c(105) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
In the working version of 3.0.24 I can see that at the same point of
mapping the user, the log indicates that all further steps are passed to
trying to find the ad server, connecting, verifying the user etc... It
doesn't use check_ntlm_password.
Any advice would be very welcome,
Thanks,
Matt
More information about the samba
mailing list