[Samba] [SOLVED] Re: Active Directory authentication no longer works

Gerald (Jerry) Carter jerry at samba.org
Tue May 22 21:58:36 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dan O'Brien wrote:

> After days of banging my head against my desk we've managed 
> to find the cause of the issue.  The problem was in the group policy
> on the domain controllers, under
> "Default Domain Controller Security Settings" -> Local Policies ->
> Security Options":
>
> Allow anonymous SID/Name translation:  Was set to disabled
> Do not allow anonymous enumeration of SAM accounts and Shares: 
> Was Enabled
> 
> once we changed these (and disabled the "No Override" bit 
> on the default domain policy). Everything started working again.

That's only masking the connection problem between Samba
and the DC I'm afraid.  I would love to see the network
traces of the failures from pam_winbind.





cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGU2eMIR7qMdg1EfYRAnVFAJ0ZjyUr/7ilri1zXcRSOSFfi1vzWACfUS/U
oKaQfRYPdzXyiJAWs1oamHU=
=73p1
-----END PGP SIGNATURE-----


More information about the samba mailing list