[Samba] Samba & Vista
Steve Blackwell
zephod at cfl.rr.com
Sun Aug 3 17:38:41 GMT 2008
> I'm trying to use smbclient to look at a Vista box but I keep getting:
>
> # smbclient -L user-pc -U Kellie
> Password: <Kellie's password>
> session setup failed: NT_STATUS_LOGON_FAILURE
>
> I know the user/password combination is good.
I spent most of yesterday searching the web for more information. Now,
I have used wireshark to look at the traffic between my Linux and Vista
boxes.
First I see a "Negotiate Protocol Request" message from the Linux box
to the Vista box which replies with a "Negotiate Protocol Response".
Then I see 3 messages which seem to correspond to the type 1, type 2
and type 3 messages of the NTLM authentication protocol as described
here.
http://davenport.sourceforge.net/ntlm.html#getNTLMv2Response
I can see in the type 1 message, listed as
"Session Setup AndX Request, NTLMSSP_NEGOTIATE"
that the flag is set that Samba says it can use NTLMv2 - Negotiate
NTLN2 key - Set.
In the type 2 message back from the Vista box, listed as
"Session Setup AndX Response, NTLMSSP_CHALLENGE, Error:
STATUS_MORE_PROCESSING_REQUIRED",
the same flag is set. I take this to mean that box boxes have agreed to
use NTLMv2.
In the type 3 message, listed as
"Session Setup AndX Request, NTLMSSP_Auth, User: WORKGRPUP/Kellie",
I can see that Samba is sending the correct workgroup as DOMAIN NAME,
the correct host and the correct user.
Is there some place on the Vista box where I can see the login
attempts and get some clue as to why it sends out a final message of
"Session Setup AndX Response, Error: STATUS_LOGON FAILURE"?
Thanks,
Steve
More information about the samba
mailing list