[Samba] NT_STATUS_LOGON_FAILURE with ldap backend

Luca Ferrari fluca1978 at infinito.it
Tue Feb 26 16:13:03 GMT 2008

On Monday 25 February 2008 Luca Ferrari's cat, walking on the keyboard, wrote:
> Hi all,
> I've configured my samba server to work with my ldap backend, the
> configuration of ldap is correct and in fact my users can interactively
> login. The problem is with samba, that is always returning a
> NT_STATUS_LOGON_FAILURE when a user tries to access a share. I'm in doubt
> if I have to add ldap accounts through the ldap-tools of samba or not, at
> the moment I did not add any account to samba (thinking it should read them
> from the ldap server directly). In the logs I'm not able to find anything
> useful, does anyone have any clue?

I found that the server is connecting right to the ldap server:

[2008/02/26 17:06:45, 3] lib/smbldap.c:smbldap_connect_system(997)
  ldap_connect_system: succesful connection to the LDAP server

but that the user trying to authenticate does not exists:

[2008/02/26 17:06:45, 3] auth/auth_sam.c:check_sam_security(281)
  check_sam_security: Couldn't find user 'luca' in passdb.
[2008/02/26 17:06:45, 5] auth/auth.c:check_ntlm_password(273)
  check_ntlm_password: sam authentication for user [luca] FAILED with error 

The problem is that if I try to create the user with the smbldap-useradd I got 
the error:
Error looking for next uid at /usr/share/perl5/smbldap_tools.pm line 1044.

Now, two questions:
1) why do I have to add accounts to samba if it should get them from the ldap 
2) how to solve the problem of the smbldap-useradd?


More information about the samba mailing list