[Samba] NT_STATUS_LOGON_FAILURE with ldap backend
awilliam at mdah.state.ms.us
Tue Feb 26 18:41:18 GMT 2008
did you run smbldap-populate? even with a user in ldap, that is for
their posix (linux shell) account. you will still need to run smbpasswd
-a user to add their samba NT and LM hashes and samba SID info to ldap.
Luca Ferrari wrote:
> On Monday 25 February 2008 Luca Ferrari's cat, walking on the keyboard, wrote:
>> Hi all,
>> I've configured my samba server to work with my ldap backend, the
>> configuration of ldap is correct and in fact my users can interactively
>> login. The problem is with samba, that is always returning a
>> NT_STATUS_LOGON_FAILURE when a user tries to access a share. I'm in doubt
>> if I have to add ldap accounts through the ldap-tools of samba or not, at
>> the moment I did not add any account to samba (thinking it should read them
>> from the ldap server directly). In the logs I'm not able to find anything
>> useful, does anyone have any clue?
> I found that the server is connecting right to the ldap server:
> [2008/02/26 17:06:45, 3] lib/smbldap.c:smbldap_connect_system(997)
> ldap_connect_system: succesful connection to the LDAP server
> but that the user trying to authenticate does not exists:
> [2008/02/26 17:06:45, 3] auth/auth_sam.c:check_sam_security(281)
> check_sam_security: Couldn't find user 'luca' in passdb.
> [2008/02/26 17:06:45, 5] auth/auth.c:check_ntlm_password(273)
> check_ntlm_password: sam authentication for user [luca] FAILED with error
> The problem is that if I try to create the user with the smbldap-useradd I got
> the error:
> Error looking for next uid at /usr/share/perl5/smbldap_tools.pm line 1044.
> Now, two questions:
> 1) why do I have to add accounts to samba if it should get them from the ldap
> 2) how to solve the problem of the smbldap-useradd?
More information about the samba