[Samba] Authentication problem

Nicolas Camacho nicolas.y.camacho at gmail.com
Mon Feb 25 10:36:39 GMT 2008 

Hi all,

We have a PDC with Samba 3.0.22-13.16 with an LDAP server working fine with
no problem.
We also have a BDC on a remote office and some workstation just cannot log
into the domain. The only solution is to delete machine from domain, reboot,
and join the domain again.
We have a message into samba log : _net_auth2: creds_server_check failed.
Rejecting auth request from client.
Has anyone ever experienced it ?
Think this could become from the password server or ldap backend but not
sure.
Here my smb.conf

Thanks for your answers
-------------- next part --------------
# Global parameters
[global]
	admin users = root
	netbios name = stpc07
	interfaces = eth2
	workgroup = DOMAIN
	server string = Serveur PDC Chomarat GNU/Linux
	ldap passwd sync = Yes
	passdb backend = ldapsam:ldap://127.0.0.1
	ldap admin dn = cn=admin,dc=chomarat,dc=lan
	ldap suffix = dc=chomarat,dc=lan
	ldap group suffix = ou=Groups
	ldap user suffix = ou=Users
	ldap machine suffix = ou=Machines
	ldap delete dn = Yes
	wins support = Yes
	name resolve order = lmhosts host wins bcast
	time server = Yes
	add user script = /usr/sbin/useradd -s /bin/false -M %u
	add group script = /usr/sbin/groupadd '%g'
	add user to group script = /usr/sbin/usermod -G `/usr/bin/id -G '%U' | /bin/sed 's/ /,/g'`,'%g' '%U'
	add machine script = /usr/sbin/useradd -s /bin/false -M %u
	logon script = %U.bat
        logon path =
	domain logons = Yes
	os level = 340000
	lm announce = Yes
	preferred master = Yes
	domain master = Yes
	local master = Yes
	dns proxy = No
	security=user
	ldap ssl = no
	panic action = "/usr/share/samba/panic-action"
	create mask = 0777
	directory mask = 0777
	log level = 1
	nt acl support = Yes
	guest ok = no

 
#Repertoires

[netlogon]
	comment = Fichiers Scripts de Login
	path = /home/netlogon
	browseable = no
	read only = Yes
	write list = erival, Administrateur

[log]
	comment = Repertoire de log
	path = /home/log
	browseable = no
	read only = No
	guest ok = yes
-------------- next part --------------
[global]
# Nom du domaine
workgroup = DOMAIN
netbios name = Sctc01
server string = Serveur Samba Tunisie
nt acl support = Yes
security = user
domain master = no
domain logons = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = /
logon path =
logon home =
logon script = %U.bat
password server = 10.1.0.41
passdb backend=ldapsam:"ldap://10.1.0.41 ldap://10.6.0.41"
ldap admin dn = cn=admin,dc=chomarat,dc=lan
        ldap suffix = dc=chomarat,dc=lan
        ldap group suffix = ou=Groups
        ldap user suffix = ou=Users
        ldap machine suffix = ou=Machines

create mask = 0777
directory mask = 0777

wins server = 10.1.0.41
load printers = yes
printing = cups

[netlogon]
        comment = Fichiers Scripts de Login
        path = /home/netlogon
        browseable = no
        read only = Yes
        write list = erival, frjaune, Administrateur

More information about the samba mailing list