[Samba] Authentication problem
Nicolas Camacho
nicolas.y.camacho at gmail.com
Mon Feb 25 10:36:39 GMT 2008
Hi all,
We have a PDC with Samba 3.0.22-13.16 with an LDAP server working fine with
no problem.
We also have a BDC on a remote office and some workstation just cannot log
into the domain. The only solution is to delete machine from domain, reboot,
and join the domain again.
We have a message into samba log : _net_auth2: creds_server_check failed.
Rejecting auth request from client.
Has anyone ever experienced it ?
Think this could become from the password server or ldap backend but not
sure.
Here my smb.conf
Thanks for your answers
-------------- next part --------------
# Global parameters
[global]
admin users = root
netbios name = stpc07
interfaces = eth2
workgroup = DOMAIN
server string = Serveur PDC Chomarat GNU/Linux
ldap passwd sync = Yes
passdb backend = ldapsam:ldap://127.0.0.1
ldap admin dn = cn=admin,dc=chomarat,dc=lan
ldap suffix = dc=chomarat,dc=lan
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Machines
ldap delete dn = Yes
wins support = Yes
name resolve order = lmhosts host wins bcast
time server = Yes
add user script = /usr/sbin/useradd -s /bin/false -M %u
add group script = /usr/sbin/groupadd '%g'
add user to group script = /usr/sbin/usermod -G `/usr/bin/id -G '%U' | /bin/sed 's/ /,/g'`,'%g' '%U'
add machine script = /usr/sbin/useradd -s /bin/false -M %u
logon script = %U.bat
logon path =
domain logons = Yes
os level = 340000
lm announce = Yes
preferred master = Yes
domain master = Yes
local master = Yes
dns proxy = No
security=user
ldap ssl = no
panic action = "/usr/share/samba/panic-action"
create mask = 0777
directory mask = 0777
log level = 1
nt acl support = Yes
guest ok = no
#Repertoires
[netlogon]
comment = Fichiers Scripts de Login
path = /home/netlogon
browseable = no
read only = Yes
write list = erival, Administrateur
[log]
comment = Repertoire de log
path = /home/log
browseable = no
read only = No
guest ok = yes
-------------- next part --------------
[global]
# Nom du domaine
workgroup = DOMAIN
netbios name = Sctc01
server string = Serveur Samba Tunisie
nt acl support = Yes
security = user
domain master = no
domain logons = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = /
logon path =
logon home =
logon script = %U.bat
password server = 10.1.0.41
passdb backend=ldapsam:"ldap://10.1.0.41 ldap://10.6.0.41"
ldap admin dn = cn=admin,dc=chomarat,dc=lan
ldap suffix = dc=chomarat,dc=lan
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Machines
create mask = 0777
directory mask = 0777
wins server = 10.1.0.41
load printers = yes
printing = cups
[netlogon]
comment = Fichiers Scripts de Login
path = /home/netlogon
browseable = no
read only = Yes
write list = erival, frjaune, Administrateur
More information about the samba
mailing list