[Samba] ADS-Member, smb-folder, password invalid on MS WinXP

Michael Roessler michroes at gmx.de
Tue Jun 24 08:26:05 GMT 2008

On Linux box in /var/log/messages:
Jun 24 09:43:46 svrde003 winbindd[19589]: [2008/06/24 09:43:46, 0] rpc_client/cli_netlogon.c:rpccli_netlogon_sam_network_logon(1029)
Jun 24 09:43:46 svrde003 winbindd[19589]:   rpccli_netlogon_sam_network_logon: credentials chain check failed

"wbinfo -u" or "-g" works, "getent passwd" is ok.
I can chown smb-folder "/srv/samba2" to user "DOMAIN/myname" and group "domain users".
On the samba machine I can login as "DOMAIN/myname" and can create a file in "/srv/samba2"

The Problem: I am logged in on a XP machine, try to map with "net use * \\smb-srv\samba2" and get the message "Password for \\smb-srv\samba2" is invalid"
Then XP is asking for the login details and I logged in as "myname" and password and  I got the message "System error 5", Access denied.

"kinit" works, but maybe there is something wrong with the tickets? The output:
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at MYDOMAIN.COM

Valid starting     Expires            Service principal
06/23/08 15:55:37  06/24/08 01:55:50  krbtgt/MYDOMAIN.COM at MYDOMAIN.COM
        renew until 06/24/08 15:55:37

Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger

More information about the samba mailing list