[Samba] new user cannot logon to one computer in the domain
peter pilsl
pilsl at goldfisch.at
Wed Apr 1 11:37:57 GMT 2009
I run a NT-Domain with samba 3.0.28a and WinXP-Clients (SP3)
Everything is fine. But now I created a new user and this new user can logon to all machines in the Domain but one. On this machine the user gets the message "user cannot login. check username/password/domain and be aware that username/password are casesensitive" (I translated this from german)
Other users can login fine. I applied the sign-seal-regahck on this machine again and the "domain"-reghack, but it didnt help (see below for details)
In the log-files I dont see anything suspicious but from the logfiles it seems that the user is authenticated sucessfully:
check_ntlm_password: authentication for user [assistance] -> [assistance] -> [assistance] succeeded
The eventlog on XP also didnt reveal anything interesting (like it would when its the sign/seal-problem)
The full smb-log at LogLevel=3 can be found at:
http://www.goldfisch.at/temp/smb.log
the smb-log at LogLevel=15 (~400kb) can be found at:
http://www.goldfisch.at/temp/smb.level15.log
If posting any other log might help please let me know. I would do anything do solve this problem cause it drives me nuts not being able to logon a simple user in my small domain.
smb.conf :
---------------------------------------
[global]
interfaces = eth4 127.0.0.1
bind interfaces only = yes
workgroup = VOEV
netbios name = server
server string = xxxxxxx
wins support = yes
wins proxy = yes
dns proxy = no
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
hosts allow = 127.0.0.1/32 192.168.1.0/255.255.255.0
domain logons = yes
domain master = yes
preferred master = yes
logon path = \\%L\profiles\%U
logon drive = O:
logon home = \\%L\%U
logon script = startup.bat %U %G %h %m %L %M %R %d %a %I %i %T %D %w
time server = yes
......
-------------------------------------------------
and finally the reghack I applied (its standard procedure in this network - every machine gets it):
---------------------------------------
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"requiresignorseal"=dword:00000000
"signsecurechannel"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
"CompatibleRUPSecurity"=dword:00000001
---------------------------------------
any help appretiated !! thnx a lot !!
peter
More information about the samba
mailing list