[Samba] Samba BDC + LDAP failing to authenticate users

David M Noriega davidmnoriega at gmail.com
Thu Jul 2 21:14:11 GMT 2009 

I have Samba 3.2.4 running on Solaris 10 from sunfreeware. From what I
can tell just recently happened to this server, which runs as a BDC +
LDAP. Previously I have been able to authenticate against it as well
as map drives from it. Though now it complains about no such user
exists, though they do.

here is the log entries, level 2

With correct password
[2009/07/02 12:21:33,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2009/07/02 12:21:33,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2009/07/02 12:21:33,  2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: user.name
[2009/07/02 12:21:33,  0] passdb/pdb_get_set.c:pdb_get_group_sid(210)
pdb_get_group_sid: Failed to find Unix account for user.name
[2009/07/02 12:21:33,  1] auth/auth_util.c:make_server_info_sam(562)
User user.name in passdb, but getpwnam() fails!
[2009/07/02 12:21:33,  0] auth/auth_sam.c:check_sam_security(355)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
[2009/07/02 12:21:33,  2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password:  Authentication for user [user.name] ->
[user.name] FAILED with error NT_STATUS_NO_SUCH_USER

with wrong password
[2009/07/02 12:22:40,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2009/07/02 12:22:40,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2009/07/02 12:22:40,  2] lib/smbldap.c:smbldap_open_connection(796)
smbldap_open_connection: connection opened
[2009/07/02 12:22:40,  2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: user.name
[2009/07/02 12:22:40,  0] passdb/pdb_get_set.c:pdb_get_group_sid(210)
pdb_get_group_sid: Failed to find Unix account for user.name
[2009/07/02 12:22:40,  2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password:  Authentication for user [user.name] ->
[user.name] FAILED with error NT_STATUS_WRONG_PASSWORD

smb.conf

[Global]
        workgroup = x.x.x
        netbios name = xxx
        server string = BDC %v
        passdb backend = ldapsam:ldap://x.x.x.x
        domain master = no
        domain logons = yes
        ldap suffix = dc=x,dc=x,dc=x
        ldap user suffix = ou=people
        ldap group suffix = ou=group
        ldap machine suffix = ou=machines
        ldap admin dn = cn=manager,dc=x,dc=x,dc=x
        encrypt passwords = yes
        enable privileges = yes
        log level = 0
        syslog = 0
        domain master = no
        wins support = no
        wins server = x.x.x.x
        ntlm auth = yes
        lanman auth = yes
        ldap ssl = start tls
        local master = yes
        os level = 33
        preferred master = yes

[gtest]
        path = /var/gtest
        browseable = yes
        writeable = yes
        create mask = 0777
        directory mask = 0777
        force group = "Domain Users"
        public = yes

Any ideas?
-- 
Personally, I liked the university. They gave us money and facilities,
we didn't have to produce anything! You've never been out of college!
You don't know what it's like out there! I've worked in the private
sector. They expect results. -Ray Ghostbusters

More information about the samba mailing list