[Samba] Server 2008 and Samba 3.0.25b

Alainna C. White alainna at pha.jhu.edu
Thu Mar 19 15:31:49 GMT 2009

Hi folks -

Not fifteen minutes after I sent this message, I've solved the problem.  
I've been fighting with this for a while now (over a year; I've been 
delaying Vista deployments because of this).   I never would've guessed 
that taking the RPC out of the net join command would fix it. 

But it did.

This is the fix (at least for me):
join the domain with, "net join -U administrator <domain>", not, "net 
join RPC -U administrator <domain>".

Thanks and sorry for the spam!


Alainna C. White wrote:
> Hi Folks -
> I'm experiencing a very strange problem with Server 2008 machines (for 
> all intents and purposes related to Samba, it's Vista) connecting to a 
> Samba Server.  The Samba machine is a RHEL4.6 machine running Samba 
> 3.0.25b.  I am joined to the mixed mode AD domain via the command "net 
> rpc join -U administrator <domain>".  I am not using winbind or 
> kerberos.  Or at least, I am not trying to.  The smb.conf file is at 
> the bottom of this email.  I've removed things like disallowed users 
> from the file to keep it brief.
> I have another samba machine with the very same OS and release, and it 
> works fine.
> When I try to connect to the Samba machine from the 2k8 machine using 
> the UNC path, I get a "network path not found" message.  Oddly, if I 
> use '\\ipaddress' it works just fine.
> I used Wireshark to look at the packets, and there is one glaring 
> difference between the working samba install and the non-working samba 
> install: in the Session Setup andX Request packet  (under the 
> "security blob") that the client sends to the samba server,  the 
> working one lists one mechtype: NTLMSSP.  The non-working one lists 
> three mechtypes: MS KRB5, KRB5, NTLMSSP, in that order.  The 
> non-working one has a krb5 ticket further down in the packet.
> Samba logs show an error:
> Failed to parse NTLMSSP packet, could not extract NTLMSSP command
> [2009/03/18 10:39:36, 1] libsmb/ntlmssp.c:ntlmssp_update(327)
> I don't think it should be able to parse the NTLMSSP packet, since it 
> isn't an NTLMSSP packet.  It's a KRB5 ticket.  At least, to the best 
> that I can understand
> I have tried copying the working SMB.CONF file to the non-working 
> host, and that didn't help at all.
> To me it seems like the client is requesting KRB5 authentication.  I'm 
> not good enough with network packets to see if the server requested 
> that type of session, but as far as I can tell it did not.
> Any help would be greatly appreciated.
> Thanks,
> Alainna
> --------SMB.CONF-----------
> [global]
> hosts allow = xxx.xxx.xxx.
> workgroup = dss
> security = domain
> password server = *
> encrypt passwords = yes
> wins support = no
> debug level = 1
> guest ok = no
> inherit permissions = yes
> username map = /etc/samba/smbusers
> -------------------------------------

Alainna C. White
Johns Hopkins University 
Physics & Astronomy, 3701 San Martin Drive, Baltimore MD  21218 
Voice: 410 516 4536 | Email: alainna at pha.jhu.edu

More information about the samba mailing list