[Samba] authenticating IIS 6.0 against samba?

Adam Williams awilliam at mdah.state.ms.us
Fri Sep 11 13:30:48 MDT 2009



Jeremy Allison wrote:
> On Fri, Sep 11, 2009 at 01:00:15PM -0500, Adam Williams wrote:
>   
>> I have a windows 2003 server joined to my domain.  I'd like to have IIS  
>> 6.0 on the 2k3 server authenticating against samba so that windows  
>> sharepoint services can be used.  I've tried getting NTLM authentication  
>> working following instructions at  
>> http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx?mfr=true 
>> but I'm not having hany luck.  I'm still getting access denied errors  
>> when trying to authenticate users in sharepoint services.  Has any one  
>> got this working, and if so, any tips?
>>     
>
> What version of Samba ? Post the debug logs ?
>
> Jeremy.
>   

3.2.14 on fedora 10 core x86_64.  When I go to http://sharepoint/ to 
load my sharepoint server, and put in my username and password, here's 
the debug log from /var/log/samba/log.sharepoint on my PDC.

[2009/09/11 14:23:52,  3] smbd/process.c:process_smb(1550)
  Transaction 28 of length 468 (0 toread)
[2009/09/11 14:23:52,  3] smbd/process.c:switch_message(1361)
  switch message SMBwriteX (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:23:52,  3] rpc_server/srv_pipe_hnd.c:free_pipe_context(519)
  free_pipe_context: destroying talloc pool of size 0
[2009/09/11 14:23:52,  3] rpc_server/srv_pipe.c:api_rpcTNP(2308)
  api_rpcTNP: rpc command: NETR_LOGONSAMLOGON
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] 
passdb/secrets.c:secrets_store_schannel_session_info(1216)
  secrets_store_schannel_session_info: stored schannel info with key 
SECRETS/SCHANNEL/SHAREPOINT
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] 
rpc_server/srv_netlog_nt.c:_netr_LogonSamLogon(928)
  SAM Logon (Network). Domain:[ADMIN].  User:[awilliam at ADMLPTP] 
Requested Domain:[ADMLPTP]
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] auth/auth.c:check_ntlm_password(220)
  check_ntlm_password:  Checking password for unmapped user 
[ADMLPTP]\[awilliam]@[ADMLPTP] with the new password interface
[2009/09/11 14:23:52,  3] auth/auth.c:check_ntlm_password(223)
  check_ntlm_password:  mapped user is: [ADMIN]\[awilliam]@[ADMLPTP]
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
  init_sam_from_ldap: Entry found for user: awilliam
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
  init_group_from_ldap: Entry found for group: 100
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2009/09/11 14:23:52,  2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
  init_group_from_ldap: Entry found for group: 100
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  3] auth/auth.c:check_ntlm_password(269)
  check_ntlm_password: sam authentication for user [awilliam] succeeded
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  2] auth/auth.c:check_ntlm_password(308)
  check_ntlm_password:  authentication for user [awilliam] -> [awilliam] 
-> [awilliam] succeeded
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/uid.c:push_conn_ctx(407)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53,  3] rpc_server/srv_pipe_hnd.c:free_pipe_context(519)
  free_pipe_context: destroying talloc pool of size 588
[2009/09/11 14:23:53,  3] smbd/pipes.c:reply_pipe_write_and_X(251)
  writeX-IPC pnum=778a nwritten=400
[2009/09/11 14:23:53,  3] smbd/process.c:process_smb(1550)
  Transaction 29 of length 63 (0 toread)
[2009/09/11 14:23:53,  3] smbd/process.c:switch_message(1361)
  switch message SMBreadX (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:23:53,  3] smbd/pipes.c:reply_pipe_read_and_X(301)
  readX-IPC pnum=778a min=1024 max=1024 nread=688
[2009/09/11 14:24:43,  3] smbd/process.c:process_smb(1550)
  Transaction 30 of length 45 (0 toread)
[2009/09/11 14:24:43,  3] smbd/process.c:switch_message(1361)
  switch message SMBclose (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:24:53,  3] smbd/process.c:process_smb(1550)
  Transaction 31 of length 43 (0 toread)
[2009/09/11 14:24:53,  3] smbd/process.c:switch_message(1361)
  switch message SMBulogoffX (pid 23751) conn 0x0
[2009/09/11 14:24:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53,  3] smbd/reply.c:reply_ulogoffX(1949)
  ulogoffX vuid=100
[2009/09/11 14:24:53,  3] smbd/process.c:process_smb(1550)
  Transaction 32 of length 39 (0 toread)
[2009/09/11 14:24:53,  3] smbd/process.c:switch_message(1361)
  switch message SMBtdis (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:24:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53,  3] smbd/service.c:close_cnum(1405)
  sharepoint (::ffff:10.8.3.124) closed connection to service IPC$
[2009/09/11 14:24:53,  3] smbd/connection.c:yield_connection(31)
  Yielding connection to IPC$
[2009/09/11 14:24:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53,  3] smbd/process.c:smbd_process(2036)
  receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting
[2009/09/11 14:24:53,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53,  3] smbd/connection.c:yield_connection(31)
  Yielding connection to
[2009/09/11 14:24:53,  3] smbd/server.c:exit_server_common(953)
  Server exit (normal exit)








More information about the samba mailing list