[Samba] authenticating IIS 6.0 against samba?
Adam Williams
awilliam at mdah.state.ms.us
Fri Sep 11 13:30:48 MDT 2009
Jeremy Allison wrote:
> On Fri, Sep 11, 2009 at 01:00:15PM -0500, Adam Williams wrote:
>
>> I have a windows 2003 server joined to my domain. I'd like to have IIS
>> 6.0 on the 2k3 server authenticating against samba so that windows
>> sharepoint services can be used. I've tried getting NTLM authentication
>> working following instructions at
>> http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx?mfr=true
>> but I'm not having hany luck. I'm still getting access denied errors
>> when trying to authenticate users in sharepoint services. Has any one
>> got this working, and if so, any tips?
>>
>
> What version of Samba ? Post the debug logs ?
>
> Jeremy.
>
3.2.14 on fedora 10 core x86_64. When I go to http://sharepoint/ to
load my sharepoint server, and put in my username and password, here's
the debug log from /var/log/samba/log.sharepoint on my PDC.
[2009/09/11 14:23:52, 3] smbd/process.c:process_smb(1550)
Transaction 28 of length 468 (0 toread)
[2009/09/11 14:23:52, 3] smbd/process.c:switch_message(1361)
switch message SMBwriteX (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:23:52, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(519)
free_pipe_context: destroying talloc pool of size 0
[2009/09/11 14:23:52, 3] rpc_server/srv_pipe.c:api_rpcTNP(2308)
api_rpcTNP: rpc command: NETR_LOGONSAMLOGON
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3]
passdb/secrets.c:secrets_store_schannel_session_info(1216)
secrets_store_schannel_session_info: stored schannel info with key
SECRETS/SCHANNEL/SHAREPOINT
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3]
rpc_server/srv_netlog_nt.c:_netr_LogonSamLogon(928)
SAM Logon (Network). Domain:[ADMIN]. User:[awilliam at ADMLPTP]
Requested Domain:[ADMLPTP]
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] auth/auth.c:check_ntlm_password(220)
check_ntlm_password: Checking password for unmapped user
[ADMLPTP]\[awilliam]@[ADMLPTP] with the new password interface
[2009/09/11 14:23:52, 3] auth/auth.c:check_ntlm_password(223)
check_ntlm_password: mapped user is: [ADMIN]\[awilliam]@[ADMLPTP]
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: awilliam
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 100
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2009/09/11 14:23:52, 2] passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group: 100
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:52, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:52, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 3] auth/auth.c:check_ntlm_password(269)
check_ntlm_password: sam authentication for user [awilliam] succeeded
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 2] auth/auth.c:check_ntlm_password(308)
check_ntlm_password: authentication for user [awilliam] -> [awilliam]
-> [awilliam] succeeded
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/uid.c:push_conn_ctx(407)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/09/11 14:23:53, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2009/09/11 14:23:53, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(519)
free_pipe_context: destroying talloc pool of size 588
[2009/09/11 14:23:53, 3] smbd/pipes.c:reply_pipe_write_and_X(251)
writeX-IPC pnum=778a nwritten=400
[2009/09/11 14:23:53, 3] smbd/process.c:process_smb(1550)
Transaction 29 of length 63 (0 toread)
[2009/09/11 14:23:53, 3] smbd/process.c:switch_message(1361)
switch message SMBreadX (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:23:53, 3] smbd/pipes.c:reply_pipe_read_and_X(301)
readX-IPC pnum=778a min=1024 max=1024 nread=688
[2009/09/11 14:24:43, 3] smbd/process.c:process_smb(1550)
Transaction 30 of length 45 (0 toread)
[2009/09/11 14:24:43, 3] smbd/process.c:switch_message(1361)
switch message SMBclose (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:24:53, 3] smbd/process.c:process_smb(1550)
Transaction 31 of length 43 (0 toread)
[2009/09/11 14:24:53, 3] smbd/process.c:switch_message(1361)
switch message SMBulogoffX (pid 23751) conn 0x0
[2009/09/11 14:24:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53, 3] smbd/reply.c:reply_ulogoffX(1949)
ulogoffX vuid=100
[2009/09/11 14:24:53, 3] smbd/process.c:process_smb(1550)
Transaction 32 of length 39 (0 toread)
[2009/09/11 14:24:53, 3] smbd/process.c:switch_message(1361)
switch message SMBtdis (pid 23751) conn 0x7ffee35d8850
[2009/09/11 14:24:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53, 3] smbd/service.c:close_cnum(1405)
sharepoint (::ffff:10.8.3.124) closed connection to service IPC$
[2009/09/11 14:24:53, 3] smbd/connection.c:yield_connection(31)
Yielding connection to IPC$
[2009/09/11 14:24:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53, 3] smbd/process.c:smbd_process(2036)
receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting
[2009/09/11 14:24:53, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/09/11 14:24:53, 3] smbd/connection.c:yield_connection(31)
Yielding connection to
[2009/09/11 14:24:53, 3] smbd/server.c:exit_server_common(953)
Server exit (normal exit)
More information about the samba
mailing list