[Samba] windows 7 machine account fails to authenticate against samba PDC

graham graham8499 at ymail.com
Wed Feb 3 10:09:51 MST 2010

Hello all,

I've added my windows7 client to the domain (samba running as pdc), 
having applied the registry changes identified here 

Partial success - domain users can login and see shares etc, BUT:

1 - the registry settings in ntlogon/NTConfig.POL are not applied. Am I 
right in thinking that windows 7 ignores this policy?
And if so I therefore need to put the appropriate registry settings into 
a logon script?

2 - every time a domain user logs in to the windows7 host smbd reports 
an error:

[2010/02/02 19:07:51,  0] 
   _netr_ServerAuthenticate3: netlogon_creds_server_check failed. 
Rejecting auth request from client WIN7HOST machine account WIN7HOST$
[2010/02/02 19:07:52,  0] auth/auth_sam.c:355(check_sam_security)
   check_sam_security: make_server_info_sam() failed with 

This only occurs for the windows7 client (not XP clients).
What does this mean, is it a problem, and how do I fix it?!

3 - periodic errors reported by nmbd:
Packet send failed to ERRNO=Operation not permitted

That's the ipaddress of the windows7 client.
Actually, looking back in the logs I see this has occasionally happened 
for all but one of the xp clients too.
Again, what does this error mean, is it a problem, how would I fix it?

4 - windows7 client bombards the server on port 389 (ldap)
No idea why, no other (xp) clients do this. I'm guessing it /might/ be 
part of question 2 above ,ie. maybe the win7 client is trying to 
authenticate against ldap??

rgds all,

More information about the samba mailing list