[Samba] windows 7 machine account fails to authenticate against samba PDC

graham graham8499 at ymail.com
Fri Feb 5 10:45:02 MST 2010


a slight change in the log entries now, as below.
I don't know why (I don't think I've changed anything), but there is an 
extra log entry showing the host is in the passdb, but getpwnam() is 
failing.
However, the machine name is definitely in /etc/passwd.
Can anyone cast any light on this apparent inconsistency, or what I 
might do to diagnose the problem further?


[2010/02/05 17:19:16,  0] 
rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
   _netr_ServerAuthenticate3: netlogon_creds_server_check failed. 
Rejecting auth request from client WIN7HOST machine account WIN7HOST$
*[2010/02/05 17:19:23,  1] auth/auth_util.c:577(make_server_info_sam)
   User WIN7HOST$ in passdb, but getpwnam() fails!*
[2010/02/05 17:19:23,  0] auth/auth_sam.c:355(check_sam_security)
   check_sam_security: make_server_info_sam() failed with 
'NT_STATUS_NO_SUCH_USER'





graham wrote on 03/02/2010 17:09:
> Hello all,
>
> I've added my windows7 client to the domain (samba running as pdc),
> having applied the registry changes identified here
> (http://wiki.samba.org/index.php/Windows7).
>
> Partial success - domain users can login and see shares etc, BUT:
>
> 1 - the registry settings in ntlogon/NTConfig.POL are not applied. Am I
> right in thinking that windows 7 ignores this policy?
> And if so I therefore need to put the appropriate registry settings into
> a logon script?
>
>
> 2 - every time a domain user logs in to the windows7 host smbd reports
> an error:
>
> [2010/02/02 19:07:51, 0]
> rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
> _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting
> auth request from client WIN7HOST machine account WIN7HOST$
> [2010/02/02 19:07:52, 0] auth/auth_sam.c:355(check_sam_security)
> check_sam_security: make_server_info_sam() failed with
> 'NT_STATUS_NO_SUCH_USER'
>
> This only occurs for the windows7 client (not XP clients).
> What does this mean, is it a problem, and how do I fix it?!
>
>
> 3 - periodic errors reported by nmbd:
> Packet send failed to 192.168.10.8(138) ERRNO=Operation not permitted
>
> That's the ipaddress of the windows7 client.
> Actually, looking back in the logs I see this has occasionally happened
> for all but one of the xp clients too.
> Again, what does this error mean, is it a problem, how would I fix it?
>
>
> 4 - windows7 client bombards the server on port 389 (ldap)
> No idea why, no other (xp) clients do this. I'm guessing it /might/ be
> part of question 2 above ,ie. maybe the win7 client is trying to
> authenticate against ldap??
>
> rgds all,
> graham.
>




More information about the samba mailing list