[Samba] probleme with samba 3.4.5-3.1 + winbind+ windows 2008 R2 + trusted domain

Volker Lendecke Volker.Lendecke at SerNet.DE
Tue Feb 9 23:39:16 MST 2010

On Tue, Feb 09, 2010 at 02:13:31PM +0100, intartaglia.maximilien wrote:
> wbinfo -u
> I have only the user from medical and not from administratif
> The log of /var/log/samba.log/wb-Administratif:
> [2010/02/08 13:02:36,  1] winbindd/winbindd_ads.c:127(ads_cached_connection)
>   ads_connect for domain ADMINISTRATIF failed: Decrypt integrity check failed
> but when I do this command (test user administratif)  it's ok
> wbinfo -a administratif/almacom
> Enter administratif/almacom's password:
> plaintext password authentication succeeded
> Enter administratif/almacom's password:
> challenge/response password authentication succeeded

This is entirely possible if you just have a one-way trust
or the dc from ADMINISTRATIF does not allow listing users
for other reasons. A log file (debug level 10)
log.wb-ADMINISTRATIF might show what is going on.

BTW, why do you need the ADMINISTRATIF users in wbinfo -u?
For squid, i.e. ntlm_auth, to work this should not be

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20100210/5c0ad0b2/attachment.pgp>

More information about the samba mailing list