[Samba] Migration from 3.0.23d to 3.4.5 failed

Bastien Semene bsemene at cyanide-studio.com
Wed Mar 24 09:07:52 MDT 2010


I have a problem migrating Samba,  users can't be authenticated. It 
always says "user unknown or incorrect password".
I have low skills on Samba so I followed the official HOW-TO install 
step-by-step, but now I'm stucked.

Everything works well on the (old) 3.0.23d Samba server.
I can't add a machine to the workgroup using the admin account 

I migrated the smb.conf file and the persistent *.tdb files.
When I do a "tdbedit -Lv administrateur" (the administrator), I can see 
the details of the user on both servers.

The two servers uses the same backend DB (a MySQL service).
Smbd logs confirms it can connect correctly to the DB.

testparm runs are successfull.

When I try to connect to Samba with "smbclient -U administrateur -L PDC" 
: setup session failed: NT_STATUS_LOGON_FAILURE
As I saw while searching the source problem on the web, root account exists.
I thought this was a problem in the authentication mechanism. So I tried 
using "encrypt passwords = Yes" unsuccessfully.

If anyone can point me a direction, this can be helpfull,

Here is a dump of testparm :
     dos charset = 850
     unix charset = ISO8859-1
     workgroup = CYANIDE
     netbios name = PDC
     server string = New Primary Domain Controller
     interfaces =
     passdb backend = mysql:foo
     passwd program = /usr/local/bin/php -q 
/root/CyaManager/samba/update_mysql_password.php %u
     passwd chat = "password:" %n\n "ok\n"
     passwd chat debug = Yes
     unix password sync = Yes
     log level = 3
     log file = /var/log/samba34/log.%m
     load printers = No
     domain logons = Yes
     os level = 255
     preferred master = Yes
     domain master = Yes
     dns proxy = No
     wins support = Yes
     foo:unknown 6 column = nt_unknown_6
     foo:logon count column = nt_logon_count
     foo:bad password count column = nt_bad_password_count
     foo:logon hours column = nt_logon_hours
     foo:hours len column = nt_hours_len
     foo:logon divs column = nt_logon_divs
     foo:acct ctrl column = nt_acct_ctrl
     foo:plain pass column = NULL
     foo:nt pass column = nt_pw
     foo:lanman pass column = nt_lm_pw
     foo:group sid column = nt_group_sid
     foo:user sid column = nt_user_sid
     foo:munged dial column = nt_munged_dial
     foo:unknown string column = nt_unknown_str
     foo:workstations column = nt_workstations
     foo:acct desc column = nt_acct_desc
     foo:profile path column = nt_profile_path
     foo:logon script column = nt_logon_script
     foo:dir drive column = nt_dir_drive
     foo:home dir column = nt_homedir
     foo:fullname column = gecos
     foo:nt username column = nt_username
     foo:domain column = nt_domain
     foo:username column = username
     foo:pass history = NULL
     foo:pass must change time column = nt_pass_must_change_time
     foo:pass can change time column = nt_pass_can_change_time
     foo:pass last set time column = nt_pass_last_set_time
     foo:kickoff time column = nt_kickoff_time
     foo:logoff time column = nt_logoff_time
     foo:logon time column = nt_logon_time
     foo:table = user
     foo:mysql database = cyanide
     foo:mysql password = *****
     foo:mysql user = *****
     foo:mysql host =
     foo:host =
     admin users = administrateur

     comment = Test Directory
     path = /var/samba
     read only = No
     force create mode = 0770
     force directory mode = 0770
     guest ok = Yes

     path = /var/samba/netlogon
     browseable = No
     browsable = No

Here is a dump of pdbedit -Lv administrateur :
No builtin backend found, trying to load plugin
Module '/usr/local/lib/samba34/pdb/mysql.so' loaded
Connecting to database server, host:, user: root, database: 
cyanide, port: 3306
Unix username:        administrateur
NT username:          administrateur
Account Flags:        [U          ]
User SID:             S-1-5-21-720590779-4203916125-4014520812-2419
Primary Group SID:    S-1-5-21-720590779-4203916125-4014520812-513
Full Name:            Administrateur
Home Directory:       \\pdb\administrateur
HomeDir Drive:
Logon Script:         netlogon.bat
Profile Path:
Domain:               CYANIDE
Account desc:
Munged dial:
Logon time:           0
Logoff time:          0
Kickoff time:         0
Password last set:    Mon, 22 Mar 2010 16:43:36 CET
Password can change:  Mon, 22 Mar 2010 16:43:36 CET
Password must change: never
Last bad password   : 0
Bad password count  : 0

Bastien Semene
Administrateur Réseau&  Système

Cyanide Studio - FRANCE

More information about the samba mailing list