[Samba] XP SP3 can't authenticate
Gaiseric Vandal
gaiseric.vandal at gmail.com
Fri Dec 16 09:03:12 MST 2011
XP will not require in registry edits for samba 3 (at least samba 3.0.x
through 3.5.x)
Machines names should end in "$"
# pdbedit -Lv opus$
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=XXXXXX))]
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
init_sam_from_ldap: Entry found for user: OPUS$
init_group_from_ldap: Entry found for group: 515
Unix username: OPUS$
NT username: OPUS$
Account Flags: [W ]
User SID: S-1-5-21-xxx-xxx-xxx-yyyy
Primary Group SID: S-1-5-21-xxx-xxx-xxx-515
Full Name: OPUS$
.....
Logon time: 0
Logoff time: never
Kickoff time: never
Password last set: Wed, 23 Nov 2011 14:03:47 EST
Password can change: Wed, 23 Nov 2011 14:03:47 EST
Password must change: Fri, 22 Nov 2013 14:03:47 EST
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
#
On 12/15/2011 12:52 PM, Hervé Hénoch wrote:
> Here is the result of net groupmap list
>
> Domain Admins (S-1-5-21-1031258178-388409940-3248586695-512) -> Domain
> Admins
> Domain Users (S-1-5-21-1031258178-388409940-3248586695-513) -> Domain
> Users
> Domain Guests (S-1-5-21-1031258178-388409940-3248586695-514) -> nogroup
> Domain Computers (S-1-5-21-1031258178-388409940-3248586695-515) ->
> Domain Computers
> Administrators (S-1-5-32-544) -> Administrators
> Account Operators (S-1-5-32-548) -> Account Operators
> Print Operators (S-1-5-32-550) -> Print Operators
> Backup Operators (S-1-5-32-551) -> Backup Operators
> Replicators (S-1-5-32-552) -> Replicators
>
> It is seems ok.
>
> Here is the result of pdbedit -Lv of the user "pharma" which can't
> enter in the session :
>
> pdbedit -Lv | grep pharma
> init_sam_from_ldap: Entry found for user: pharma
> Unix username: pharma
> NT username: pharma
> Logon Script: pharma.bat
>
> Can it be a problem in the register of windows ? The machine is a XP
> Pro SP3 ...
>
> Regards
>
>
>
> Le 15/12/2011 17:40, Gaiseric Vandal a écrit :
>> It might be an issues with group mappings (for the well know groups.)
>>
>> Can you verify that the " net groupmap list" shows at a minimum
>> "Domain Users" and "Domain Admins."
>> If you login as Administrator, can you can network users or groups to
>> the local "Users" group?
>>
>>
>> Does "pdbedit -Lv" show the computer account on the PDC. Does
>> "getent passwd" shows the computer account on the PDC?
>>
>>
>>
>> On 12/15/2011 11:16 AM, Hervé Hénoch wrote:
>>> Hello,
>>>
>>> I have a strange problem. I've re-included a XP SP3 pro in my samba
>>> domain. Only the administrators can authenticate and enter in a
>>> windows session.
>>>
>>> All other users can't.
>>>
>>>
>>> smb version : 3.3.5
>>>
>>> Any help would be appreciate ...
>>>
>>> regards
>>>
>>
>
More information about the samba
mailing list