[Samba] Error: _netr_ServerAuthenticate2: netlogon_creds_server_check failed.

Christopher Springer cspringer at brcrp.com
Wed Jan 12 09:37:06 MST 2011 

I've finally found the solution (or at least in my case) to this problem.

After looking at the logs for LDAP (slapd) I found that every time a 
system on the domain tried to update it's associated account information 
in the database I would receive the following error:

RESULT tag=103 err=53 text=shadow context; no update referral

This lead me to find that the account information in LDAP was not being 
updated...however the machine's domain user accounts would still be able 
to login so it wasn't a major issue...just EXTREMELY annoying.  I added 
the following line in my slapd.conf file to tell the slapd daemon where 
to send its updates since it's a read-only local authentication server 
at the remote plants:

updateref ldap://xxx.xxx.xxx.xxx

The remote server now sends the account database updates to the central 
master server and eventually replicates those changes back down to the 
remote sites...and, thus, eliminating the annoying error message that I 
was receiving in my samba and system logs.  Just for reference, the 
original error was something similar to the following...

_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting 
auth request from client XXXXXXXX machine account XXXXXXXX$   or
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting 
auth request from client XXXXXXXX machine account XXXXXXXX$

Thanks all!  I hope this helps someone else.

Chris

On 08/19/2010 03:29 PM, Christopher Springer wrote:
>  My configuration is a multi-subnet, multi-subnet Samba/OpenLDAP 
> configuration.  Everything works fine on both subnets but I'm getting 
> the following error in /var/log/messages and in 
> /var/log/samba/log.smbd...
>
> _netr_ServerAuthenticate2: netlogon_creds_server_check failed. 
> Rejecting auth request from client XXX30874 machine account XXX30874$
>
> This messages seems to be repeated every time someone logs into their 
> machine or when the machine has to contact the server for 
> authentication purposes.  I have not had a chance to go through all of 
> the logs and verify what OS's are the offenders but it appears that a 
> lot of them are old WindowsNT4 machines.
>
> Please note that the only server on the subnet in question is the 
> BDC.  It has a local, replicated LDAP directory against which logins 
> are authenticated.  nmbd/wins is used for host name/netbios visibility.
>
> Any ideas to getting rid of this error in the log file?  Again, it 
> appears that access to files is working fine...it's just an annoyance 
> because I don't understand why it's happening.
>
> Thanks.
>
> Chris

More information about the samba mailing list