[Samba] Machines randomly kicks out of the domain

Volker Lendecke Volker.Lendecke at SerNet.DE
Tue Jun 21 08:38:06 MDT 2011 

Hi!

That can't be the solution. There seems to be a bug when
changing passwords. This is supposed to work.

Not that I have the solution, but you should enter this as a
bug in bugzilla.samba.org.

Volker


On Tue, Jun 21, 2011 at 02:15:03PM +0200, Roland Kaeser wrote:
> Hello All 
> 
> 
> Thanks very much for the great hints! I would have never thought about that in 100years! 
> We just made the changes to the workstations and added a hack to our unattended setup. 
> Thank You all. 
> 
> 
> Regards 
> 
> 
> Roland 
> 
> 
> ----- Ursprüngliche Mail -----
> Von: "Daniel Müller" <mueller at tropenklinik.de> 
> An: "Roland Kaeser" <roland.kaeser at ziil.ch>, samba at lists.samba.org 
> Gesendet: Dienstag, 21. Juni 2011 13:31:37 
> Betreff: AW: [Samba] Machines randomly kicks out of the domain 
> 
> Hello, 
> 
> Try 
> 
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] 
> "Update"="no" 
> 
> On your Win7 clients. We had the same issue solved by doing this. 
> 
> ----------------------------------------------- 
> EDV Daniel Müller 
> 
> Leitung EDV 
> Tropenklinik Paul-Lechler-Krankenhaus 
> Paul-Lechler-Str. 24 
> 72076 Tübingen 
> 
> Tel.: 07071/206-463, Fax: 07071/206-499 
> eMail: mueller at tropenklinik.de 
> Internet: www.tropenklinik.de 
> ----------------------------------------------- 
> 
> -----Ursprüngliche Nachricht----- 
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im 
> Auftrag von Roland Kaeser 
> Gesendet: Dienstag, 21. Juni 2011 13:01 
> An: samba at lists.samba.org 
> Betreff: [Samba] Machines randomly kicks out of the domain 
> 
> 
> 
> 
> Hello 
> 
> Sorry to ask here, but all googeling doesn't helped. We have several samba 
> domains (samba 3.5.6) with ldap backed and windows 7 clients, which worked 
> fine so far. Know we begin to see that random machines begin to kick out of 
> the domain with the error: 
> 
> 
> _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting 
> auth request from client MBBUCHHALTUNG04 machine account MBBUCHHALTUNG04$ 
> 
> Nothing was changed (no updates or anything else) on the client machine nor 
> the samba server. The registry keys for SignOrSeal and StrongKey are already 
> set correctly. I can't see any additional error 
> 
> Maybe somebody faced the same problem and give me a hint. Thanks a lot. 
> 
> Roland 
> 
> 
> The Full log for the login try of the machine is: 
> 
> 
> [2011/06/21 11:49:33.372812, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) 
> init_sam_from_ldap: Entry found for user: MBBUCHHALTUNG04$ 
> [2011/06/21 11:49:33.372837, 10] passdb/pdb_get_set.c:608(pdb_set_username) 
> pdb_set_username: setting username MBBUCHHALTUNG04$, was 
> [2011/06/21 11:49:33.372867, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 12 -> now SET 
> [2011/06/21 11:49:33.372894, 10] passdb/pdb_get_set.c:631(pdb_set_domain) 
> pdb_set_domain: setting domain METHABAU-PUR, was 
> [2011/06/21 11:49:33.372908, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 14 -> now DEFAULT 
> [2011/06/21 11:49:33.372922, 10] 
> passdb/pdb_get_set.c:654(pdb_set_nt_username) 
> pdb_set_nt_username: setting nt username MBBUCHHALTUNG04$, was 
> [2011/06/21 11:49:33.372935, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 15 -> now SET 
> [2011/06/21 11:49:33.372952, 10] 
> passdb/pdb_get_set.c:550(pdb_set_user_sid_from_string) 
> pdb_set_user_sid_from_string: setting user sid 
> S-1-5-21-2999790742-1775305604-2893609491-1046 
> [2011/06/21 11:49:33.372966, 10] passdb/pdb_get_set.c:537(pdb_set_user_sid) 
> pdb_set_user_sid: setting user sid 
> S-1-5-21-2999790742-1775305604-2893609491-1046 
> [2011/06/21 11:49:33.372981, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 18 -> now SET 
> [2011/06/21 11:49:33.372994, 11] 
> passdb/pdb_get_set.c:299(pdb_get_init_flags) 
> element 18: SET 
> [2011/06/21 11:49:33.373010, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 21 -> now SET 
> [2011/06/21 11:49:33.373051, 10] passdb/pdb_get_set.c:677(pdb_set_fullname) 
> pdb_set_full_name: setting full name MBBUCHHALTUNG04$, was 
> [2011/06/21 11:49:33.373065, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 13 -> now SET 
> [2011/06/21 11:49:33.373081, 10] passdb/pdb_get_set.c:746(pdb_set_dir_drive) 
> 
> pdb_set_dir_drive: setting dir drive Z:, was NULL 
> [2011/06/21 11:49:33.373094, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 3 -> now DEFAULT 
> [2011/06/21 11:49:33.373113, 10] passdb/pdb_get_set.c:770(pdb_set_homedir) 
> pdb_set_homedir: setting home dir 
> \\HALLE\Profiles\mbbuchhaltung04_\.9xprofile, was 
> [2011/06/21 11:49:33.373127, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 1 -> now DEFAULT 
> [2011/06/21 11:49:33.373144, 10] 
> passdb/pdb_get_set.c:700(pdb_set_logon_script) 
> pdb_set_logon_script: setting logon script login.cmd, was 
> [2011/06/21 11:49:33.373157, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 4 -> now DEFAULT 
> [2011/06/21 11:49:33.373175, 10] 
> passdb/pdb_get_set.c:723(pdb_set_profile_path) 
> pdb_set_profile_path: setting profile path 
> \\HALLE\Profiles\mbbuchhaltung04_, was 
> [2011/06/21 11:49:33.373189, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 2 -> now DEFAULT 
> [2011/06/21 11:49:33.373218, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 32 -> now SET 
> [2011/06/21 11:49:33.373250, 11] 
> passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) 
> ldapsam_get_account_policy: got valid value from cache 
> [2011/06/21 11:49:33.373272, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 20 -> now SET 
> [2011/06/21 11:49:33.373286, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 16 -> now SET 
> [2011/06/21 11:49:33.373298, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 17 -> now SET 
> [2011/06/21 11:49:33.373396, 7] passdb/login_cache.c:88(login_cache_read) 
> Looking up login cache for user MBBUCHHALTUNG04$ 
> [2011/06/21 11:49:33.373415, 7] passdb/login_cache.c:104(login_cache_read) 
> No cache entry found 
> [2011/06/21 11:49:33.373428, 9] passdb/pdb_ldap.c:1126(init_sam_from_ldap) 
> No cache entry, bad count = 0, bad time = 0 
> [2011/06/21 11:49:33.373443, 11] 
> passdb/pdb_get_set.c:499(pdb_set_init_flags) 
> element 34 -> now CHANGED 
> [2011/06/21 11:49:33.373474, 11] 
> passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) 
> ldapsam_get_account_policy: got valid value from cache 
> [2011/06/21 11:49:33.373493, 11] 
> passdb/pdb_get_set.c:309(pdb_get_init_flags) 
> element 3: DEFAULT 
> [2011/06/21 11:49:33.373506, 11] 
> passdb/pdb_get_set.c:309(pdb_get_init_flags) 
> element 1: DEFAULT 
> [2011/06/21 11:49:33.373519, 11] 
> passdb/pdb_get_set.c:309(pdb_get_init_flags) 
> element 4: DEFAULT 
> [2011/06/21 11:49:33.373531, 11] 
> passdb/pdb_get_set.c:309(pdb_get_init_flags) 
> element 2: DEFAULT 
> [2011/06/21 11:49:33.373558, 11] 
> passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) 
> ldapsam_get_account_policy: got valid value from cache 
> [2011/06/21 11:49:33.373588, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 5 -> now SET 
> [2011/06/21 11:49:33.373602, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 6 -> now SET 
> [2011/06/21 11:49:33.373615, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 7 -> now SET 
> [2011/06/21 11:49:33.373628, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 8 -> now SET 
> [2011/06/21 11:49:33.373640, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 9 -> now SET 
> [2011/06/21 11:49:33.373653, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 10 -> now SET 
> [2011/06/21 11:49:33.373665, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 21 -> now SET 
> [2011/06/21 11:49:33.373678, 10] passdb/pdb_get_set.c:608(pdb_set_username) 
> pdb_set_username: setting username MBBUCHHALTUNG04$, was 
> [2011/06/21 11:49:33.373691, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 12 -> now SET 
> [2011/06/21 11:49:33.373704, 10] passdb/pdb_get_set.c:631(pdb_set_domain) 
> pdb_set_domain: setting domain METHABAU-PUR, was 
> [2011/06/21 11:49:33.373717, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 14 -> now SET 
> [2011/06/21 11:49:33.373730, 10] 
> passdb/pdb_get_set.c:654(pdb_set_nt_username) 
> pdb_set_nt_username: setting nt username MBBUCHHALTUNG04$, was 
> [2011/06/21 11:49:33.373743, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 15 -> now SET 
> [2011/06/21 11:49:33.373756, 10] passdb/pdb_get_set.c:677(pdb_set_fullname) 
> pdb_set_full_name: setting full name MBBUCHHALTUNG04$, was 
> [2011/06/21 11:49:33.373769, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 13 -> now SET 
> [2011/06/21 11:49:33.373785, 10] passdb/pdb_get_set.c:770(pdb_set_homedir) 
> pdb_set_homedir: setting home dir 
> \\HALLE\Profiles\mbbuchhaltung04_\.9xprofile, was 
> [2011/06/21 11:49:33.373799, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 1 -> now DEFAULT 
> [2011/06/21 11:49:33.373812, 10] passdb/pdb_get_set.c:746(pdb_set_dir_drive) 
> 
> pdb_set_dir_drive: setting dir drive Z:, was NULL 
> [2011/06/21 11:49:33.373826, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 3 -> now DEFAULT 
> [2011/06/21 11:49:33.373840, 10] 
> passdb/pdb_get_set.c:700(pdb_set_logon_script) 
> pdb_set_logon_script: setting logon script login.cmd, was 
> [2011/06/21 11:49:33.373853, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 4 -> now DEFAULT 
> [2011/06/21 11:49:33.373868, 10] 
> passdb/pdb_get_set.c:723(pdb_set_profile_path) 
> pdb_set_profile_path: setting profile path 
> \\HALLE\Profiles\mbbuchhaltung04_, was 
> [2011/06/21 11:49:33.373881, 11] 
> passdb/pdb_get_set.c:522(pdb_set_init_flags) 
> element 2 -> now DEFAULT 
> [2011/06/21 11:49:33.373894, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 22 -> now SET 
> [2011/06/21 11:49:33.373907, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 24 -> now SET 
> [2011/06/21 11:49:33.373920, 10] 
> passdb/pdb_get_set.c:813(pdb_set_workstations) 
> pdb_set_workstations: setting workstations , was 
> [2011/06/21 11:49:33.373933, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 23 -> now SET 
> [2011/06/21 11:49:33.373946, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 25 -> now SET 
> [2011/06/21 11:49:33.373959, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 32 -> now SET 
> [2011/06/21 11:49:33.373987, 11] 
> passdb/pdb_ldap.c:4057(ldapsam_get_account_policy) 
> ldapsam_get_account_policy: got valid value from cache 
> [2011/06/21 11:49:33.374005, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 33 -> now SET 
> [2011/06/21 11:49:33.374019, 10] passdb/pdb_get_set.c:537(pdb_set_user_sid) 
> pdb_set_user_sid: setting user sid 
> S-1-5-21-2999790742-1775305604-2893609491-1046 
> [2011/06/21 11:49:33.374034, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 18 -> now SET 
> [2011/06/21 11:49:33.374047, 10] 
> passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) 
> pdb_set_user_sid_from_rid: 
> setting user sid S-1-5-21-2999790742-1775305604-2893609491-1046 from rid 
> 1046 
> [2011/06/21 11:49:33.374066, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 16 -> now SET 
> [2011/06/21 11:49:33.374086, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 28 -> now SET 
> [2011/06/21 11:49:33.374099, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 29 -> now SET 
> [2011/06/21 11:49:33.374112, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 30 -> now SET 
> [2011/06/21 11:49:33.374124, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 20 -> now SET 
> [2011/06/21 11:49:33.374137, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 17 -> now SET 
> [2011/06/21 11:49:33.374150, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 26 -> now SET 
> [2011/06/21 11:49:33.374164, 10] passdb/pdb_get_set.c:595(pdb_set_group_sid) 
> 
> pdb_set_group_sid: setting group sid 
> S-1-5-21-2999790742-1775305604-2893609491-513 
> [2011/06/21 11:49:33.374179, 11] 
> passdb/pdb_get_set.c:510(pdb_set_init_flags) 
> element 19 -> now SET 
> [2011/06/21 11:49:33.374265, 0] 
> rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3) 
> _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting 
> auth request from client MBBUCHHALTUNG04 machine account MBBUCHHALTUNG04$ 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the 
> instructions: https://lists.samba.org/mailman/options/samba 
> 
> 
> 
> -- 
> 
> Ziil Informatiklösungen GmbH 
> Roland Käser 
> Systems Engineer 
> Romanshornerstr. 134, 
> CH-8280 Kreuzlingen 
> Tel: +41 71 671 27 78 
> Fax: +41 71 671 27 79 
> www.ziil.ch 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen

More information about the samba mailing list