[Samba] NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT
Frodogodo drogofodo
frodogodo at gmail.com
Thu Mar 10 06:25:45 MST 2011
Hello Volker,
here are more lines of log as you requested. We've upgraded to samba
3.5.6-71.fc14 (on Fedora) with similar results.
Anybody has any idea what NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT
or NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT means exactly here ?
The client platform is using jcifs, does anybody have any experience with it
?
Thanks in advance !!
==> log.smbd <==
[2011/03/08 16:39:33.664031, 5] lib/util_sock.c:304(print_socket_options)
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 50868
SO_RCVBUF = 87744
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
[2011/03/08 16:39:33.664281, 5] lib/util_sock.c:304(print_socket_options)
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 50868
SO_RCVBUF = 87744
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
==> log.__ffff_127.0.0.1 <==
[2011/03/08 16:39:33.664587, 6] param/loadparm.c:7133(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Mar
8
16:03:46 2011
[2011/03/08 16:39:33.664723, 3] smbd/oplock.c:895(init_oplocks)
init_oplocks: initializing messages.
[2011/03/08 16:39:33.664749, 5] lib/messages.c:329(messaging_deregister)
Deregistering messaging pointer for type 1 - private_data=(nil)
[2011/03/08 16:39:33.665069, 6] smbd/process.c:1482(process_smb)
got message type 0x0 of len 0xbe
[2011/03/08 16:39:33.665098, 3] smbd/process.c:1485(process_smb)
Transaction 0 of length 194 (0 toread)
[2011/03/08 16:39:33.665117, 5] lib/util.c:617(show_msg)
[2011/03/08 16:39:33.665130, 5] lib/util.c:627(show_msg)
size=190
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=0
smb_pid=26044
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=155
[2011/03/08 16:39:33.665231, 3] smbd/process.c:1294(switch_message)
switch message SMBnegprot (pid 26045) conn 0x0
[2011/03/08 16:39:33.665254, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/03/08 16:39:33.665275, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.665293, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.665329, 5] smbd/uid.c:369(change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2011/03/08 16:39:33.665384, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2011/03/08 16:39:33.665411, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [MICROSOFT NETWORKS 1.03]
[2011/03/08 16:39:33.665431, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2011/03/08 16:39:33.665449, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [LANMAN1.0]
[2011/03/08 16:39:33.665467, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [LM1.2X002]
[2011/03/08 16:39:33.665486, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [DOS LANMAN2.1]
[2011/03/08 16:39:33.665504, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [LANMAN2.1]
[2011/03/08 16:39:33.665522, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [Samba]
[2011/03/08 16:39:33.665541, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [NT LANMAN 1.0]
[2011/03/08 16:39:33.665559, 3] smbd/negprot.c:586(reply_negprot)
Requested protocol [NT LM 0.12]
[2011/03/08 16:39:33.665592, 6] param/loadparm.c:7133(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Mar
8
16:03:46 2011
[2011/03/08 16:39:33.665633, 5] smbd/connection.c:142(claim_connection)
claiming []
[2011/03/08 16:39:33.665703, 6] param/loadparm.c:7133(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Mar
8
16:03:46 2011
[2011/03/08 16:39:33.665754, 5]
auth/auth.c:481(make_auth_context_subsystem)
Making default auth method list for DC, security=user, encrypt passwords
=
yes
[2011/03/08 16:39:33.665801, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend sam
[2011/03/08 16:39:33.665865, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'sam'
[2011/03/08 16:39:33.665882, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend sam_ignoredomain
[2011/03/08 16:39:33.665900, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'sam_ignoredomain'
[2011/03/08 16:39:33.665917, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend unix
[2011/03/08 16:39:33.665934, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'unix'
[2011/03/08 16:39:33.665953, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend winbind
[2011/03/08 16:39:33.665970, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'winbind'
[2011/03/08 16:39:33.665988, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend wbc
[2011/03/08 16:39:33.666005, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'wbc'
[2011/03/08 16:39:33.666024, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend smbserver
[2011/03/08 16:39:33.666041, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'smbserver'
[2011/03/08 16:39:33.666060, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend trustdomain
[2011/03/08 16:39:33.666078, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'trustdomain'
[2011/03/08 16:39:33.666095, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend ntdomain
[2011/03/08 16:39:33.666113, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'ntdomain'
[2011/03/08 16:39:33.666138, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend guest
[2011/03/08 16:39:33.666156, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'guest'
[2011/03/08 16:39:33.666175, 5] auth/auth.c:46(smb_register_auth)
Attempting to register auth backend netlogond
[2011/03/08 16:39:33.666194, 5] auth/auth.c:58(smb_register_auth)
Successfully added auth method 'netlogond'
[2011/03/08 16:39:33.666211, 5] auth/auth.c:383(load_auth_module)
load_auth_module: Attempting to find an auth method to match guest
[2011/03/08 16:39:33.666231, 5] auth/auth.c:408(load_auth_module)
load_auth_module: auth method guest has a valid init
[2011/03/08 16:39:33.666248, 5] auth/auth.c:383(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam
[2011/03/08 16:39:33.666266, 5] auth/auth.c:408(load_auth_module)
load_auth_module: auth method sam has a valid init
[2011/03/08 16:39:33.666285, 5] auth/auth.c:383(load_auth_module)
load_auth_module: Attempting to find an auth method to match
winbind:trustdomain
[2011/03/08 16:39:33.666303, 5] auth/auth.c:383(load_auth_module)
load_auth_module: Attempting to find an auth method to match trustdomain
[2011/03/08 16:39:33.666320, 5] auth/auth.c:408(load_auth_module)
load_auth_module: auth method trustdomain has a valid init
[2011/03/08 16:39:33.666337, 5] auth/auth.c:408(load_auth_module)
load_auth_module: auth method winbind has a valid init
[2011/03/08 16:39:33.666357, 5] auth/auth.c:97(get_ntlm_challenge)
auth_get_challenge: module guest did not want to specify a challenge
[2011/03/08 16:39:33.666374, 5] auth/auth.c:97(get_ntlm_challenge)
auth_get_challenge: module sam did not want to specify a challenge
[2011/03/08 16:39:33.666391, 5] auth/auth.c:97(get_ntlm_challenge)
auth_get_challenge: module winbind did not want to specify a challenge
[2011/03/08 16:39:33.666417, 5] auth/auth.c:132(get_ntlm_challenge)
auth_context challenge created by random
[2011/03/08 16:39:33.666435, 5] auth/auth.c:133(get_ntlm_challenge)
challenge is:
[2011/03/08 16:39:33.666454, 5] ../lib/util/util.c:278(_dump_data)
[0000] BA FA B9 37 B3 A9 E3 BE ...7....
[2011/03/08 16:39:33.666486, 3] smbd/negprot.c:385(reply_nt1)
not using SPNEGO
[2011/03/08 16:39:33.666504, 3] smbd/negprot.c:691(reply_negprot)
Selected protocol NT LANMAN 1.0
[2011/03/08 16:39:33.666521, 5] smbd/negprot.c:698(reply_negprot)
negprot index=8
[2011/03/08 16:39:33.666539, 5] lib/util.c:617(show_msg)
[2011/03/08 16:39:33.666550, 5] lib/util.c:627(show_msg)
size=99
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49155
smb_tid=0
smb_pid=26044
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=20483 (0x5003)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]=65280 (0xFF00)
smb_vwv[ 4]= 255 (0xFF)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]=48384 (0xBD00)
smb_vwv[ 8]= 101 (0x65)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=33011 (0x80F3)
smb_vwv[11]=32768 (0x8000)
smb_vwv[12]=25960 (0x6568)
smb_vwv[13]=42757 (0xA705)
smb_vwv[14]=52189 (0xCBDD)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]= 2303 (0x8FF)
smb_bcc=8
[2011/03/08 16:39:33.666951, 6] smbd/process.c:1482(process_smb)
got message type 0x0 of len 0xac
[2011/03/08 16:39:33.666975, 3] smbd/process.c:1485(process_smb)
Transaction 1 of length 176 (0 toread)
[2011/03/08 16:39:33.666993, 5] lib/util.c:617(show_msg)
[2011/03/08 16:39:33.667005, 5] lib/util.c:627(show_msg)
size=172
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=0
smb_pid=26044
smb_uid=0
smb_mid=2
smt_wct=13
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]=65535 (0xFFFF)
smb_vwv[ 3]= 2 (0x2)
smb_vwv[ 4]=26044 (0x65BC)
smb_vwv[ 5]=26045 (0x65BD)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 24 (0x18)
smb_vwv[ 8]= 24 (0x18)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 0 (0x0)
smb_vwv[11]=53340 (0xD05C)
smb_vwv[12]= 0 (0x0)
smb_bcc=111
[2011/03/08 16:39:33.667161, 3] smbd/process.c:1294(switch_message)
switch message SMBsesssetupX (pid 26045) conn 0x0
[2011/03/08 16:39:33.667179, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/03/08 16:39:33.667197, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.667214, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.667241, 5] smbd/uid.c:369(change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2011/03/08 16:39:33.667263, 3]
smbd/sesssetup.c:1436(reply_sesssetup_and_X)
wct=13 flg2=0xc801
[2011/03/08 16:39:33.667298, 3]
smbd/sesssetup.c:1639(reply_sesssetup_and_X)
Domain=[CLUSTER_WG] NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2011/03/08 16:39:33.667317, 3]
smbd/sesssetup.c:1655(reply_sesssetup_and_X)
sesssetupX:name=[CLUSTER_WG]\[liferay$]@[__ffff_127.0.0.1]
[2011/03/08 16:39:33.667345, 6] param/loadparm.c:7133(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Mar
8
16:03:46 2011
[2011/03/08 16:39:33.667387, 5] auth/auth_util.c:211(make_user_info_map)
Mapping user [CLUSTER_WG]\[liferay$] from workstation [__ffff_127.0.0.1]
[2011/03/08 16:39:33.667408, 5] auth/auth_util.c:122(make_user_info)
attempting to make a user_info for liferay$ (liferay$)
[2011/03/08 16:39:33.667426, 5] auth/auth_util.c:132(make_user_info)
making strings for liferay$'s user_info struct
[2011/03/08 16:39:33.667444, 5] auth/auth_util.c:164(make_user_info)
making blobs for liferay$'s user_info struct
[2011/03/08 16:39:33.667461, 3] auth/auth.c:216(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user
[CLUSTER_WG]\[liferay$]@[__ffff_127.0.0.1] with the new password interface
[2011/03/08 16:39:33.667482, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: mapped user is:
[CLUSTER_WG]\[liferay$]@[__ffff_127.0.0.1]
[2011/03/08 16:39:33.667500, 5] ../lib/util/util.c:278(_dump_data)
[0000] BA FA B9 37 B3 A9 E3 BE ...7....
[2011/03/08 16:39:33.667528, 8] lib/util.c:1869(is_myname)
is_myname("CLUSTER_WG") returns 0
[2011/03/08 16:39:33.667549, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2011/03/08 16:39:33.667569, 3] smbd/uid.c:429(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2011/03/08 16:39:33.667587, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/03/08 16:39:33.667604, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.667621, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.667675, 5] lib/smbldap.c:1360(smbldap_search_ext)
smbldap_search_ext: base => [o=global,dc=map,dc=es], filter =>
[(&(uid=liferay$)(objectclass=sambaSamAccount))], scope => [2]
[2011/03/08 16:39:33.667750, 5] lib/smbldap.c:1262(smbldap_close)
The connection to the LDAP server was closed
[2011/03/08 16:39:33.667842, 2] lib/smbldap.c:950(smbldap_open_connection)
smbldap_open_connection: connection opened
[2011/03/08 16:39:33.672323, 3] lib/smbldap.c:1166(smbldap_connect_system)
ldap_connect_system: successful connection to the LDAP server
[2011/03/08 16:39:33.672363, 4] lib/smbldap.c:1242(smbldap_open)
The LDAP server is successfully connected
[2011/03/08 16:39:33.678908, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
init_sam_from_ldap: Entry found for user: liferay$
[2011/03/08 16:39:33.679041, 4] lib/substitute.c:504(automount_server)
Home server: cluster_nb
[2011/03/08 16:39:33.679094, 4] lib/substitute.c:504(automount_server)
Home server: cluster_nb
[2011/03/08 16:39:33.679153, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.679191, 3] smbd/uid.c:429(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2011/03/08 16:39:33.679238, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.679275, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.679309, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.679410, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/03/08 16:39:33.679545, 5] passdb/login_cache.c:44(login_cache_init)
Opening cache file at /var/lib/samba/login_cache.tdb
[2011/03/08 16:39:33.679606, 7] passdb/login_cache.c:88(login_cache_read)
Looking up login cache for user liferay$
[2011/03/08 16:39:33.679648, 7] passdb/login_cache.c:104(login_cache_read)
No cache entry found
[2011/03/08 16:39:33.679697, 5] lib/username.c:133(Get_Pwnam_alloc)
Finding user liferay$
[2011/03/08 16:39:33.679732, 5] lib/username.c:77(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is liferay$
[2011/03/08 16:39:33.683861, 5] lib/username.c:110(Get_Pwnam_internals)
Get_Pwnam_internals did find user [liferay$]!
[2011/03/08 16:39:33.683973, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.683994, 3] smbd/uid.c:429(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2011/03/08 16:39:33.684010, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.684026, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.684041, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.684074, 5]
passdb/pdb_interface.c:1473(lookup_global_sam_rid)
lookup_global_sam_rid: looking up RID 1165000.
[2011/03/08 16:39:33.684094, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
[2011/03/08 16:39:33.684110, 3] smbd/uid.c:429(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
[2011/03/08 16:39:33.684125, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
[2011/03/08 16:39:33.684140, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.684154, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.684202, 5] lib/smbldap.c:1360(smbldap_search_ext)
smbldap_search_ext: base => [o=global,dc=map,dc=es], filter =>
[(&(sambaSID=S-1-5-21-3860457228-14833263-3247686105-1165000)
(objectclass=sambaSamAccount))], scope => [2]
[2011/03/08 16:39:33.685558, 4] passdb/pdb_ldap.c:1695(ldapsam_getsampwsid)
ldapsam_getsampwsid: Unable to locate SID
[S-1-5-21-3860457228-14833263-3247686105-1165000] count=0
[2011/03/08 16:39:33.685604, 5] lib/smbldap.c:1360(smbldap_search_ext)
smbldap_search_ext: base => [o=global,dc=map,dc=es], filter =>
[(&(objectClass=sambaGroupMapping)
(sambaSID=S-1-5-21-3860457228-14833263-3247686105-1165000))], scope => [2]
[2011/03/08 16:39:33.687959, 2]
passdb/pdb_ldap.c:2446(init_group_from_ldap)
init_group_from_ldap: Entry found for group: 65000
[2011/03/08 16:39:33.688003, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.688024, 5]
passdb/pdb_interface.c:1595(pdb_default_lookup_rids)
lookup_rids: maquinas:2
[2011/03/08 16:39:33.688045, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/03/08 16:39:33.688069, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.688087, 3] smbd/uid.c:429(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2011/03/08 16:39:33.688105, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.688122, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.688151, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.688197, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/03/08 16:39:33.688227, 4] lib/substitute.c:504(automount_server)
Home server: cluster_nb
[2011/03/08 16:39:33.688253, 4] lib/substitute.c:504(automount_server)
Home server: cluster_nb
[2011/03/08 16:39:33.688275, 3] smbd/sec_ctx.c:210(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.688294, 3] smbd/uid.c:429(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2011/03/08 16:39:33.688312, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2011/03/08 16:39:33.688330, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.688347, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.688384, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/03/08 16:39:33.688413, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/03/08 16:39:33.688435, 4]
../libcli/auth/ntlm_check.c:399(ntlm_password_check)
ntlm_password_check: Checking NT MD4 password
[2011/03/08 16:39:33.688507, 4] auth/auth_sam.c:180(sam_account_ok)
sam_account_ok: Checking SMB password for user liferay$
[2011/03/08 16:39:33.688531, 5] auth/auth_sam.c:162(logon_hours_ok)
logon_hours_ok: user liferay$ allowed to logon at this time (Tue Mar 8
15:39:33 2011
)
[2011/03/08 16:39:33.688554, 2] auth/auth_sam.c:273(sam_account_ok)
sam_account_ok: Server trust account liferay$ denied by server
[2011/03/08 16:39:33.688576, 5] auth/auth.c:268(check_ntlm_password)
check_ntlm_password: sam authentication for user [liferay$] FAILED with
error NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT
[2011/03/08 16:39:33.688607, 3]
auth/auth_winbind.c:54(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [CLUSTER_WG]
was
for this SAM.
[2011/03/08 16:39:33.688625, 2] auth/auth.c:314(check_ntlm_password)
check_ntlm_password: Authentication for user [liferay$] -> [liferay$]
FAILED with error NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT
[2011/03/08 16:39:33.688644, 5] auth/auth_util.c:2119(free_user_info)
attempting to free (and zero) a user_info structure
[2011/03/08 16:39:33.688668, 3] smbd/error.c:80(error_packet_set)
error packet at smbd/sesssetup.c(1759) cmd=115 (SMBsesssetupX)
NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT
[2011/03/08 16:39:33.688694, 5] lib/util.c:617(show_msg)
[2011/03/08 16:39:33.688705, 5] lib/util.c:627(show_msg)
size=35
smb_com=0x73
smb_rcls=154
smb_reh=1
smb_err=49152
smb_flg=136
smb_flg2=49155
smb_tid=0
smb_pid=26044
smb_uid=0
smb_mid=2
smt_wct=0
smb_bcc=0
[2011/03/08 16:39:33.689671, 5] lib/util_sock.c:462(read_fd_with_timeout)
read_fd_with_timeout: blocking read. EOF from client.
[2011/03/08 16:39:33.689710, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/03/08 16:39:33.689726, 5] auth/token_util.c:525(debug_nt_user_token)
NT user token: (NULL)
[2011/03/08 16:39:33.689740, 5]
auth/token_util.c:551(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2011/03/08 16:39:33.689767, 5] smbd/uid.c:369(change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2011/03/08 16:39:33.689815, 3] smbd/connection.c:31(yield_connection)
Yielding connection to
[2011/03/08 16:39:33.689896, 3] smbd/server.c:902(exit_server_common)
Server exit (failed to receive smb request)
On Sun, Mar 6, 2011 at 11:03 PM, Volker Lendecke
<Volker.Lendecke at sernet.de>wrote:
> On Thu, Feb 24, 2011 at 02:20:49PM +0100, Frodogodo drogofodo wrote:
> > Hello list,
> >
> > we're trying to use NTLMv2 authentication from Liferay Portal 6.0.5
> as
> > specified in
> >
> http://www.liferay.com/community/wiki/-/wiki/Main/NTLMv2+SSO+Configuration
> .
> > We've created a machine account for it that looks like that:
> >
> > dn: uid=liferay$,ou=Maquinas,o=global,dc=map,dc=es
> > sambaNTPassword: 76DBDF27BB32912AD61BC369DB8FEBD8
> > sambaPwdLastSet: 1298373376
> > sambaAcctFlags: [W]
> > displayName: LIFERAY$
> > sambaSID: S-1-5-21-3860457228-14833263-3247686105-1142
> > uid: liferay$
> > cn: liferay$
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > objectClass: shadowAccount
> > objectClass: AltAccountMAP
> > objectClass: sambaSamAccount
> > .... [ No more interesting attributes ]
> >
> > But whenever we try to authenticate it fails and we have the following
> log:
> >
> > Primary group is 0 and contains 0 supplementary groups
> > [2011/02/24 13:52:31, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
> > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> > [2011/02/24 13:52:31, 2] auth/auth_sam.c:sam_account_ok(235)
> > sam_account_ok: Wksta trust account liferay$ denied by server
>
> Can you send a lot more lines above this?
>
> Volker Lendecke
>
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
>
More information about the samba
mailing list