[Samba] NT4-Style Auth & Roaming Profiles Only?
lingpanda101 at gmail.com
lingpanda101 at gmail.com
Wed Jul 27 16:42:32 UTC 2016
On 7/27/2016 12:18 PM, Jim Seymour wrote:
> On Tue, 26 Jul 2016 13:40:59 -0500
> Dale Schroeder <dale at BriannasSaladDressing.com> wrote:
>
> [snip]
>> Sorry Rowland, but the break happened before the badlock patches when
>> Debian jumped from 4.1.x to 4.3.x, skipping 4.2.x altogether.
> [snip]
>> Jim, currently at Debian 4.4.5. If you search this list, you will
>> find others who have had the same thing happen. To my knowledge,
>> none have come back to say that their NT4 domain is working again
>> post-4.2.x.
> [snip]
>
> What was the nature/symtoms of the failure(s), Dale?
>
> What I'm seeing is that network authentication works, but login takes
> an inordinate amount of time: About 40 seconds until I see "Preparing
> your desktop" and another 20 seconds until "You have been logged on
> with a temporary profile."
>
> It doesn't appear to be a network auth problem. If I put in an invalid
> username or password, I get "The user name or password is incorrect"
> *instantly*.
>
> It's not permissions. Once logged-in, I can access the Profiles share,
> the user's network home directory, and anything else to which the user
> should have access. And I can write to those places to which I should
> be able.
>
> At least I don't *think* it's permissions. In perusing the logs, with
> debug turned up, I see things like
>
> smbd_check_access_rights: file username.V2 requesting 0x20080
> returning 0x20000 (NT_STATUS_OK)
> smbd_check_access_rights: file username3.V2 requesting 0x80
> returning 0x0 (NT_STATUS_OK)
>
> which makes me wonder if the code's not broken. (The thing's lying.
> The user's id is "Domain User", the directory is group "Domain User"
> and the permissions were "rwxrwxrwt".)
>
> I find more than a little disquieting is that nobody seems able to
> actually *troubleshoot* issues like this. Somebody ought to be able to
> look at logfiles and say "Oh, well, *this* is what's you're doing
> wrong" or "Ah! The code's broken because of <this>", or whatever.
>
> Regards,
> Jim
Are you by chance using client specific logging on Samba?
https://wiki.samba.org/index.php/Client_specific_logging
Do the windows logs display anything relevant?
--
-James
More information about the samba
mailing list