[Samba] Why am I getting login failures for domain members?
Mark Foley
mfoley at ohprs.org
Thu Jun 7 14:59:23 UTC 2018
On Thu, 7 Jun 2018 08:03:56 +0100 Rowland Penny wrote:
>
> On Thu, 07 Jun 2018 00:43:47 -0400
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> > Perhaps this is all normal and as expected. Still, why is windbindd
> > requesting a password for the computer itself (CCARTER$)? What is
> > this password? I've certainly never set a computer password (that I
> > know of) and it is certainly not the login user's password.
> >
> > If this is all "normal", fine, I won't worry about it. But, I'm
> > curious as to what this is about if you or anyone knows, or could
> > direct me to more detail on the web.
> >
>
> Even computers have passwords in AD and no, you don't set it, it is set
> for you and is replaced every month.
>
> If you run this on a DC:
>
> ldbsearch -H /var/lib/samba/private/sam.ldb -b
> dc=samdom,dc=example,dc=com -s sub
> '(&(objectclass=computer)(name=devstation))' unicodepwd
>
> You can see the encoded password.
>
> Just replace the data with your data.
>
> Rowland
Hmmm, OK then I guess it's normal. I ran your ldbsearch command and did get back a value. I've
no intention of replacing it.
A bit puzzling about the "every month" bit. As mentioned in my OP, I'm seeing this from
between 5 and 9 times a month per Linux workstation, sometimes twice in the same day. Could be
my older version of samba (4.4.16), but in any case I'll not worry about it.
Thanks, --Mark
More information about the samba
mailing list