[Samba] Why am I getting login failures for domain members?
mfoley at ohprs.org
Thu Jun 7 14:59:23 UTC 2018
On Thu, 7 Jun 2018 08:03:56 +0100 Rowland Penny wrote:
> On Thu, 07 Jun 2018 00:43:47 -0400
> Mark Foley via samba <samba at lists.samba.org> wrote:
> > Perhaps this is all normal and as expected. Still, why is windbindd
> > requesting a password for the computer itself (CCARTER$)? What is
> > this password? I've certainly never set a computer password (that I
> > know of) and it is certainly not the login user's password.
> > If this is all "normal", fine, I won't worry about it. But, I'm
> > curious as to what this is about if you or anyone knows, or could
> > direct me to more detail on the web.
> Even computers have passwords in AD and no, you don't set it, it is set
> for you and is replaced every month.
> If you run this on a DC:
> ldbsearch -H /var/lib/samba/private/sam.ldb -b
> dc=samdom,dc=example,dc=com -s sub
> '(&(objectclass=computer)(name=devstation))' unicodepwd
> You can see the encoded password.
> Just replace the data with your data.
Hmmm, OK then I guess it's normal. I ran your ldbsearch command and did get back a value. I've
no intention of replacing it.
A bit puzzling about the "every month" bit. As mentioned in my OP, I'm seeing this from
between 5 and 9 times a month per Linux workstation, sometimes twice in the same day. Could be
my older version of samba (4.4.16), but in any case I'll not worry about it.
More information about the samba