[Samba] Unable to access AD with ADExplorer
Erdei Miklos
er.mi at citromail.hu
Tue Mar 27 12:20:37 UTC 2018
Hi,
On 3/27/2018 6:37 AM, Erdei Miklos via samba wrote:
> Hi,
>
> I have a test AD running Samba on Ubuntu that I sometimes poke with Sysinternal's ADExplorer.
> A few days ago I tried connecting to it, but got a short reply of "The directory service is not available."
> As it was working earlier, I tried finding the problem.
> After installing a few older releases, I found that it was working on Ubuntu 17.04, Samba 4.5.8 and stopped working on Ubuntu 17.10, Samba 4.6.7. Ubuntu 18.04 Beta's Samba 4.7 also fails to work.
> I know 4 .5 is EoL, but that is the last version that I could log successfully on.
> The test ADs have exactly the same configuration, that was created during the AD provisioning.
>
> Here are the log excerpts running on -d3:
>
> Working logon:
> ==================================Version 4.5.8-Ubuntu==================================
> [2018/03/26 16:32:38.889960, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:38.896147, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:38.897060, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:38.897302, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:38.901252, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:38.901492, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:38.901669, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:38.901878, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088235
> [2018/03/26 16:32:38.910422, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> [2018/03/26 16:32:38.910667, 3] ../source4/smbd/process_single.c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> [2018/03/26 16:32:38.911755, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:38.915128, 3] ../auth/ntlmssp/ntlmssp_util .c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:38.915752, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:38.915983, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:38.919313, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:38 .919555, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:38.919752, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:38.919923, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088235
> [2018/03/26 16:32:39.571560, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> [2018/03/26 16:32:39.572294, 3] ../source4/smbd/process_single.c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> [2018/03/26 16:32:39.575711, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:39.579515, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:39.580258, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:39.580474, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:39.584407, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.584611, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:39.584793, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.584959, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088235
> [2018/03/26 16:32:39.823078, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> [2018/03/26 16:32:39.823431, 3] ../source4/smbd/process_single.c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> [2018/03/26 16:32:39.826504, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:39.830011, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:39.830652, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:39.830890, 3] . ./source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:39.834247, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.834452, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:39.834601, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.834756, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088235
> [2018/03/26 16:32:39.864216, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> [2018/03/26 16:32:39 .864480, 3] ../source4/smbd/process_single.c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> [2018/03/26 16:32:39.880432, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:39.883778, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:39.884513, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:39.884731, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:39.888141, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.888350, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:39.888502, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.888656, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088235
> [2018/03/26 16:32:39.911770, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> [2018/03/26 16:32:39.912037, 3] ../source4/smbd/process_single.c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> [2018/03/26 16:32:39.933657, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:39.938632, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:39.939515, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:39.939988, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:39.944810, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.945222, 3] ../auth/ntlmssp/ntlmssp_util .c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:39.945541, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:39.945808, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088235
> ==================================Version 4.5.8-Ubuntu==================================
>
> Non-Working logon:
> ==================================Version 4.6.7-Ubuntu==================================
> [2018/03/26 16:32:45.920989, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:45.926921, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:45.927514, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:45.927620, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:45.932479, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:45.932537, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:45.932576, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:45.932600, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:45.940988, 0] ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
> NTLMSSP NTLM2 packet check failed due to invalid signature!
> [2018/03/26 16:32:45.941244, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR'
> [2018/03/26 16:32:45.941284, 3] ../source4/smbd/process_single.c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
> [2018/03/26 16:32:45.942532, 3] ../lib/ldb-samba/ldb_wrap.c:325(ldb_wrap_connect)
> ldb_wrap open of secrets.ldb
> [2018/03/26 16:32:45.946341, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088297
> [2018/03/26 16:32:45.946846, 3] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
> Got user=[administrator] domain=[] workstation=[TEST] len1=24 len2=266
> [2018/03/26 16:32:45.946903, 3] ../source4/auth/ntlm/auth.c:271(auth_check_password_send)
> auth_check_password_send: Checking password for unmapped user []\[administrator]@[TEST]
> auth_check_password_send: mapped user is: [SAMDOM]\[administrator]@[TEST]
> [2018/03/26 16:32:45.950762, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:45.950809, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:45.950847, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2018/03/26 16:32:45.950873, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
> Got NTLMSSP neg_flags=0xe2088215
> [2018/03/26 16:32:45.958662, 0] ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
> NTLMSSP NTLM2 packet check failed due to invalid signature!
> [2018/03/26 16:32:45.958818, 3] ../source4/smbd/service_stream.c:66(stream_terminate_connection)
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR'
> [2018/03/26 16:32:45.958850, 3] ../source4/smbd/process_single .c:114(single_terminate)
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
> ==================================Version 4.6.7-Ubuntu==================================
>
> I tried "ldap server require strong auth = no", Googling "NTLMSSP NTLM2 packet check failed due to invalid signature!", checking the mailing list archives, and a bit more, but none gave any result.
>
> Can anyone help me how to proceed?
>
> Thanks for your help!
>
> Best regards,
> Miklos Erdei
>
I find if you don't use DOMAIN\username for the user you get this error
message.
I tried logging on with and without domain prefix (and suffix too). Same result: all formats work on 4.5 and none on 4.6.
M
--
--
James
_________________________________________
Citromail.hu levelezőrendszerből küldve
Lépj be vagy regisztrálj
More information about the samba
mailing list