[Samba] Samba share not working: getpwuid(1000) failed, Failed to finalize nt token & NT_STATUS_UNSUCCESSFUL
jillelaine
jillelaine01 at gmail.com
Tue Nov 26 22:54:28 UTC 2019
I have a small home network with server and 5 clients all on an internal
LAN with private IPs.
Samba, Version 4.7.6-Ubuntu, file sharing is not working on the server
for any of the 5 clients. I have tried both mount.cifs and smbclient.
The same errors are thrown in the server's samba logs for all connection
attempts, regardless of how the client tries to connect: getpwuid(1000)
failed, Failed to finalize nt token & NT_STATUS_UNSUCCESSFUL
Below is some data. Please tell me what else is needed to help diagnose
this problem. Thank you for your help.
---------------------------
SERVER - jazz
Kubuntu VERSION="18.04.3 LTS (Bionic Beaver)"
Samba, Version 4.7.6-Ubuntu
Shared directory 'samba' and permissions
drwxr-xr-x 4 root sambashare 4096 Nov 25 16:04 samba
--------------------------
Contents of 'samba' directory
drwxr-xr-x 4 root sambashare 4096 Nov 25 16:04 .
drwxr-xr-x 25 root root 4096 Nov 25 15:57 ..
drwxrws--- 2 root sambashare 4096 Nov 25 16:04 users
---------------------------
smb.conf
[global]
workgroup = WORKGROUP
server string = %h server (Samba, Ubuntu)
dns proxy = no
root directory = /samba
log file = /var/log/samba/log.%m
max log size = 1000
log level = 3
panic action = /usr/share/samba/panic-action %d
server role = standalone server
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yes
guest account = jj
[users]
comment = Our Jazz Files
path = /samba/users
browseable = yes
read only = no
create mask = 0775
directory mask = 0775
guest ok = yes
---------------------------
testparm -s
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[users]"
Loaded services file OK.
Server role: ROLE_STANDALONE
# Global parameters
[global]
dns proxy = No
guest account = jj
log file = /var/log/samba/log.%m
map to guest = Bad User
max log size = 1000
obey pam restrictions = Yes
pam password change = Yes
panic action = /usr/share/samba/panic-action %d
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd program = /usr/bin/passwd %u
root directory = /samba
server role = standalone server
server string = %h server (Samba, Ubuntu)
unix password sync = Yes
usershare allow guests = Yes
idmap config * : backend = tdb
[users]
comment = Our Jazz Files
create mask = 0775
directory mask = 0775
guest ok = Yes
path = /samba/users
read only = No
---------------------------
FIVE CLIENTS
clients 1 & 2:
Kubuntu - upgraded from Kubuntu 16.04 to 18.04
client 3:
Kubuntu - fresh install of 18.04
client 4:
Windows 7
client 5:
Android tablet
---------------------------
Example from CLIENT 1:
frazz at frazzle3:~$ sudo mount -t cifs //jazz/users /mnt/jazz --verbose -o
user=jj,pass=******
mount.cifs kernel mount options:
ip=192.168.1.30,unc=\\jazz\users,user=jj,pass=********
mount error(5): Input/output error
or
frazz at frazzle3:~$ smbclient -L jazz -U jj
WARNING: The "syslog" option is deprecated
Enter WORKGROUP\jj's password:
session setup failed: NT_STATUS_UNSUCCESSFUL
---and in the server log for the failed connection----
[2019/11/26 22:41:31.809461, 1]
../source3/smbd/process.c:4045(smbd_process)
smbd_process: Changed root to /samba
[2019/11/26 22:41:31.809601, 3] ../source3/smbd/oplock.c:1340(init_oplocks)
init_oplocks: initializing messages.
[2019/11/26 22:41:31.809792, 3] ../source3/smbd/process.c:1959(process_smb)
Transaction 0 of length 110 (0 toread)
[2019/11/26 22:41:31.810629, 0]
../lib/util/debug.c:1053(reopen_logs_internfrazz at frazzle3:~$ smbclient
-L jazz -U jj
WARNING: The "syslog" option is deprecated
Enter WORKGROUP\jj's password:
session setup failed: NT_STATUS_UNSUCCESSFUL
al)
Unable to open new log file '/var/log/samba/log.192.168.1.127': No
such file or directory
[2019/11/26 22:41:31.810833, 3]
../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
Selected protocol SMB3_02
[2019/11/26 22:41:31.813294, 3]
../lib/util/util_net.c:256(interpret_string_addr_internal)
interpret_string_addr_internal: getaddrinfo failed for name jazz
(flags 34) [System error]
[2019/11/26 22:41:31.813394, 3]
../source3/lib/util_sock.c:1187(get_mydnsfullname)
get_mydnsfullname: getaddrinfo failed for name jazz [Unknown error]
[2019/11/26 22:41:31.813611, 3]
../lib/util/util_net.c:256(interpret_string_addr_internal)
interpret_string_addr_internal: getaddrinfo failed for name jazz
(flags 34) [System error]
[2019/11/26 22:41:31.813682, 3]
../source3/lib/util_sock.c:1187(get_mydnsfullname)
get_mydnsfullname: getaddrinfo failed for name jazz [Unknown error]
[2019/11/26 22:41:31.813824, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_spnego' registered
[2019/11/26 22:41:31.813893, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_krb5' registered
[2019/11/26 22:41:31.813962, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_krb5_sasl' registered
[2019/11/26 22:41:31.814028, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'spnego' registered
[2019/11/26 22:41:31.814093, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'schannel' registered
[2019/11/26 22:41:31.814157, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'naclrpc_as_system' registered
[2019/11/26 22:41:31.814222, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'sasl-EXTERNAL' registered
[2019/11/26 22:41:31.814343, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'ntlmssp' registered
[2019/11/26 22:41:31.814409, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'ntlmssp_resume_ccache' registered
[2019/11/26 22:41:31.814464, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_basic' registered
[2019/11/26 22:41:31.814519, 3]
../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_ntlm' registered
[2019/11/26 22:41:31.815812, 3]
../lib/util/util_net.c:256(interpret_string_addr_internal)
interpret_string_addr_internal: getaddrinfo failed for name jazz
(flags 34) [System error]
[2019/11/26 22:41:31.815891, 3]
../source3/lib/util_sock.c:1187(get_mydnsfullname)
get_mydnsfullname: getaddrinfo failed for name jazz [Unknown error]
[2019/11/26 22:41:31.816098, 3]
../lib/util/util_net.c:256(interpret_string_addr_internal)
interpret_string_addr_internal: getaddrinfo failed for name jazz
(flags 34) [System error]
[2019/11/26 22:41:31.816163, 3]
../source3/lib/util_sock.c:1187(get_mydnsfullname)
get_mydnsfullname: getaddrinfo failed for name jazz [Unknown error]
[2019/11/26 22:41:31.816488, 3]
../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0xe0080225
[2019/11/26 22:41:31.817488, 3]
../auth/ntlmssp/ntlmssp_server.c:454(ntlmssp_server_preauth)
Got user=[jj] domain=[] workstationfrazz at frazzle3:~$ smbclient -L
jazz -U jj
WARNING: The "syslog" option is deprecated
Enter WORKGROUP\jj's password:
session setup failed: NT_STATUS_UNSUCCESSFUL
=[] len1=0 len2=96
[2019/11/26 22:41:31.817594, 3]
../source3/param/loadparm.c:3860(lp_load_ex)
lp_load_ex: refreshing parameters
[2019/11/26 22:41:31.817759, 3]
../source3/param/loadparm.c:549(init_globals)
Initialising global parameters
[2019/11/26 22:41:31.817998, 3]
../source3/param/loadparm.c:1609(lp_add_ipc)
adding IPC service
[2019/11/26 22:41:31.818088, 3]
../source3/auth/auth.c:189(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user []\[jj]@[]
with the new password interface
[2019/11/26 22:41:31.818146, 3]
../source3/auth/auth.c:192(auth_check_ntlm_password)
check_ntlm_password: mapped user is: []\[jj]@[]
[2019/11/26 22:41:31.818624, 3]
../source3/passdb/lookup_sid.c:1680(get_primary_group_sid)
Forcing Primary Group to 'Domain Users' for jj
[2019/11/26 22:41:31.819171, 3]
../source3/auth/auth.c:256(auth_check_ntlm_password)
auth_check_ntlm_password: sam_ignoredomain authentication for user
[jj] succeeded
[2019/11/26 22:41:31.819345, 3]
../auth/auth_log.c:760(log_authentication_event_human_readable)
Auth: [SMB2,(null)] user []\[jj] at [Tue, 26 Nov 2019 22:41:31.819276
UTC] with [NTLMv2] status [NT_STATUS_OK] workstation [] remote host
[ipv4:192.168.1.127:60146] became [JAZZ]\[jj]
[S-1-5-21-1867908843-1086420462-4022543744-1002]. local host
[ipv4:192.168.1.30:445]
[2019/11/26 22:41:31.819795, 3] ../auth/auth_log.c:220(log_json)
JSON Authentication: {"timestamp": "2019-11-26T22:41:31.819531+0000",
"type": "Authentication", "Authentication": {"version": {"major": 1,
"minor": 0}, "status": "NT_STATUS_OK", "localAddress":
"ipv4:192.168.1.30:445", "remoteAddress": "ipv4:192.168.1.127:60146",
"serviceDescription": "SMB2", "authDescription": null, "clientDomain":
"", "clientAccount": "jj", "workstation": "", "becameAccount": "jj",
"becameDomain": "JAZZ", "becameSid":
"S-1-5-21-1867908843-1086420462-4022543744-1002", "mappedAccount": "jj",
"mappedDomain": "", "netlogonComputer": null, "netlogonTrustAccount":
null, "netlogonNegotiateFlags": "0x00000000",
"netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)",
"passwordType": "NTLMv2"}}
[2019/11/26 22:41:31.819889, 2]
../source3/auth/auth.c:314(auth_check_ntlm_password)
check_ntlm_password: authentication for user [jj] -> [jj] -> [jj]
succeeded
[2019/11/26 22:41:31.820261, 1]
../source3/auth/token_util.c:442(add_local_groups)
SID S-1-5-21-1867908843-1086420462-4022543744-1002 -> getpwuid(1000)
failed
[2019/11/26 22:41:31.820339, 3]
../source3/auth/token_util.c:328(create_local_nt_token_from_info3)
Failed to finalize nt token
[2019/11/26 22:41:31.820425, 3]
../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
status[NT_STATUS_UNSUCCESSFUL] || at ../source3/smbd/smb2_sesssetup.c:134
[2019/11/26 22:41:31.956312, 3]
../source3/smbd/server_exit.c:244(exit_server_common)
Server exit (NT_STATUS_END_OF_FILE)
More information about the samba
mailing list