[Samba] Samba update cause windows incorrect password

Enrico Morelli morelli at cerm.unifi.it
Fri Apr 24 11:32:41 UTC 2020 

On Fri, 24 Apr 2020 11:59:23 +0100
Rowland penny via samba <samba at lists.samba.org> wrote:

> On 24/04/2020 11:38, Enrico Morelli via samba wrote:
> > On Thu, 23 Apr 2020 08:08:39 +1200
> > Andrew Bartlett via samba <samba at lists.samba.org> wrote:
> >  
> >> On Wed, 2020-04-22 at 20:01 +0100, Rowland penny via samba wrote:  
> >>> On 22/04/2020 19:25, Enrico Morelli via samba wrote:  
> >>>>> On 22/04/2020 16:06, Enrico Morelli via samba wrote:  
> >>>>>> Dear,
> >>>>>>
> >>>>>> on my debian system I upgraded samba from 4.5.16 to 4.9.5. My
> >>>>>> samba
> >>>>>> server is configured as domain controller.
> >>>>>>
> >>>>>> Now happens a strange thing. From a windows 10 client I'm able
> >>>>>> to login
> >>>>>> with a domain user without problem. But if I logout and try to
> >>>>>> enter
> >>>>>> the password for the same user, Windows tells me that the
> >>>>>> password is
> >>>>>> incorrect.
> >>>>>>
> >>>>>> To be able to loing, I've to select Other User, enter username
> >>>>>> and
> >>>>>> password and all works fine. But if I logout and enter the
> >>>>>> same password, Windows tells me "Incorrect password".
> >>>>>>      
> >>> Apart from multiple default lines, there doesn't seem to anything
> >>> really
> >>> wrong with your smb.conf, so it looks like this could be yet
> >>> another reason to not use Windows 10 with an NT4-style PDC.
> >>>
> >>> You could try raising the log level, add 'log level = 10' to the
> >>> smb.conf and restart Samba, but beware, this will lead to a lot of
> >>> output.  
> >> Thanks Rowland.  This is the right approach.  Once we get that, we
> >> should be (even log level 5 would show it) able to work out what
> >> username form was being sent in both cases, and see if we can map
> >> between them.
> >>
> >> Andrew Bartlett
> >>  
> > I'd set the loglevel to 5 and happens a strange thing:
> >
> > SAM Logon (Interactive). Domain:[CERMDOMAIN].
> > User:[visitor2 at STUDENTI2] Requested Domain:[DOMAIN]
> > [2020/04/24 12:04:50.144675,
> > 5] ../source3/rpc_server/netlogon/srv_netlog_nt.c:1628(_netr_LogonSamLogon_base)
> > Attempting validation level 3 for unmapped username visitor2.
> > [2020/04/24 12:04:50.144698,
> > 5] ../source3/auth/auth.c:412(load_auth_module) load_auth_module:
> > Attempting to find an auth method to match sam_netlogon3 [2020/04/24
> > 12:04:50.144715,  5] ../source3/auth/auth.c:437(load_auth_module)
> > load_auth_module: auth method sam_netlogon3 has a valid init
> > [2020/04/24 12:04:50.144729,
> > 5] ../source3/auth/auth.c:412(load_auth_module) load_auth_module:
> > Attempting to find an auth method to match winbind [2020/04/24
> > 12:04:50.144743,  5] ../source3/auth/auth.c:437(load_auth_module)
> > load_auth_module: auth method winbind has a valid init [2020/04/24
> > 12:04:50.144894,
> > 5] ../source3/auth/auth_util.c:122(make_user_info_map) Mapping user
> > [DOMAIN]\[visitor2] from workstation [STUDENTI2] [2020/04/24
> > 12:04:50.144910,  5] ../source3/auth/user_info.c:64(make_user_info)
> > attempting to make a user_info for visitor2 (visitor2)
> > [2020/04/24 12:04:50.144962,
> > 3] ../source3/auth/auth.c:189(auth_check_ntlm_password)
> > check_ntlm_password:  Checking password for unmapped user
> > [DOMAIN]\[visitor2]@[STUDENTI2] with the new password interface
> > [2020/04/24 12:04:50.144978,
> > 3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
> > check_ntlm_password:  mapped user is:
> > [DOMAIN]\[visitor2]@[STUDENTI2] [2020/04/24 12:04:50.145020,
> > 5] ../source3/auth/auth_sam.c:162(auth_sam_netlogon3_auth)
> > auth_sam_netlogon3_auth: DOMAIN is not our domain name (DC for
> > CERMDOMAIN)
> > 2020/04/24 12:04:50.145228,
> > 5] ../source3/auth/auth.c:251(auth_check_ntlm_password)
> > auth_check_ntlm_password: winbind authentication for user [visitor2]
> > FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=0
> > [2020/04/24 12:04:50.145246,
> > 2] ../source3/auth/auth.c:334(auth_check_ntlm_password)
> > check_ntlm_password:  Authentication for user [visitor2] ->
> > [visitor2] FAILED with error NT_STATUS_NO_SUCH_USER,
> > authoritative=0 [2020/04/24 12:04:50.145276,
> > 2] ../auth/auth_log.c:610(log_authentication_event_human_readable)
> > Auth: [SamLogon,(null)] user [DOMAIN]\[visitor2] at [Fri, 24 Apr
> > 2020 12:04:50.145263 CEST] with [Supplied-NT-Hash] status
> > [NT_STATUS_NO_SUCH_USER] workstation [STUDENTI2] remote host
> > [ipv4:192.168.100.12:51475] mapped to [DOMAIN]\[visitor2]. local
> > host [ipv4:192.168.100.27:445]
> >
> >
> > Seems like the studenti2 PC is in a wrong domain, but I checked
> > that and it is on the correct CERMDOMAIN domain.
> > In the past we had an old samba server that served as DC for DOMAIN
> > domain. But now, all the machine are configured to use the new
> > domain and before the update all worked fine.
> >
> > I'm very confused because this is the behavior of all the windows 10
> > machines in the domain.
> >
> > I also tried to remove the studenti2 machine from the domain and
> > put it again without any result.
> >  
> Problem is that you posted this in your smb.conf:
> 
>      workgroup = DOMAIN
> 
> Is the 'DOMAIN' actually 'CERMDOMAIN' ? or is it something else ?
> 
> Rowland

The actual domain is CERMDOMAIN. Sorry.




-- 
-----------------------------------------------------------
  Enrico Morelli
  System Administrator | Programmer | Web Developer

  CERM - Polo Scientifico
  via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY
------------------------------------------------------------

More information about the samba mailing list