[Samba] FAILED with error NT_STATUS_WRONG_PASSWORD, authoritative=1
basti
mailinglist at unix-solution.de
Mon Oct 5 08:42:21 UTC 2020
On 05.10.20 10:16, Rowland penny via samba wrote:
> On 05/10/2020 08:37, basti via samba wrote:
>> Hello I have a Problem with one windows 10 client.
>>
>> [2020/10/05 09:21:47.356628, 2]
>> ../source3/auth/auth.c:334(auth_check_ntlm_password)
>> check_ntlm_password: Authentication for user [ap31] -> [ap31] FAILED
>> with error NT_STATUS_WRONG_PASSWORD, authoritative=1
>> [2020/10/05 09:21:47.356724, 2]
>> ../auth/auth_log.c:610(log_authentication_event_human_readable)
>> Auth: [SMB2,(null)] user [.]\[ap31] at [Mo, 05 Okt 2020
>> 09:21:47.356700 CEST] with [NTLMv2] status [NT_STATUS_WRONG_PASSWORD]
>> workstation [AP31-PC] remote host [ipv4:192.168.0.54:49927] mapped to
>> [.]\[ap31]. local host [ipv4:192.168.0.100:445]
>> {"timestamp": "2020-10-05T09:21:47.356848+0200", "type":
>> "Authentication", "Authentication": {"version": {"major": 1, "minor":
>> 0}, "status": "NT_STATUS_WRONG_PASSWORD", "localAddress":
>> "ipv4:192.168.0.100:445", "remoteAddress": "ipv4:192.168.0.54:49927",
>> "serviceDescription": "SMB2", "authDescription": null, "clientDomain":
>> ".", "clientAccount": "ap31", "workstation": "AP31-PC", "becameAccount":
>> null, "becameDomain": null, "becameSid": null, "mappedAccount": "ap31",
>> "mappedDomain": ".", "netlogonComputer": null, "netlogonTrustAccount":
>> null, "netlogonNegotiateFlags": "0x00000000",
>> "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null,
>> "passwordType": "NTLMv2", "duration": 4333}}
>>
>> It looks that the client use NTLMv2.
>>
>> The smb.conf on this server is:
>>
>> root at server:/var/log/samba# egrep -v "(^#|^$|^;)" /etc/samba/smb.conf
>> [global]
>> workgroup = WORKGROUP
>> local master = yes
>> preferred master = yes
>> os level = 210
>> server string = Samba Server
>> log file = /var/log/samba/log.%m
>> log level = 2
>> max log size = 1000
>> logging = file
>> panic action = /usr/share/samba/panic-action %d
>> server role = standalone server
>> obey pam restrictions = yes
>> passwd program = /usr/bin/passwd %u
>> passwd chat = *Enter\snew\s*\spassword:* %n\n
>> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>> pam password change = yes
>> map to guest = bad user
>> admin users = ap19 ap30
>> passdb backend = tdbsam
>> security = user
>> ntlm auth = yes
>> usershare allow guests = yes
>> [homes]
>> ...
>>
>> When I use smbclient with username and passwd it works without problems.
>>
>>
> Yes it is using NTLMv2 and the server isn't, you have two ways of fixing
> this:
>
> THE WRONG WAY: turn on SMBv1 on the win10 client
>
> The correct way: Turn off SMBv1 on the Samba server, this might just be
> as simple as removing 'ntlm auth = yes' from your smb.conf file, but,
> without knowing your Samba version, it is hard to tell :-)
>
> You will also need to turn off SMBv1 on all other computers.
>
> Rowland
>
>
Thanks Rowland. I have done a 'net use * /delete' on the client and
remove the cached credentials. and now it works.
More information about the samba
mailing list