Hi, I am using winbindd to authenticate a computer. The computer account exists in the W2K domain controller. The authentication comes back with the error NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT. No session key is returned. Looking at the samba code it seems this error means that the account is a workstation account (which is correct). In samba 4 code base there is a flag (MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT) which if set allows workstations to authenticate. My question is if there is any config change that can be done on W2K to allow workstation authentication. Any other way of getting this done are also welcome. Any help would be greatly appreciated. Thank you. Raj. --------------------------------- Yahoo! Mail Bring photos to life! New PhotoMail makes sharing a breeze.
On Tue, 2006-03-07 at 09:53 -0800, Raj Talwar wrote:> Hi, I am using winbindd to authenticate a computer. The computer > account exists in the W2K domain controller. The authentication > comes back with the error NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT. > No session key is returned. > > Looking at the samba code it seems this error means that the account > is a workstation account (which is correct). In samba 4 code base > there is a flag (MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT) which if > set allows workstations to authenticate.This flag was merged into Samba 3.0 shortly after that. I think this is in 3.0.21, but ask Jeremy, as he did that side of the implementation. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20060308/fbc47712/attachment.bin
Reasonably Related Threads
- NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT
- Problems with ntlm_auth and machines accounts
- domain_client_validate: unable to validate password for user MACHINE$ in domain DOMAIN to Domain controller \\DC. Error was NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT
- [3.2.0pre1] net ads join fails with NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT
- MSCHAPv2 and NTLMv2