Phill Edwards
2010-Apr-02 14:00 UTC
[Samba] Can't get NTLM authentication working with Samba
I've been running Samba for years to provide file shares, and now I'm
trying to set it up as an NTLM authentication server for Squid. From
what I've read, to do this you need to get winbindd up and running. I
think I'm part way there but have hit a brick wall.
I've set my machine us a PDC.
"wbinfo -u" returns a list of users OK (though I notice one is missing
but I'll deal with that later). But when I do a test authentication
with "wbinfo -a sophie%XXXXXX" I get these errors:
plaintext password authentication failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Could not authenticate user sophie%summer with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Could not authenticate user sophie with challenge/response
Clearly, the NT_STATUS_CANT_ACCESS_DOMAIN_INFO message is a problem
but I can't for the life of me work out how to fix it. I _think_ it
may be something to do with having to first get the server itself to
join its own domain, but I can't figure out how to do that or what
username%password I'm supposed to provide when I run "net rpc
join".
Can anyone provide me some advice?
Regards,
Phill
Phill Edwards
2010-Apr-03 03:52 UTC
[Samba] Can't get NTLM authentication working with Samba
Anyone have any advice/tips to offer on this? I'm totally stuck and dont't what else to try. I'm quite amazed it's this difficult to set up! Regards, Phill On 3 April 2010 01:00, Phill Edwards <philledwards at gmail.com> wrote:> I've been running Samba for years to provide file shares, and now I'm > trying to set it up as an NTLM authentication server for Squid. From > what I've read, to do this you need to get winbindd up and running. I > think I'm part way there but have hit a brick wall. > > I've set my machine us a PDC. > > "wbinfo -u" returns a list of users OK (though I notice one is missing > but I'll deal with that later). But when I do a test authentication > with "wbinfo -a sophie%XXXXXX" I get these errors: > > ? ?plaintext password authentication failed > ? ?error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da) > ? ?error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO > ? ?Could not authenticate user sophie%summer with plaintext password > ? ?challenge/response password authentication failed > ? ?error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da) > ? ?error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO > ? ?Could not authenticate user sophie with challenge/response > > Clearly, the NT_STATUS_CANT_ACCESS_DOMAIN_INFO message is a problem > but I can't for the life of me work out how to fix it. I _think_ it > may be something to do with having to first get the server itself to > join its own domain, but I can't figure out how to do that or what > username%password I'm supposed to provide when I run "net rpc join". > Can anyone provide me some advice? > > Regards, > Phill >