samba - Jan 2002 - problems win 95 connection via winbind and M$-PDC to a samba222 share

Hello folks....

i am using 50 devices with samba222 providing 60gb space to the networks we
have....

each of this NAS devices (NetworkAttached storage) is authenticating with
winbind agains the M$ PDC.

my client PCs are working under Win9x....200 PCs with win95 and 750 PCs with
win98se...

my problem is the following:
if the win95 clients are logging on to the PDC and the login script wants to
mount the NAS device sharing they get a "enter password"-question.
Then Win98se machines logging on to the same PDC are not getting the
question...(wondering!)...they are successfully authenticated and connected to
the NAS.

can somebody tell me why this can happen....?!?!
Did somebody have seen the same behavior already ?!?

any comments and hints are welcome and appriciated! :-))

regards
Stephan
> Stephan Scheufen - IT Systems and Office Support Europe
> EBV ELEKTRONIK
> L?tscher Weg 66 - D-41334 Nettetal - Germany
> Fon: +49-2153-733-315 - Fax: 310 - Mail: s.scheufen@ebv.com
>

Hi,
>my problem is the following:
>if the win95 clients are logging on to the PDC and the login script wants
>to mount the NAS device sharing they get a "enter
password"-question.
>Then Win98se machines logging on to the same PDC are not getting the
>question...(wondering!)...they are successfully authenticated and connected
to the NAS.
>
>can somebody tell me why this can happen....?!?!
>Did somebody have seen the same behavior already ?!?
usually, this behaviour comes from password encryption,
supported on W98 but not on W95.
You'll need to switch to non encrypted passwords,
and "force" everybody else (W98/nt/2000) to send
passwords in cleartext.
I wonder if this is resolvable by using different
smb.conf files ...

but maybe this comes from another problem.

bye

Ahmed RAHAL,
Taranis Services S.A.

At 03:24 PM 1/10/02 +0100, Ahmed RAHAL wrote:
>Hi,
>
> >my problem is the following:
> >if the win95 clients are logging on to the PDC and the login script
wants
> >to mount the NAS device sharing they get a "enter
password"-question.
> >Then Win98se machines logging on to the same PDC are not getting the
> >question...(wondering!)...they are successfully authenticated and
connected
>to the NAS.
> >
> >can somebody tell me why this can happen....?!?!
> >Did somebody have seen the same behavior already ?!?
>
>usually, this behaviour comes from password encryption,
>supported on W98 but not on W95.
>You'll need to switch to non encrypted passwords,
>and "force" everybody else (W98/nt/2000) to send
>passwords in cleartext.
>I wonder if this is resolvable by using different
>smb.conf files ...
No, you can enable encrypted passwords on 95.
>but maybe this comes from another problem.
>
>bye
>
>Ahmed RAHAL,
>Taranis Services S.A.
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
Martyn

Life's a bitch, but so am I.

At , you wrote:
>my problem is the following:
>if the win95 clients are logging on to the PDC and the login script wants 
>to mount the NAS device sharing they get a "enter
password"-question. Then
>Win98se machines logging on to the same PDC are not getting the 
>question...(wondering!)...they are successfully authenticated and 
>connected to the NAS.
We have the same problem here - only with Win95 machines.  98, 98SE, NT4, 
2000, and XP all work fine.  It happens with both Samba 2.2.2 and 2.2.3pre 
CVS running winbind.

It seems that if one waits a while, then the shares on the Samba server can 
be accessed.  I turned on more verbose logging over the weekend and I 
already have a few of these incidents captured this morning.  I'll let the 
list know what I find.

Ian

OK, following up on my previous email about this subject.

Quoting Scheufen Stephan <S.Scheufen@ebv.com>:
> my problem is the following:
> if the win95 clients are logging on to the PDC and the login script
> wants to mount the NAS device sharing they get a "enter
> password"-question. Then Win98se machines logging on to the same PDC
are
> not getting the question...(wondering!)...they are successfully
> authenticated and connected to the NAS.
To recap, I have this same problem.  We have a network of about 40-50 clients, 
running a mix of Win95 OSR2, 98, 98SE, NT4 Workstation, 2k Pro, and XP Pro.  
Our Samba configuration uses winbind and security=server to authenticate with 
our PDC, which is running NT4 Server with SP6.  The same problem happens with 
both Samba 2.2.2 and 2.2.3pre from CVS.

Like Stephan, this occurs only on the 95 OSR2 machines and generally only RIGHT 
after logging on.  I've tried installing all updates I could (secupd2, 
winsock2, etc.) and I still get this problem.

Looking through smbd and winbindd logs (both at level 3), I found this when the 
problem occurs (connecting to a share named Arch, user name is
"testuser" and
the domain is "EDM."

Looking in smbd.log:

[2002/01/14 16:21:00, 3] smbd/reply.c:reply_sesssetup_and_X(851)
  Domain=[]  NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2002/01/14 16:21:00, 3] smbd/reply.c:reply_sesssetup_and_X(861)
  sesssetupX:name=[TESTUSER]
[2002/01/14 16:21:00, 3] libsmb/namequery.c:resolve_wins(694)
  resolve_wins: Attempting wins lookup for name PDC_SERVER<0x20>
[2002/01/14 16:21:00, 3] libsmb/namequery.c:resolve_wins(712)
  resolve_wins: WINS server == <10.10.1.10>
[2002/01/14 16:21:00, 3] lib/util_sock.c:open_socket_in(837)
  bind succeeded on port 0
[2002/01/14 16:21:00, 2] libsmb/namequery.c:name_query(420)
  Got a positive name query response from 10.10.1.10 ( 10.10.1.10 )
[2002/01/14 16:21:00, 3] lib/util_sock.c:open_socket_out(869)
  Connecting to 10.10.1.10 at port 445
[2002/01/14 16:21:01, 2] lib/util_sock.c:open_socket_out(898)
  error connecting to 10.10.1.10:445 (Connection refused)
[2002/01/14 16:21:01, 3] lib/util_sock.c:open_socket_out(869)
  Connecting to 10.10.1.10 at port 139
[2002/01/14 16:21:01, 3] smbd/reply.c:reply_sesssetup_and_X(1021)
  No such user testuser [] - using guest account
[2002/01/14 16:21:01, 3] smbd/sec_ctx.c:push_sec_ctx(282)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/01/14 16:21:01, 3] smbd/uid.c:push_conn_ctx(285)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/01/14 16:21:01, 3] smbd/sec_ctx.c:set_sec_ctx(314)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/01/14 16:21:01, 3] smbd/sec_ctx.c:get_current_groups(162)
  get_current_groups: user is in 1 groups: 65534
[2002/01/14 16:21:01, 3] smbd/sec_ctx.c:pop_sec_ctx(421)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/14 16:21:01, 3] smbd/sec_ctx.c:get_current_groups(162)
  get_current_groups: user is in 1 groups: 65534
[2002/01/14 16:21:01, 3] smbd/password.c:register_vuid(328)
  uid 65534 registered to name nobody

So it looks like it can't find TESTUSER and maps them to nobody.  However,
if I
don't try to mount anything until a minute or so after I log on, I can mount
the directory successfuly and this occurs in the logs instead:
[2002/01/15 15:41:43, 3] smbd/reply.c:reply_sesssetup_and_X(851)
  Domain=[EDM]  NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
[2002/01/15 15:41:43, 3] smbd/reply.c:reply_sesssetup_and_X(861)
  sesssetupX:name=[TESTUSER]
[2002/01/15 15:41:43, 3] smbd/reply.c:reply_sesssetup_and_X(922)
  Using unix username EDM\TESTUSER
..
[2002/01/15 15:41:43, 3] smbd/sec_ctx.c:get_current_groups(162)
  get_current_groups: user is in 2 groups: 10005, 10001
[2002/01/15 15:41:43, 3] smbd/password.c:register_vuid(328)
  uid 10041 registered to name edm\testuser

The winbind logs reveal the same problem, but from a different perspective. 
When authentication fails, this appears:
[ 8301]: getpwnam \TESTUSER
[ 8301]: getpwnam testuser
[ 8301]: getpwnam TESTUSER
[ 8301]: getpwnam testuser
[ 8301]: getpwnam TESTUSER
[ 8301]: getpwnam testuser
[ 8301]: getpwnam TESTUSER
[ 8301]: getpwnam testuser
[ 8301]: getpwnam TESTUSER

When it is successful, this happens:
[ 8409]: getpwnam EDM\TESTUSER
CACHESEQ EDM/USR/TESTUSER is 4294967295
cached sequence number for EDM is 5885
seq 4294967295 for EDM has expired (not == 5885)
CACHESEQ EDM/SID/EDM\TESTUSER is 4294967295
cached sequence number for EDM is 5885
seq 4294967295 for EDM has expired (not == 5885)
cached sequence number for EDM is 5885
cached sequence number for EDM is 5885
cached sequence number for EDM is 5885

and so on.

So, it looks like for some reason, right after logon, the domain EDM is left 
off of the user's name.  Now I need to find out WHY this happens.

I can't get this to duplicate itself on a non-loaded test server.

Ia