Samba 2.2.2 on Solaris 7/SPARC. Windows 2000 SP2 domain controller (native mode). Joined samba to domain as per htmldocs/DOMAIN_MEMBER.html. [global] workgroup = DOM security = domain password server = charon However, connecting to shares as non-guest fails due to authentication problems (below). As htmldocs/DOMAIN_MEMBER.html indicates this does work, is there some other magic that needs to be performed? It failed in the same way trying to use an NT4 SP6a PDC. Any advice would be appreciated. grant. [2002/03/07 16:57:57, 3] smbd/process.c:process_smb(860) Transaction 1 of length 137 [2002/03/07 16:57:57, 3] smbd/process.c:switch_message(667) switch message SMBnegprot (pid 20953) [2002/03/07 16:57:57, 3] smbd/sec_ctx.c:set_sec_ctx(320) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(349) Requested protocol [PC NETWORK PROGRAM 1.0] [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(349) Requested protocol [LANMAN1.0] [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(349) Requested protocol [Windows for Workgroups 3.1a] [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(349) Requested protocol [LM1.2X002] [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(349) Requested protocol [LANMAN2.1] [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(349) Requested protocol [NT LM 0.12] [2002/03/07 16:57:57, 3] smbd/negprot.c:reply_negprot(433) Selected protocol NT LM 0.12 [2002/03/07 16:57:57, 3] smbd/process.c:process_smb(860) Transaction 2 of length 203 [2002/03/07 16:57:57, 3] smbd/process.c:switch_message(667) switch message SMBsesssetupX (pid 20953) [2002/03/07 16:57:57, 3] smbd/sec_ctx.c:set_sec_ctx(320) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2002/03/07 16:57:57, 3] smbd/reply.c:reply_sesssetup_and_X(855) Domain=[NOTEBOOK] NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] [2002/03/07 16:57:57, 3] smbd/reply.c:reply_sesssetup_and_X(866) sesssetupX:name=[grant] [2002/03/07 16:57:57, 3] libsmb/namequery.c:resolve_lmhosts(749) resolve_lmhosts: Attempting lmhosts lookup for name CHARON<0x20> [2002/03/07 16:57:57, 3] libsmb/namequery.c:resolve_hosts(789) resolve_hosts: Attempting host lookup for name CHARON<0x20> [2002/03/07 16:57:57, 3] lib/util_sock.c:open_socket_out(871) Connecting to 192.168.211.27 at port 139 [2002/03/07 16:57:57, 0] rpc_client/cli_netlogon.c:cli_net_auth2(160) cli_net_auth2: Error NT_STATUS_ACCESS_DENIED [2002/03/07 16:57:57, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72) cli_nt_setup_creds: auth2 challenge failed [2002/03/07 16:57:57, 0] smbd/password.c:connect_to_domain_password_server(1371) connect_to_domain_password_server: unable to setup the PDC credentials to machine CHARON. Error was : NT_STATUS_ACCESS_DENIED. [2002/03/07 16:57:57, 0] smbd/password.c:domain_client_validate(1591) domain_client_validate: Domain password server not available. [2002/03/07 16:57:57, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(171) startsmbfilepwent_internal: unable to open file /opt/local/samba/private/smbpasswd. Error was No such file or directory [2002/03/07 16:57:57, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1368) unable to open passdb database. [2002/03/07 16:57:57, 1] smbd/password.c:pass_check_smb(546) Couldn't find user 'grant' in passdb. [2002/03/07 16:57:57, 2] smbd/reply.c:reply_sesssetup_and_X(970) NT Password did not match for user 'grant'! [2002/03/07 16:57:57, 2] smbd/reply.c:reply_sesssetup_and_X(980) Defaulting to Lanman password for grant [2002/03/07 16:57:57, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(171) startsmbfilepwent_internal: unable to open file /opt/local/samba/private/smbpasswd. Error was No such file or directory [2002/03/07 16:57:57, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1368) unable to open passdb database. [2002/03/07 16:57:57, 1] smbd/password.c:pass_check_smb(546) Couldn't find user 'grant' in passdb. [2002/03/07 16:57:57, 1] smbd/reply.c:reply_sesssetup_and_X(1004) Rejecting user 'grant': bad password [2002/03/07 16:57:57, 3] smbd/error.c:error_packet(99) error string = No such file or directory [2002/03/07 16:57:57, 3] smbd/error.c:error_packet(105) 32 bit error packet at smbd/reply.c(1006) cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)]
Grant.Beattie@fulcrum.com.au
2002-Mar-14 20:37 UTC
[Samba] HEAD and multiple user connections from same client
I now have the latest cvs sources authenticating via the Win2k PDC, using domain level security. There is a problem with multiple user connections to samba from the same client. First user is OK, second gets the first user's directory mapping. This can be reproduced, eg. * User1 connects to \\smbhost\user1, gets a new connection to smbhost, /home/users/user1 * User2 connects to \\smbhost\user2, uses the existing connection to smbhost, and incorrectly receives /home/users/user1 instead of user2 This is obviously not useful for most purposes. :) [2002/03/15 14:49:09, 3] smbd/service.c:find_service(138) checking for home directory grant gave /home/users/grant [2002/03/15 14:49:09, 3] smbd/password.c:authorise_login(496) authorise_login: ACCEPTED: validated based on vuid as non-guest (user=grant) [2002/03/15 14:49:09, 3] smbd/service.c:make_connection(524) Connect path is /home/users/grant ... [2002/03/15 15:01:16, 3] smbd/service.c:find_service(138) checking for home directory tym gave /home/users/tym authorise_login: ACCEPTED: validated based on vuid as non-guest (user=tym) [2002/03/15 15:01:16, 3] smbd/service.c:make_connection(524) Connect path is /home/users/grant is there a way to force a new connection for each user? or another work-around? full debug output is available if someone would like to attempt a fix :) g.
On Thu, 7 Mar 2002, Grant Beattie wrote:> Samba 2.2.2 on Solaris 7/SPARC. Windows 2000 SP2 domain controller > (native mode). > > Joined samba to domain as per htmldocs/DOMAIN_MEMBER.html. > > [global] > workgroup = DOM > security = domain > password server = charon > > However, connecting to shares as non-guest fails due to > authentication problems (below). > > As htmldocs/DOMAIN_MEMBER.html indicates this does work, is there some > other magic that needs to be performed? It failed in the same way > trying to use an NT4 SP6a PDC.set "encrypt passwords = yes" cheers, jerry --------------------------------------------------------------------- Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org -- http://www.plainjoe.org "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--