Pierce, Shawn D
2002-Jul-09 10:37 UTC
[Samba] Samba 2.2.4 on Redhat Linux 7.2 - Domain Auth Question
Hi all,
I'am trying to set up my Samba server to use DOMAIN auth. I followed
the instructions in the "security = domain in Samba 2.x" and had good
results. Used this command to join the domain "smbpasswd -j DOM -r DOMPDC
-UAdministrator%password" and I got the result "smbpasswd: Joined
domain
DOM."
I added the entries into the configuration file to complete security
= domain here is a copy of my smb.conf file.
[global]
dns proxy = yes
security = domain
encrypt passwords = yes
password server = mfg.intel.com
workgroup = mfg.intel.com
server string = Samba linux
log level = 4
socket options = TCP_NODELAY
netbios name = %h
log file = /var/log/log.%m
guest account = pcguest
netbios aliases = %h
max log size = 25
[homes]
comment = Home Directories
browseable = yes
writable = yes
[tmp]
path = /tmp
Now when I connect using windows "Map drive" I enter the
\\<ipaddress>\tmp
and use the generic mfg\faceless account. When I connect I get Unknown User
Name or Login Failure.
In the log file from /var/log/log.machinename
[2002/07/09 10:16:07, 3] smbd/process.c:process_smb(866)
Transaction 1 of length 137
[2002/07/09 10:16:07, 3] smbd/process.c:switch_message(673)
switch message SMBnegprot (pid 21930)
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [LANMAN1.0]
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [Windows for Workgroups 3.1a]
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [LM1.2X002]
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [LANMAN2.1]
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(342)
Requested protocol [NT LM 0.12]
[2002/07/09 10:16:07, 3] smbd/negprot.c:reply_negprot(426)
Selected protocol NT LM 0.12
[2002/07/09 10:16:07, 3] smbd/process.c:process_smb(866)
Transaction 2 of length 143
[2002/07/09 10:16:07, 3] smbd/process.c:switch_message(673)
switch message SMBsesssetupX (pid 21930)
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/reply.c:reply_sesssetup_and_X(848)
Domain=[] NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
[2002/07/09 10:16:07, 3] smbd/reply.c:reply_sesssetup_and_X(859)
sesssetupX:name=[]
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:push_sec_ctx(281)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/07/09 10:16:07, 3] smbd/uid.c:push_conn_ctx(283)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:get_current_groups(162)
get_current_groups: user is in 2 groups: 1000, 201
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:pop_sec_ctx(420)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:get_current_groups(162)
get_current_groups: user is in 2 groups: 1000, 201
[2002/07/09 10:16:07, 3] smbd/password.c:register_vuid(336)
uid 1318 registered to name pcguest
[2002/07/09 10:16:07, 3] smbd/password.c:register_vuid(338)
Clearing default real name
[2002/07/09 10:16:07, 3] smbd/password.c:register_vuid(340)
User name: pcguest Real name: Samba Test
[2002/07/09 10:16:07, 3] smbd/process.c:chain_reply(1011)
Chained message
[2002/07/09 10:16:07, 3] smbd/process.c:switch_message(673)
switch message SMBtconX (pid 21930)
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 4] smbd/reply.c:reply_tcon_and_X(335)
Got device type ?????
[2002/07/09 10:16:07, 4] smbd/password.c:password_ok(593)
Null passwords not allowed.
[2002/07/09 10:16:07, 4] smbd/password.c:password_ok(593)
Null passwords not allowed.
[2002/07/09 10:16:07, 4] smbd/password.c:password_ok(593)
Null passwords not allowed.
[2002/07/09 10:16:07, 3] smbd/password.c:authorise_login(854)
authorise_login: ACCEPTED: guest account and guest ok (pcguest)
[2002/07/09 10:16:07, 3] smbd/service.c:make_connection(491)
Connect path is /tmp
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:push_sec_ctx(281)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/07/09 10:16:07, 3] smbd/uid.c:push_conn_ctx(283)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:get_current_groups(162)
get_current_groups: user is in 2 groups: 1000, 201
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:pop_sec_ctx(420)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:get_current_groups(162)
get_current_groups: user is in 2 groups: 1000, 201
[2002/07/09 10:16:07, 4] rpc_server/srv_srvsvc_nt.c:get_share_security(211)
get_share_security: using default secdesc for IPC$
[2002/07/09 10:16:07, 3] lib/util_seaccess.c:se_access_check(269)
se_access_check: user sid is S-1-5-21-2553453539-573313404-1353726876-3636
[2002/07/09 10:16:07, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-21-2553453539-573313404-1353726876-3001
[2002/07/09 10:16:07, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-21-2553453539-573313404-1353726876-1403
[2002/07/09 10:16:07, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-1-0
[2002/07/09 10:16:07, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-2
[2002/07/09 10:16:07, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-32-546
[2002/07/09 10:16:07, 3] smbd/vfs.c:vfs_init_default(122)
Initialising default vfs hooks
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (1318, 1000) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(319)
2 user groups:
1000 201
[2002/07/09 10:16:07, 3] smbd/vfs.c:vfs_ChDir(568)
vfs_ChDir to /tmp
[2002/07/09 10:16:07, 3] smbd/service.c:make_connection(651)
sdpierce-mover (172.31.167.176) connect to service IPC$ as user pcguest
(uid=1
318, gid=1000) (pid 21930)
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/reply.c:reply_tcon_and_X(395)
tconX service=ipc$ user=pcguest
[2002/07/09 10:16:07, 3] smbd/process.c:process_smb(866)
Transaction 3 of length 200
[2002/07/09 10:16:07, 3] smbd/process.c:switch_message(673)
switch message SMBsesssetupX (pid 21930)
[2002/07/09 10:16:07, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:07, 3] smbd/reply.c:reply_sesssetup_and_X(848)
Domain=[mfg] NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
[2002/07/09 10:16:07, 3] smbd/reply.c:reply_sesssetup_and_X(859)
sesssetupX:name=[faceless]
[2002/07/09 10:16:08, 0] smbd/password.c:domain_client_validate(1549)
domain_client_validate: could not fetch trust account password for domain
MFG.
INTEL.COM
[2002/07/09 10:16:08, 0] passdb/pdb_smbpasswd.c:getsmbfilepwent(362)
getsmbfilepwent: malformed password entry (uid not number)
[2002/07/09 10:16:08, 1] smbd/password.c:pass_check_smb(545)
Couldn't find user 'faceless' in passdb.
[2002/07/09 10:16:08, 2] smbd/reply.c:reply_sesssetup_and_X(963)
NT Password did not match for user 'faceless'!
[2002/07/09 10:16:08, 2] smbd/reply.c:reply_sesssetup_and_X(973)
Defaulting to Lanman password for faceless
[2002/07/09 10:16:08, 0] passdb/pdb_smbpasswd.c:getsmbfilepwent(362)
getsmbfilepwent: malformed password entry (uid not number)
[2002/07/09 10:16:08, 1] smbd/password.c:pass_check_smb(545)
Couldn't find user 'faceless' in passdb.
[2002/07/09 10:16:08, 1] smbd/reply.c:reply_sesssetup_and_X(989)
Rejecting user 'faceless': authentication failed
[2002/07/09 10:16:08, 3] smbd/error.c:error_packet(91)
error string = No such file or directory
[2002/07/09 10:16:08, 3] smbd/error.c:error_packet(106)
error packet at smbd/reply.c(991) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAIL
URE
[2002/07/09 10:16:56, 3] smbd/process.c:process_smb(866)
Transaction 4 of length 39
[2002/07/09 10:16:56, 3] smbd/process.c:switch_message(673)
switch message SMBtdis (pid 21930)
[2002/07/09 10:16:56, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:56, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:56, 3] smbd/service.c:close_cnum(690)
sdpierce-mover (172.31.167.176) closed connection to service IPC$
[2002/07/09 10:16:56, 3] smbd/connection.c:yield_connection(48)
Yielding connection to IPC$
[2002/07/09 10:16:56, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:56, 3] smbd/vfs.c:vfs_ChDir(568)
vfs_ChDir to /
[2002/07/09 10:16:56, 3] smbd/process.c:process_smb(866)
Transaction 5 of length 43
[2002/07/09 10:16:56, 3] smbd/process.c:switch_message(673)
switch message SMBulogoffX (pid 21930)
[2002/07/09 10:16:56, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:56, 3] smbd/reply.c:reply_ulogoffX(1770)
ulogoffX vuid=100
[2002/07/09 10:16:56, 3] smbd/process.c:timeout_processing(1091)
end of file from client
[2002/07/09 10:16:56, 3] smbd/sec_ctx.c:set_sec_ctx(313)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/07/09 10:16:56, 2] smbd/server.c:exit_server(461)
Closing connections
[2002/07/09 10:16:56, 3] smbd/connection.c:yield_connection(48)
Yielding connection to
[2002/07/09 10:16:56, 3] smbd/server.c:exit_server(495)
Server exit (normal exit)
I know I'am missing something but, cannot figure out what that is any help
would be appreciated.
Shawn
Possibly Parallel Threads
Wisdom of the Ancients
