samba - Nov 2002 - problems using challenge-auth with winbind

Hi,
	I'm trying to set up a squid with ntlm authentification, and as I
follow the instructions I read in the squid FAQ I run into this problem.

When I try to do a ``wbinfo -a
<domain>\\<user>%<passwd>'' the process
tells me that the authentification did not succeded (both, plaintext
passwords authentification and challenge/response password
authentification). This PDC works with Win95 PCs (and these use
plaintext), so I'm assuming that the NT can do these type of
authentification.
The user I'm using is *not* the administrator and I managed to put the
correct privileges to join the domain.
I did compile samba with the --with-winbind-auth-challenge and
--with-winbind options.

I'm using debian 3.0 (aka woody) and samba 2.2.3a-6.

I did try compiling a samba 2.2.7 but, eventhough I compiled it with the
exact same flags I compiled 2.2.4a-6 and using the very same PDC user,
the smbpasswd won't join the domain (strange, huh?).

Any ideas? Could it be that there are privileges on the PDC that need to
be added to this user?

Thanks a lot.

daniel////

-- 
Daniel E. Coletti <dcoletti@xtech.com.ar>
XTech - Soluciones Linux para Empresas

On Thu, 2002-11-28 at 07:07, Daniel E. Coletti wrote:
> Hi,
> 	I'm trying to set up a squid with ntlm authentification, and as I
> follow the instructions I read in the squid FAQ I run into this problem.
> 
> When I try to do a ``wbinfo -a
<domain>\\<user>%<passwd>'' the process
> tells me that the authentification did not succeded (both, plaintext
> passwords authentification and challenge/response password
> authentification). This PDC works with Win95 PCs (and these use
> plaintext), so I'm assuming that the NT can do these type of
> authentification.
> The user I'm using is *not* the administrator and I managed to put the
> correct privileges to join the domain.
> I did compile samba with the --with-winbind-auth-challenge and
> --with-winbind options.
> 
> I'm using debian 3.0 (aka woody) and samba 2.2.3a-6.
I don't think we really have the correct support in 2.2.3a.  I would
strongly suggest working with 2.2.7 (but see the note in the FAQ about
the header file you need to pull across).
> I did try compiling a samba 2.2.7 but, eventhough I compiled it with the
> exact same flags I compiled 2.2.4a-6 and using the very same PDC user,
> the smbpasswd won't join the domain (strange, huh?).
'add machine to domain' only allows *adding*, not rejoining a machine
already in the domain.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20021130/f4337388/attachment.bin