Daniel E. Coletti
2002-Nov-27 20:13 UTC
[Samba] problems using challenge-auth with winbind
Hi, I'm trying to set up a squid with ntlm authentification, and as I follow the instructions I read in the squid FAQ I run into this problem. When I try to do a ``wbinfo -a <domain>\\<user>%<passwd>'' the process tells me that the authentification did not succeded (both, plaintext passwords authentification and challenge/response password authentification). This PDC works with Win95 PCs (and these use plaintext), so I'm assuming that the NT can do these type of authentification. The user I'm using is *not* the administrator and I managed to put the correct privileges to join the domain. I did compile samba with the --with-winbind-auth-challenge and --with-winbind options. I'm using debian 3.0 (aka woody) and samba 2.2.3a-6. I did try compiling a samba 2.2.7 but, eventhough I compiled it with the exact same flags I compiled 2.2.4a-6 and using the very same PDC user, the smbpasswd won't join the domain (strange, huh?). Any ideas? Could it be that there are privileges on the PDC that need to be added to this user? Thanks a lot. daniel//// -- Daniel E. Coletti <dcoletti@xtech.com.ar> XTech - Soluciones Linux para Empresas
On Thu, 2002-11-28 at 07:07, Daniel E. Coletti wrote:> Hi, > I'm trying to set up a squid with ntlm authentification, and as I > follow the instructions I read in the squid FAQ I run into this problem. > > When I try to do a ``wbinfo -a <domain>\\<user>%<passwd>'' the process > tells me that the authentification did not succeded (both, plaintext > passwords authentification and challenge/response password > authentification). This PDC works with Win95 PCs (and these use > plaintext), so I'm assuming that the NT can do these type of > authentification. > The user I'm using is *not* the administrator and I managed to put the > correct privileges to join the domain. > I did compile samba with the --with-winbind-auth-challenge and > --with-winbind options. > > I'm using debian 3.0 (aka woody) and samba 2.2.3a-6.I don't think we really have the correct support in 2.2.3a. I would strongly suggest working with 2.2.7 (but see the note in the FAQ about the header file you need to pull across).> I did try compiling a samba 2.2.7 but, eventhough I compiled it with the > exact same flags I compiled 2.2.4a-6 and using the very same PDC user, > the smbpasswd won't join the domain (strange, huh?).'add machine to domain' only allows *adding*, not rejoining a machine already in the domain. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20021130/f4337388/attachment.bin