samba - Nov 2003 - Re: samba + winbindd with NT-DC problem... i'm stuck.

Bj?rn Andersen wrote:
>Hello Group,
>
>I'm really stuck here.  I try to get an samba to authenticate it's
users
>nicely
>against an NT-DC, which will later be upgraded to W2K or W2K3
>
>My system : Suse 8.1, samba-2.2.5-80, samba-client-2.2.5-80
>
>My test-config for smb:
>[global]
>    winbind separator = +
>    winbind cache time = 0
>    template shell = /bin/bash
>    template homedir = /home/%D/%U
>    winbind uid = 10000-20000
>    winbind gid = 10000-20000
>    workgroup = FOERDE
>    security = domain
>    encrypt passwords = Yes
>    password server = SMSERVER SERVER01
>[daten]
>    path = /srv/samba/daten
>    writeable = no
>    write list = root FOERDE+300
>    valid users = root 300 FOERDE+300 @FOERDE+218
>
>winbindd runs as daemon, "wbinfo -u" and  "wbinfo -g" 
gives the right
>domain users & groups,
>as well as "getent group"  and   "getent passwd".
>strangely even ...
>  # wbinfo -a foerde+300%password
>works with an output of...
>  plaintext password authentication succeeded
>  error code was NT_STATUS_OK (0x0)
>  challenge/response password authentication succeeded
>  error code was NT_STATUS_OK (0x0)
>
>I inserted in /etc/nsswitch.conf
>  passwd: files winbind
>  group:  files winbind
>  shadow: files winbind nis
>to activate winbind. I have not changed anything in PAM because I only need
>Domain Users
>to access Win-Shares, not to login or anything else.
>But with ... :
>  web1-50:~ # smbclient //web3-77/daten -U 300 -W foerde
>i only get this output... :
>  added interface ip=150.10.30.50 bcast=150.10.30.255 nmask=255.255.255.0
>  added interface ip=10.1.110.20 bcast=10.1.110.255 nmask=255.255.255.0
>  Password: *****
>  Domain=[FOERDE] OS=[Unix] Server=[Samba 2.2.5]
>  tree connect failed: NT_STATUS_WRONG_PASSWORD
>
>Logfiles :
>messages: nothing
>log.winbind : nothing
>log.smbd : nothing
>log.nmbd : nothing
>
>With a wrong PW i get logentries "Error was
NT_STATUS_WRONG_PASSWORD."
>which seems right. But nothing with right PW. Sadly no logon as well. My
>Testuser is "300",
>as you can see i tryed some different syntax for user in smb.conf as well as
>in smbclient. No good.
>
>What am I doing wrong ? Especially because "wbinfo -a" works, I
thought I
>was quite close.
>But I didn't make any progress for days now..
>What did I forget ?
>
>Please Help..
>
>Bj?rn Andersen
>
>
>
>
>  
>
I've exactly the same problem. Did you receive any answer ?