samba - Dec 2004 - Unable to access shares on a Linux Samba server

Hello everyone,

I did alot of searching before I came to post here, but have failed to
come up with a reason why this isn't working.  I may just be missing a
major step.  First, let me get the formailities out of the way.

Redhat ES 3.0
Linux  2.4.21-4.ELsmp #1 SMP Fri Oct 3 17:31:21 EDT 2003 i686 athlon
i386 GNU/Linux
samba-3.0.10-1

I configured and installed swat so I could do remote administration,
and used it to configure 99% of my smb.conf.


Our setup here is Windows 2000 AD with mixed mode on to support our
legacy 98/NT4 devices. 

I simply would like to see a share on the linux server be accessible
either by a list, or by an AD group of users.

However, when trying to connect to the server with a Windows XP client,
I get the following in the logs.

[2004/12/23 07:04:40, 3]
nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(465)
  [25137]: pam auth crap domain: BJC-NT user: mjc8804
[2004/12/23 07:04:40, 0] nsswitch/winbindd_util.c:get_trust_pw(1034)
  get_trust_pw: could not fetch trust account password for my domain
BJC-NT
[2004/12/23 07:04:40, 2]
nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)
  NTLM CRAP authentication for user [BJC-NT]\[mjc8804] returned
NT_STATUS_CANT_ACCESS_DOMAIN_INFO (PAM: 4)
[2004/12/23 07:04:40, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/12/23 07:04:40, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [mjc8804] -> [mjc8804]
FAILED with error NT_STATUS_CANT_ACCESS_DOMAIN_INFO
[2004/12/23 07:04:40, 3] smbd/process.c:timeout_processing(1336)
  timeout_processing: End of file from client (client has
disconnected).
[2004/12/23 07:04:40, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/12/23 07:04:40, 2] smbd/server.c:exit_server(571)
  Closing connections
[2004/12/23 07:04:40, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2004/12/23 07:04:40, 3] smbd/connection.c:yield_connection(76)
  yield_connection: tdb_delete for name  failed with error Record does
not exist.
[2004/12/23 07:04:40, 3] smbd/server.c:exit_server(614)
  Server exit (normal exit)
[2004/12/23 07:05:40, 3] nsswitch/winbindd_rpc.c:trusted_domains(892)
  rpc: trusted_domains
[2004/12/23 07:10:40, 3] nsswitch/winbindd_rpc.c:trusted_domains(892)
  rpc: trusted_domains

I don't quite understand why I get this error of no accessing domai
info, like I said, I may be missing something glaringly obvious.

Thanks all for your help.

Matt


# Samba config file created using SWAT
# from 10.32.1.149 (10.32.1.149)
# Date: 2004/12/23 07:00:10

# Global parameters
[global]
        workgroup = BJC-NT
        security = DOMAIN
        auth methods = winbind
        min password length = 8
        password server = bjcadc02.carenet.org
        client NTLMv2 auth = Yes
        client lanman auth = No
        client plaintext auth = No
        log level = 3
        log file = /root/smb.log
        add user script = /usr/local/samba/bin/add_user %u
        delete user script = /usr/local/samba/bin/del_user %u
        add user to group script = /usr/sbin/adduser %u %g
        add machine script = /usr/sbin/adduser -n -g machines -c
Machine -d /dev/null -s /bin/false %u
        ldap admin dn = CN=Imprivata\ T.\
Test,OU=Login,OU=Generic,DC=bjc-nt,DC=bjc,DC=org
        ldap ssl = no
        admin users = xxxxxxx
        hosts allow = 10.32.1.0/255.255.255.0

[full]
        path = /
        valid users = xxxxxxxx
        read only = No


(the x's are legitimate usernames)

Matt Carlson
(314) 362-0870
4353 Clayton Avenue
Mailstop : 90-68-145
Saint Louis, MO 63110

http://issecurity.carenet.org

Sounds like the SAMBA machine isn't joined to the domain.  Try that and see
if that helps.