Adi Nugraha
2005-Jan-13 11:22 UTC
[Samba] can join but unable to login to the domain + ldap account problems
after setting up a PDC with ldap according to the book samba 3 by example,
almost everything worked out fine, the validations listed in the books
turned out as expected with minor differences, but these are the problems :
1. According to the book the account that can be used to join a domain is
the Administrator account with the password set from the ldap admin dn which
is secret is my installation,but I was unable to join the domain with the
account, not even just to see the shares, something like wrong password,
when I look at the log it seem the Administrator is mapped to root, which
has a different password in the linux, does this matter? in the end I tried
creating a new Account with 0 uid to join the domain (let's call it
__admin__ ), and it worked, but I still would like to know why the
Administrator account didn't work,
2. A W2k workstation can join the domain with the __admin__ account , but
after reboot It can't login with any User name, not even with the account
that succesfully joined the workstation the error message is 'The system
cannot log you o now because the domain is not available, I am able to see
the shares with the __admin__ Account, but not with any other accounts (
even newly created ones)
3. when trying to net rpc join the samba box itself it returned
Unable to join domain VALHALLA.
and when I tried smbclient -L localhost
Anonymous login successful
Domain=[VALHALLA] OS=[Unix] Server=[Samba 3.0.9]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME
but when I tried smbclient //valkyrie/user -Uuser%1234 it wored just fine of
course the administrator password still didn't work
this is the level 1 log :
[2005/01/13 13:03:09, 0] smbd/service.c:make_connection_snum(620)
'/root/tmp' does not exist or is not a directory, when connecting to
[IPC$]
and this is the level 2 log :
[2005/01/13 13:13:19, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2005/01/13 13:13:19, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2005/01/13 13:13:19, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011)
init_group_from_ldap: Entry found for group: 546
[2005/01/13 13:13:19, 0] smbd/service.c:make_connection_snum(620)
'/root/tmp' does not exist or is not a directory, when connecting to
[IPC$]
and the level 3 log :
[2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092)
Transaction 1 of length 137
[2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887)
switch message SMBnegprot (pid 3842) conn 0x0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [LANMAN1.0]
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [Windows for Workgroups 3.1a]
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [LM1.2X002]
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [LANMAN2.1]
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [NT LM 0.12]
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_nt1(333)
using SPNEGO
[2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(549)
Selected protocol NT LM 0.12
[2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092)
Transaction 2 of length 202
[2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887)
switch message SMBsesssetupX (pid 3842) conn 0x0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
wct=12 flg2=0xc807
[2005/01/13 13:16:12, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
Doing spnego session setup
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_spnego_negotiate(444)
Got OID 1 3 6 1 4 1 311 2 2 10
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_spnego_negotiate(447)
Got secblob of size 32
[2005/01/13 13:16:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0xc0008297
[2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092)
Transaction 3 of length 232
[2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887)
switch message SMBsesssetupX (pid 3842) conn 0x0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
wct=12 flg2=0xc807
[2005/01/13 13:16:12, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
Doing spnego session setup
[2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/01/13 13:16:12, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(615)
Got user=[] domain=[] workstation=[VPC1] len1=1 len2=0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user []\[]@[VPC1]
with the new password interface
[2005/01/13 13:16:12, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is: [VALHALLA]\[]@[VPC1]
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011)
init_group_from_ldap: Entry found for group: 546
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: guest authentication for user [] succeeded
[2005/01/13 13:16:12, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
NTLMSSP Sign/Seal - Initialising with flags:
[2005/01/13 13:16:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x40008295
[2005/01/13 13:16:12, 3] smbd/password.c:register_vuid(222)
User name: nobody Real name: nobody
[2005/01/13 13:16:12, 3] smbd/password.c:register_vuid(241)
UNIX uid 65534 is UNIX user nobody, and will be vuid 100
[2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092)
Transaction 4 of length 86
[2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887)
switch message SMBtconX (pid 3842) conn 0x0
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/service.c:make_connection_snum(472)
Connect path is '/root/tmp' for service [IPC$]
[2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(251)
[2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-445313069-670739273-3497575158-501
se_access_check: also S-1-5-21-445313069-670739273-3497575158-514
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-32-546
se_access_check: also S-1-5-21-445313069-670739273-3497575158-546
se_access_check: also S-1-5-21-445313069-670739273-3497575158-132069
[2005/01/13 13:16:12, 3] smbd/vfs.c:vfs_init_default(203)
Initialising default vfs hooks
[2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(251)
[2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-445313069-670739273-3497575158-501
se_access_check: also S-1-5-21-445313069-670739273-3497575158-514
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-32-546
se_access_check: also S-1-5-21-445313069-670739273-3497575158-546
se_access_check: also S-1-5-21-445313069-670739273-3497575158-132069
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 0] smbd/service.c:make_connection_snum(620)
'/root/tmp' does not exist or is not a directory, when connecting to
[IPC$]
[2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/01/13 13:16:12, 3] smbd/connection.c:yield_connection(69)
Yielding connection to IPC$
[2005/01/13 13:16:12, 3] smbd/error.c:error_packet(105)
error string = Permission denied
[2005/01/13 13:16:12, 3] smbd/error.c:error_packet(129)
error packet at smbd/reply.c(416) cmd=117 (SMBtconX)
NT_STATUS_BAD_NETWORK_NAME
anyone understand anything from this log ??? if you need the smb.conf file
or anything just tell me, Sorry if it's a repeated question, I tried
googling but didn't find any real solution, there was something about
changing the reg is windows, but I'd like to avoid doing that to every
computer that need to join,
Thanks
Adi
John H Terpstra
2005-Jan-13 15:52 UTC
[Samba] can join but unable to login to the domain + ldap account problems
On Thursday 13 January 2005 04:28, Adi Nugraha wrote:> after setting up a PDC with ldap according to the book samba 3 by example, > almost everything worked out fine, the validations listed in the books > turned out as expected with minor differences, but these are the problems :Adi, I happen to be the author of that book. Suggest you delete the Administrator account and add an account for 'root' that matches your /etc/passwd entry for the 'root' user. I will be fixing this information in the update that I will soon make to the book.> > 1. According to the book the account that can be used to join a domain is > the Administrator account with the password set from the ldap admin dn > which is secret is my installation,but I was unable to join the domain with > the account, not even just to see the shares, something like wrong > password, when I look at the log it seem the Administrator is mapped to > root, which has a different password in the linux, does this matter? in the > end I tried creating a new Account with 0 uid to join the domain (let's > call it __admin__ ), and it worked, but I still would like to know why the > Administrator account didn't work,Winbind will break if there is any ambiguity in the forward and reverse mapping of login names to UID. You can NOT have both root with UID=0 and Administrator with UID=0. If you do, when Samba does a reverse lookup of the Windows SID for Administrator it will find it has UNIX UID=0, but then can not determine which UNIX account that represents - i.e.: Is it 'root' or is it 'Administrator'. Additionally, all accounts Samba uses must be in the LDAP backend (both the POSIX account details and the SambaSamAccount details) if you are using an LDAP backend.> > 2. A W2k workstation can join the domain with the __admin__ account , but > after reboot It can't login with any User name, not even with the account > that succesfully joined the workstation the error message is 'The system > cannot log you o now because the domain is not available, I am able to see > the shares with the __admin__ Account, but not with any other accounts ( > even newly created ones)Did you add the LDAP admin password to the secrets.tdb file? Do the following work?: getent passwd pdbedit -Lw If you have a service definition for [IPC$] in your smb.conf file, please delete it, then try again.> > 3. when trying to net rpc join the samba box itself it returned > Unable to join domain VALHALLA. > > and when I tried smbclient -L localhost > > Anonymous login successful > Domain=[VALHALLA] OS=[Unix] Server=[Samba 3.0.9] > tree connect failed: NT_STATUS_BAD_NETWORK_NAME > > but when I tried smbclient //valkyrie/user -Uuser%1234 it wored just fine > of course the administrator password still didn't work > > this is the level 1 log : > > [2005/01/13 13:03:09, 0] smbd/service.c:make_connection_snum(620) > '/root/tmp' does not exist or is not a directory, when connecting to > [IPC$]What version of Samba? Did you compile it yourself? If so, what parameters did you pass to configure? - John T.> > and this is the level 2 log : > > [2005/01/13 13:13:19, 2] smbd/sesssetup.c:setup_new_vc_session(608) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all > old resources. > [2005/01/13 13:13:19, 2] smbd/sesssetup.c:setup_new_vc_session(608) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all > old resources. > [2005/01/13 13:13:19, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) > init_group_from_ldap: Entry found for group: 546 > [2005/01/13 13:13:19, 0] smbd/service.c:make_connection_snum(620) > '/root/tmp' does not exist or is not a directory, when connecting to > [IPC$] > > > and the level 3 log : > > [2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092) > Transaction 1 of length 137 > [2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887) > switch message SMBnegprot (pid 3842) conn 0x0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [PC NETWORK PROGRAM 1.0] > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [LANMAN1.0] > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [Windows for Workgroups 3.1a] > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [LM1.2X002] > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [LANMAN2.1] > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [NT LM 0.12] > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_nt1(333) > using SPNEGO > [2005/01/13 13:16:12, 3] smbd/negprot.c:reply_negprot(549) > Selected protocol NT LM 0.12 > [2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092) > Transaction 2 of length 202 > [2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887) > switch message SMBsesssetupX (pid 3842) conn 0x0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) > wct=12 flg2=0xc807 > [2005/01/13 13:16:12, 2] smbd/sesssetup.c:setup_new_vc_session(608) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all > old resources. > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) > Doing spnego session setup > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) > NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] > PrimaryDomain=[] > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) > Got OID 1 3 6 1 4 1 311 2 2 10 > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_spnego_negotiate(447) > Got secblob of size 32 > [2005/01/13 13:16:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > Got NTLMSSP neg_flags=0xc0008297 > [2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092) > Transaction 3 of length 232 > [2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887) > switch message SMBsesssetupX (pid 3842) conn 0x0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) > wct=12 flg2=0xc807 > [2005/01/13 13:16:12, 2] smbd/sesssetup.c:setup_new_vc_session(608) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all > old resources. > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) > Doing spnego session setup > [2005/01/13 13:16:12, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) > NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] > PrimaryDomain=[] > [2005/01/13 13:16:12, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(615) > Got user=[] domain=[] workstation=[VPC1] len1=1 len2=0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] auth/auth.c:check_ntlm_password(219) > check_ntlm_password: Checking password for unmapped user []\[]@[VPC1] > with the new password interface > [2005/01/13 13:16:12, 3] auth/auth.c:check_ntlm_password(222) > check_ntlm_password: mapped user is: [VALHALLA]\[]@[VPC1] > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) > init_group_from_ldap: Entry found for group: 546 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/uid.c:push_conn_ctx(365) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] auth/auth.c:check_ntlm_password(268) > check_ntlm_password: guest authentication for user [] succeeded > [2005/01/13 13:16:12, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319) > NTLMSSP Sign/Seal - Initialising with flags: > [2005/01/13 13:16:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > Got NTLMSSP neg_flags=0x40008295 > [2005/01/13 13:16:12, 3] smbd/password.c:register_vuid(222) > User name: nobody Real name: nobody > [2005/01/13 13:16:12, 3] smbd/password.c:register_vuid(241) > UNIX uid 65534 is UNIX user nobody, and will be vuid 100 > [2005/01/13 13:16:12, 3] smbd/process.c:process_smb(1092) > Transaction 4 of length 86 > [2005/01/13 13:16:12, 3] smbd/process.c:switch_message(887) > switch message SMBtconX (pid 3842) conn 0x0 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/service.c:make_connection_snum(472) > Connect path is '/root/tmp' for service [IPC$] > [2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(251) > [2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(252) > se_access_check: user sid is S-1-5-21-445313069-670739273-3497575158-501 > se_access_check: also S-1-5-21-445313069-670739273-3497575158-514 > se_access_check: also S-1-1-0 > se_access_check: also S-1-5-2 > se_access_check: also S-1-5-32-546 > se_access_check: also S-1-5-21-445313069-670739273-3497575158-546 > se_access_check: also S-1-5-21-445313069-670739273-3497575158-132069 > [2005/01/13 13:16:12, 3] smbd/vfs.c:vfs_init_default(203) > Initialising default vfs hooks > [2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(251) > [2005/01/13 13:16:12, 3] lib/util_seaccess.c:se_access_check(252) > se_access_check: user sid is S-1-5-21-445313069-670739273-3497575158-501 > se_access_check: also S-1-5-21-445313069-670739273-3497575158-514 > se_access_check: also S-1-1-0 > se_access_check: also S-1-5-2 > se_access_check: also S-1-5-32-546 > se_access_check: also S-1-5-21-445313069-670739273-3497575158-546 > se_access_check: also S-1-5-21-445313069-670739273-3497575158-132069 > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 0] smbd/service.c:make_connection_snum(620) > '/root/tmp' does not exist or is not a directory, when connecting to > [IPC$] > [2005/01/13 13:16:12, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/01/13 13:16:12, 3] smbd/connection.c:yield_connection(69) > Yielding connection to IPC$ > [2005/01/13 13:16:12, 3] smbd/error.c:error_packet(105) > error string = Permission denied > [2005/01/13 13:16:12, 3] smbd/error.c:error_packet(129) > error packet at smbd/reply.c(416) cmd=117 (SMBtconX) > NT_STATUS_BAD_NETWORK_NAME > > > anyone understand anything from this log ??? if you need the smb.conf file > or anything just tell me, Sorry if it's a repeated question, I tried > googling but didn't find any real solution, there was something about > changing the reg is windows, but I'd like to avoid doing that to every > computer that need to join, > > > Thanks > > > Adi-- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production.
if someone knows anything about this problem??? with samba 2.2.7 i've used a username map called smbusers file with this structure user_domain ="user@domain" user2_domain = "user2@domain" and so on. obviosuly in the smb.conf the option is enable username map = /etc/samba/smbusers and it worked just fine but now i upgraded samba to 3.0 and the option "username map" is not working.... is there any solution??? thanks to anybody that can help me Hernan
Reasonably Related Threads
- Problems with GID Samba 3.0.0 Beta2 Debian Testing
- Unable to login using 3.0.2a-SuSE as PDC and WinXP
- samba ADS-based authentication fails with NT_STATUS_USER_UNKNOWN but wbinfo works
- Problem joining NT4 workstation to a Samba PDC
- samba 3.0 pdc and samba 2.2.8a password authentication failure