thr3ads.net - samba - [Samba] smbclient not using winbind to authenticate [Jun 2005]

If this information is useful, please help other people find it:
Share via:

Clinton Gormley

2005-Jun-01 01:30 UTC

[Samba] smbclient not using winbind to authenticate

Hi All

I am using the samba 3.0.14a RPMs installed on SuSE 9.2.

I have a PDC running on one machine, using tdbsam as a backend - this
has been running fine for months.

I am not trying to set up a standalone server in another office, which
should authenticate with the PDC using winbind, as per the "The 500-User
office" chapter of samba by example :
http://us4.samba.org/samba/docs/man/Samba-Guide/Big500users.html

I have followed all the steps in the instructions, and 
wbinfo -a DOMAIN\\user%pass succeeds, as does getent passwd user, but I
can't seem to persuade smbclient to trigger authentication through
winbind.

My smb.conf file on the standalone server looks like this:

[global]
    workgroup = DOMAINNAME
    netbios name = SERVERNAME
    username map = /etc/samba/smbusers
    log level = 3
    syslog = 0
    log file = /var/log/samba/%m
    max log size = 50
    smb ports = 139 445
    name resolve order = wins bcast hosts
    time server = Yes
    utmp = Yes
    map acl inherit = Yes
    veto files = /*.eml/*.nws/*.{*}/
    veto oplock files = /*.doc/*.xls/*.mdb/
    preferred master = Yes
    wins server = 192.168.0.3
    idmap uid = 15000-20000
    idmap gid = 15000-20000

In nsswitch.conf I have the following :
passwd: files winbind
group:  files winbind 
hosts:  files lwres dns

I have wondered if it is an issue with my /etc/pam.d/samba or login
files, which look like this:
/etc/pam.d/login:
#%PAM-1.0
auth     requisite      pam_unix2.so            nullok #set_secrpc
auth     required       pam_securetty.so
auth     required       pam_nologin.so
#auth    required       pam_homecheck.so
auth     required       pam_env.so
auth     required       pam_mail.so
account  required       pam_unix2.so
password required       pam_pwcheck.so          nullok
password required       pam_unix2.so            nullok use_first_pass
use_authtok
session  required       pam_unix2.so            none # debug or trace
session  required       pam_limits.so
session  required       pam_resmgr.so

/etc/pam.d/samba:
auth     required       pam_unix.so
account  required       pam_unix.so

Output from wbinfo -m:
SERVERNAME
BUILTIN

...this surprised me, as I was expecting to see DOMAINNAME, rather than
SERVERNAME, but typing : "net rpc join" returns the message that it
has
joined DOMAINNAME correctly

When I try wbinfo -a DOMAINNAME\\test%test, authentication happens
correctly, and the log messages appear on the PDC server.

When I try smbclient -L SERVERNAME -U DOMAINNAME\\test%test,
authentication fails and the log messages appear in the SERVERNAME logs
as follows : (log level 6)

=========================================================================>
/var/log/samba/192.168.2.3 <=[2005/05/31 21:23:51, 6]
param/loadparm.c:lp_file_list_changed(2707)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue
May 31 21:23:43 2005
   
[2005/05/31 21:23:51, 3] smbd/oplock.c:init_oplocks(1351)
  open_oplock_ipc: opening loopback UDP socket.
[2005/05/31 21:23:51, 3]
smbd/oplock_linux.c:linux_init_kernel_oplocks(303)
  Linux kernel oplocks enabled
[2005/05/31 21:23:51, 3] smbd/oplock.c:init_oplocks(1382)
  open_oplock ipc: pid = 28289, global_oplock_port = 32830
[2005/05/31 21:23:51, 4] lib/time.c:get_serverzone(125)
  Serverzone is 14400
[2005/05/31 21:23:51, 6] smbd/process.c:process_smb(1090)
  got message type 0x0 of len 0xb3
[2005/05/31 21:23:51, 3] smbd/process.c:process_smb(1091)
  Transaction 0 of length 183
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(464)
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(474)
  size=179
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=55297
  smb_tid=0
  smb_pid=28288
  smb_uid=0
  smb_mid=1
  smt_wct=0
  smb_bcc=144
[2005/05/31 21:23:51, 3] smbd/process.c:switch_message(886)
  switch message SMBnegprot (pid 28289) conn 0x0
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_nt_user_token(485)
  NT user token: (NULL)
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/05/31 21:23:51, 5] smbd/uid.c:change_to_root_user(319)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [MICROSOFT NETWORKS 1.03]
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [MICROSOFT NETWORKS 3.0]
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [LANMAN1.0]
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [LM1.2X002]
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [DOS LANMAN2.1]
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(461)
  Requested protocol [Samba]
[2005/05/31 21:23:51, 6] param/loadparm.c:lp_file_list_changed(2707)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue
May 31 21:23:43 2005
   
[2005/05/31 21:23:51, 5] smbd/connection.c:claim_connection(170)
  claiming  0
[2005/05/31 21:23:51, 6] param/loadparm.c:lp_file_list_changed(2707)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue
May 31 21:23:43 2005
   
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_nt1(333)
  using SPNEGO
[2005/05/31 21:23:51, 3] smbd/negprot.c:reply_negprot(555)
  Selected protocol NT LANMAN 1.0
[2005/05/31 21:23:51, 5] smbd/negprot.c:reply_negprot(561)
  negprot index=7
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(464)
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(474)
  size=127
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=28288
  smb_uid=0
  smb_mid=1
  smt_wct=17
  smb_vwv[ 0]=    7 (0x7)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   65 (0x41)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=33024 (0x8100)
  smb_vwv[ 8]=  110 (0x6E)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=32995 (0x80E3)
  smb_vwv[11]=32896 (0x8080)
  smb_vwv[12]=14445 (0x386D)
  smb_vwv[13]=18577 (0x4891)
  smb_vwv[14]=50534 (0xC566)
  smb_vwv[15]=61441 (0xF001)
  smb_vwv[16]=14848 (0x3A00)
  smb_bcc=58
[2005/05/31 21:23:51, 6] lib/util_sock.c:write_socket(449)
  write_socket(24,131)
[2005/05/31 21:23:51, 6] lib/util_sock.c:write_socket(452)
  write_socket(24,131) wrote 131
[2005/05/31 21:23:51, 6] smbd/process.c:process_smb(1090)
  got message type 0x0 of len 0xac
[2005/05/31 21:23:51, 3] smbd/process.c:process_smb(1091)
  Transaction 1 of length 176
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(464)
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(474)
  size=172
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=0
  smb_pid=28288
  smb_uid=0
  smb_mid=2
  smt_wct=12
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=    0 (0x0)
  smb_vwv[ 2]=65535 (0xFFFF)
  smb_vwv[ 3]=    2 (0x2)
  smb_vwv[ 4]=    1 (0x1)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=   91 (0x5B)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=49244 (0xC05C)
  smb_vwv[11]=32768 (0x8000)
  smb_bcc=113
[2005/05/31 21:23:51, 3] smbd/process.c:switch_message(886)
  switch message SMBsesssetupX (pid 28289) conn 0x0
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_nt_user_token(485)
  NT user token: (NULL)
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/05/31 21:23:51, 5] smbd/uid.c:change_to_root_user(319)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/05/31 21:23:51, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
  wct=12 flg2=0xc801
[2005/05/31 21:23:51, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
  Doing spnego session setup
[2005/05/31 21:23:51, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
  NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2005/05/31 21:23:51, 3] smbd/sesssetup.c:reply_spnego_negotiate(444)
  Got OID 1 3 6 1 4 1 311 2 2 10
[2005/05/31 21:23:51, 3] smbd/sesssetup.c:reply_spnego_negotiate(447)
  Got secblob of size 57
[2005/05/31 21:23:51, 5] auth/auth.c:make_auth_context_subsystem(480)
  Making default auth method list for standalone security=user, encrypt
passwords = yes
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend rhosts
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'rhosts'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend hostsequiv
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'hostsequiv'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend sam
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'sam'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend sam_ignoredomain
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'sam_ignoredomain'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend unix
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'unix'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend winbind
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'winbind'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend smbserver
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'smbserver'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend trustdomain
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'trustdomain'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend ntdomain
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'ntdomain'
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(45)
  Attempting to register auth backend guest
[2005/05/31 21:23:51, 5] auth/auth.c:smb_register_auth(57)
  Successfully added auth method 'guest'
[2005/05/31 21:23:51, 5] auth/auth.c:load_auth_module(384)
  load_auth_module: Attempting to find an auth method to match guest
[2005/05/31 21:23:51, 5] auth/auth.c:load_auth_module(409)
  load_auth_module: auth method guest has a valid init
[2005/05/31 21:23:51, 5] auth/auth.c:load_auth_module(384)
  load_auth_module: Attempting to find an auth method to match sam
[2005/05/31 21:23:51, 5] auth/auth.c:load_auth_module(409)
  load_auth_module: auth method sam has a valid init
[2005/05/31 21:23:51, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x60080215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_KEY_EXCH
[2005/05/31 21:23:51, 5] auth/auth.c:get_ntlm_challenge(95)
  auth_get_challenge: module guest did not want to specify a challenge
[2005/05/31 21:23:51, 5] auth/auth.c:get_ntlm_challenge(95)
  auth_get_challenge: module sam did not want to specify a challenge
[2005/05/31 21:23:51, 5] auth/auth.c:get_ntlm_challenge(135)
  auth_context challenge created by random
[2005/05/31 21:23:51, 5] auth/auth.c:get_ntlm_challenge(136)
  challenge is:
[2005/05/31 21:23:51, 5] lib/util.c:dump_data(1995)
  [000] DA 65 5E E7 50 BF 32 ED                           .e^.P.2.
[2005/05/31 21:23:51, 6] lib/util_sock.c:write_socket(449)
  write_socket(24,432)
[2005/05/31 21:23:51, 6] lib/util_sock.c:write_socket(452)
  write_socket(24,432) wrote 432
[2005/05/31 21:23:51, 6] smbd/process.c:process_smb(1090)
  got message type 0x0 of len 0x118
[2005/05/31 21:23:51, 3] smbd/process.c:process_smb(1091)
  Transaction 2 of length 284
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(464)
[2005/05/31 21:23:51, 5] lib/util.c:show_msg(474)
  size=280
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=0
  smb_pid=28288
  smb_uid=0
  smb_mid=3
  smt_wct=12
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=    0 (0x0)
  smb_vwv[ 2]=65535 (0xFFFF)
  smb_vwv[ 3]=    2 (0x2)
  smb_vwv[ 4]=    1 (0x1)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=  198 (0xC6)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=49244 (0xC05C)
  smb_vwv[11]=32768 (0x8000)
  smb_bcc=221
[2005/05/31 21:23:51, 3] smbd/process.c:switch_message(886)
  switch message SMBsesssetupX (pid 28289) conn 0x0
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_nt_user_token(485)
  NT user token: (NULL)
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/05/31 21:23:51, 5] smbd/uid.c:change_to_root_user(319)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/05/31 21:23:51, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
  wct=12 flg2=0xc801
[2005/05/31 21:23:51, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
  Doing spnego session setup
[2005/05/31 21:23:51, 3]
smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
  NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2005/05/31 21:23:51, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
  Got user=[test] domain=[DOMAINNAME] workstation=[SERVERNAME] len1=24
len2=24
[2005/05/31 21:23:51, 5]
auth/auth_ntlmssp.c:auth_ntlmssp_set_challenge(66)
  auth_context challenge set by NTLMSSP callback (NTLM2)
[2005/05/31 21:23:51, 5]
auth/auth_ntlmssp.c:auth_ntlmssp_set_challenge(67)
  challenge is:
[2005/05/31 21:23:51, 5] lib/util.c:dump_data(1995)
  [000] 3A 90 E9 05 8A 3E 94 1B                           :....>..
 
==> /var/log/samba/SERVERNAME <=[2005/05/31 21:23:51, 6]
param/loadparm.c:lp_file_list_changed(2707)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue
May 31 21:23:43 2005
   
[2005/05/31 21:23:51, 4] lib/username.c:map_username(132)
  Scanning username map /etc/samba/smbusers
[2005/05/31 21:23:51, 5] auth/auth_util.c:make_user_info_map(224)
  make_user_info_map: Mapping user [DOMAINNAME]\[test] from workstation
[SERVERNAME]
[2005/05/31 21:23:51, 5] auth/auth_util.c:make_user_info(132)
  attempting to make a user_info for test (test)
[2005/05/31 21:23:51, 5] auth/auth_util.c:make_user_info(142)
  making strings for test's user_info struct
[2005/05/31 21:23:51, 5] auth/auth_util.c:make_user_info(184)
  making blobs for test's user_info struct
[2005/05/31 21:23:51, 3] auth/auth.c:check_ntlm_password(219)
  check_ntlm_password:  Checking password for unmapped user
[DOMAINNAME]\[test]@[SERVERNAME] with the new password interface
[2005/05/31 21:23:51, 3] auth/auth.c:check_ntlm_password(222)
  check_ntlm_password:  mapped user is: [SERVERNAME]\[test]@[SERVERNAME]
[2005/05/31 21:23:51, 5] lib/util.c:dump_data(1995)
  [000] 3A 90 E9 05 8A 3E 94 1B                           :....>..
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:push_sec_ctx(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/05/31 21:23:51, 3] smbd/uid.c:push_conn_ctx(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_nt_user_token(485)
  NT user token: (NULL)
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/05/31 21:23:51, 6] passdb/pdb_smbpasswd.c:getsmbfilepwent(384)
  getsmbfilepwent: skipping comment or blank line
[2005/05/31 21:23:51, 6] passdb/pdb_smbpasswd.c:getsmbfilepwent(384)
  getsmbfilepwent: skipping comment or blank line
[2005/05/31 21:23:51, 6] passdb/pdb_smbpasswd.c:getsmbfilepwent(384)
  getsmbfilepwent: skipping comment or blank line
[2005/05/31 21:23:51, 6] passdb/pdb_smbpasswd.c:getsmbfilepwent(384)
  getsmbfilepwent: skipping comment or blank line
[2005/05/31 21:23:51, 6] passdb/pdb_smbpasswd.c:getsmbfilepwent(384)
  getsmbfilepwent: skipping comment or blank line
[2005/05/31 21:23:51, 6] passdb/pdb_smbpasswd.c:getsmbfilepwent(384)
  getsmbfilepwent: skipping comment or blank line
[2005/05/31 21:23:51, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(537)
  getsmbfilepwent: end of file reached.
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/31 21:23:51, 3] auth/auth_sam.c:check_sam_security(257)
  check_sam_security: Couldn't find user 'test' in passdb.
[2005/05/31 21:23:51, 5] auth/auth.c:check_ntlm_password(271)
  check_ntlm_password: sam authentication for user [test] FAILED with
error NT_STATUS_NO_SUCH_USER
[2005/05/31 21:23:51, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [test] -> [test] FAILED
with error NT_STATUS_NO_SUCH_USER
[2005/05/31 21:23:51, 5] auth/auth_util.c:free_user_info(1380)
  attempting to free (and zero) a user_info structure
[2005/05/31 21:23:51, 6] lib/util_sock.c:write_socket(449)
  write_socket(24,136)
[2005/05/31 21:23:51, 6] lib/util_sock.c:write_socket(452)
  write_socket(24,136) wrote 136
[2005/05/31 21:23:51, 3] smbd/process.c:timeout_processing(1334)
  timeout_processing: End of file from client (client has disconnected).
[2005/05/31 21:23:51, 5] lib/gencache.c:gencache_shutdown(88)
  Closing cache file
[2005/05/31 21:23:51, 5] libsmb/namecache.c:namecache_shutdown(79)
  namecache_shutdown: netbios namecache closed successfully.
[2005/05/31 21:23:51, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_nt_user_token(485)
  NT user token: (NULL)
[2005/05/31 21:23:51, 5] auth/auth_util.c:debug_unix_user_token(506)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/05/31 21:23:51, 5] smbd/uid.c:change_to_root_user(319)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/05/31 21:23:51, 2] smbd/server.c:exit_server(609)
  Closing connections
[2005/05/31 21:23:51, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2005/05/31 21:23:51, 5] smbd/oplock.c:receive_local_message(107)
  receive_local_message: doing select with timeout of 1 ms
[2005/05/31 21:23:51, 3] smbd/server.c:exit_server(652)
  Server exit (normal exit)
========================================================================
The output on STDOUT from the smbclient command is as follows:

========================================================================added
interface ip=192.168.2.3 bcast=192.168.2.255 nmask=255.255.255.0
Netbios name list:-
my_netbios_names[0]="SERVERNAME"
Client started (version 3.0.14a-3.1-SUSE).
Opening cache file at /var/lib/samba/gencache.tdb
no entry for SERVERNAME#20 found.
resolve_wins: Attempting wins lookup for name SERVERNAME<0x20>
wins_srv_is_dead: 192.168.0.3 is alive
Current wins server for tag '*' with source 0.0.0.0 is 192.168.0.3
wins_srv_is_dead: 192.168.0.3 is alive
resolve_wins: using WINS server 192.168.0.3 and tag '*'
Sending a packet of len 50 to (192.168.0.3) on port 137
Received a packet of len 62 from (192.168.0.3) port 137
nmb packet from 192.168.0.3(137) header: id=3514 opcode=Query(0)
response=Yes
    header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
    header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
    answers: nmb_name=SERVERNAME<20> rr_type=32 rr_class=1 ttl=258361
    answers   0 char `.....   hex 6000C0A80203
Got a positive name query response from 192.168.0.3 ( 192.168.2.3 )
namecache_store: storing 1 address for SERVERNAME#20: 192.168.2.3:0
Connecting to 192.168.2.3 at port 445
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 0
socket option SO_BROADCAST = 0
socket option TCP_NODELAY = 1
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 50604
socket option SO_RCVBUF = 87392
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
 session request ok
write_socket(4,183)
write_socket(4,183) wrote 183
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=28288
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]=    7 (0x7)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]=  256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]=   65 (0x41)
smb_vwv[ 5]=    0 (0x0)
smb_vwv[ 6]=  256 (0x100)
smb_vwv[ 7]=33024 (0x8100)
smb_vwv[ 8]=  110 (0x6E)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=32995 (0x80E3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=14445 (0x386D)
smb_vwv[13]=18577 (0x4891)
smb_vwv[14]=50534 (0xC566)
smb_vwv[15]=61441 (0xF001)
smb_vwv[16]=14848 (0x3A00)
smb_bcc=58
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=28288
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]=    7 (0x7)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]=  256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]=   65 (0x41)
smb_vwv[ 5]=    0 (0x0)
smb_vwv[ 6]=  256 (0x100)
smb_vwv[ 7]=33024 (0x8100)
smb_vwv[ 8]=  110 (0x6E)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=32995 (0x80E3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=14445 (0x386D)
smb_vwv[13]=18577 (0x4891)
smb_vwv[14]=50534 (0xC566)
smb_vwv[15]=61441 (0xF001)
smb_vwv[16]=14848 (0x3A00)
smb_bcc=58
Serverzone is 14400
Doing spnego session setup (blob length=58)
got OID=1 3 6 1 4 1 311 2 2 10
got principal=NONE
write_socket(4,176)
write_socket(4,176) wrote 176
size=428
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=28288
smb_uid=0
smb_mid=2
smt_wct=4
smb_vwv[ 0]=  255 (0xFF)
smb_vwv[ 1]=    0 (0x0)
smb_vwv[ 2]=    0 (0x0)
smb_vwv[ 3]=  305 (0x131)
smb_bcc=385
size=428
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=28288
smb_uid=0
smb_mid=2
smt_wct=4
smb_vwv[ 0]=  255 (0xFF)
smb_vwv[ 1]=    0 (0x0)
smb_vwv[ 2]=    0 (0x0)
smb_vwv[ 3]=  305 (0x131)
smb_bcc=385
Got challenge flags:
Got NTLMSSP neg_flags=0x608a0215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_CHAL_TARGET_INFO
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP challenge set by NTLM2
challenge is:
[000] 3A 90 E9 05 8A 3E 94 1B                           :....>..
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60080215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
write_socket(4,284)
write_socket(4,284) wrote 284
size=132
smb_com=0x73
smb_rcls=109
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=28288
smb_uid=0
smb_mid=3
smt_wct=4
smb_vwv[ 0]=  255 (0xFF)
smb_vwv[ 1]=    0 (0x0)
smb_vwv[ 2]=    0 (0x0)
smb_vwv[ 3]=    9 (0x9)
smb_bcc=89
size=132
smb_com=0x73
smb_rcls=109
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=28288
smb_uid=0
smb_mid=3
smt_wct=4
smb_vwv[ 0]=  255 (0xFF)
smb_vwv[ 1]=    0 (0x0)
smb_vwv[ 2]=    0 (0x0)
smb_vwv[ 3]=    9 (0x9)
smb_bcc=89
SPNEGO login failed: Logon failure
session setup failed: NT_STATUS_LOGON_FAILURE
=====================================================

any help appreciated

many thanks


________________________________________________________________________

Clinton Gormley clinton@traveljury.com

www.TravelJury.com - For travellers, By travellers

Gerald (Jerry) Carter

2005-Jun-02 14:25 UTC

head link

[Samba] smbclient not using winbind to authenticate

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Clinton Gormley wrote:
|
| I have followed all the steps in the instructions, and
| wbinfo -a DOMAIN\\user%pass succeeds, as does getent
| passwd user, but I can't seem to persuade smbclient
| to trigger authentication through winbind.
|
| My smb.conf file on the standalone server looks like this:
|
| [global]
|     workgroup = DOMAINNAME
|     netbios name = SERVERNAME
|     username map = /etc/samba/smbusers
|     log level = 3
|     syslog = 0
|     log file = /var/log/samba/%m
|     max log size = 50
|     smb ports = 139 445
|     name resolve order = wins bcast hosts
|     time server = Yes
|     utmp = Yes
|     map acl inherit = Yes
|     veto files = /*.eml/*.nws/*.{*}/
|     veto oplock files = /*.doc/*.xls/*.mdb/
|     preferred master = Yes
|     wins server = 192.168.0.3
|     idmap uid = 15000-20000
|     idmap gid = 15000-20000

With security = user (the default) all authentication
is against  the local passdb backend.  I think you want
security = domain.




cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCnxbLIR7qMdg1EfYRAh2dAJ0WKELKJgCUrKarI139Se8bAKnt0QCfXW48
7PmN42TIT3d33CbupGDIof0=1dez
-----END PGP SIGNATURE-----

Possibly Parallel Threads

Search for more possibly parallel threads

samba - Jun 2005 - smbclient not using winbind to authenticate

[Samba] smbclient not using winbind to authenticate

[Samba] smbclient not using winbind to authenticate

Possibly Parallel Threads