On Tue, Jan 24, 2006 at 11:36:42AM +0100, Micha Kersloot
wrote:> Hi,
>
> I've got a Samba 3.0.2a PDC running for some time now (like more than a
> year) with MS Windows XP clients. But suddenly on January 23 2006 none
> of the clients where able to login anymore. The error on the client was
> (translated from dutch):
> Unable to connect to domain server.
>
> The logfile on the samba side showed:
> [2006/01/23 11:36:30, 2] lib/smbldap.c:smbldap_open_connection(722)
> smbldap_open_connection: connection opened
> [2006/01/23 11:36:30, 3] lib/smbldap.c:smbldap_connect_system(905)
> ldap_connect_system: succesful connection to the LDAP server
> [2006/01/23 11:36:30, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
> init_sam_from_ldap: Entry found for user: computer3$
> [2006/01/23 11:36:30, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
> pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
> [2006/01/23 11:36:30, 0] libsmb/credentials.c:creds_server_check(159)
> creds_server_check: credentials check failed.
> [2006/01/23 11:36:30, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(424)
> _net_auth2: creds_server_check failed. Rejecting auth request from
> client COMPUTER3 machine account COMPUTER3$
>
> I was able to solve the problem by upgrading to 3.0.21a, and rejoining
> the MS Windows XP clients to the domain. But as i have now idea what
> caused this problem, i don't know if this suddenly could happen again.
> Anyone an idea what was going on?
This is something we specifically added in a fix into 3.0.21a for.
The netlogon code needed to cache the credentials between connections,
and we now do this.
Jeremy.