samba - May 2006 - Safe to ignore this message ? -Attempt to bind using schannel without successful serverauth2

OS:  SLES 9
Samba Version:  3.0.20b-3.4-SUSE
Server is running in test mode, as a PDC

I find this message in my log files quite frequently, the majority coming
from one particluar machine (XP SP2):

[2006/05/19 10:35:06, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981)
  Attempt to bind using schannel without successful serverauth2
[2006/05/19 10:40:16, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981)
  Attempt to bind using schannel without successful serverauth2

The server seems to function properly so far, thus I am wondering if I can
safely ignore this message.

Workstations are able to join the domain and log in.  File sharing seems to
work well.  The speed and responsiveness of network browsing  is quite
impressive.  I have no complaints about functionality.

While researching this message, I found a post on the lists archives (Sun
Sep 11 18:53:19 GMT 2005, posted by Jeremy Allison) that seems to indicate
that this message is part of normal operation.
> I'm starting to think the correct fix is just to raise the debug
> level of the message in smbd so that people don't get worried by
> it - it seems to be part of normal operation ....
If anyone can confirm that this is part of normal operation, or shed some
light on what this means, I would appreciate it.  We have been using Samba
2.2.8a for a few years now, and entries to the log files are very
infrequent.  Perhaps the newer versions are just more chatty to the log
files.

If there is something wrong, I would like to deal with it before I go live
with the server.

Below is my smb.conf file, minus the shares.

Paul

-----------------------

[global]
   log level = 1
   syslog = 0
   log file = /var/log/samba/%m.log
   max log size = 1024
   smb ports = 139

   workgroup = abcd
   netbios name = testsmb

   username map = /etc/samba/smbusers
   pam password change = Yes
   passwd program = /usr/bin/passwd '%u'
   passwd chat = *New*Password* %n\n \
      *Re-enter*new*password* %n\n *Password*changed*

   unix password sync = Yes
   map to guest = Bad User
   logon path    logon home    logon script = scripts\%U.bat
   security = user
   encrypt passwords = yes
   passdb backend = tdbsam
   add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s
/bin/false %m$
   domain logons = yes
   local master = yes
   wins support = yes
   name resolve order = wins bcast hosts
   domain master = yes
   preferred master = yes
   os level = 65
   time server = yes
   socketoptions = TCP_NODELAY

On Fri, May 19, 2006 at 01:07:02PM -0400, Paul S wrote:
> OS:  SLES 9
> Samba Version:  3.0.20b-3.4-SUSE
> Server is running in test mode, as a PDC
> 
> I find this message in my log files quite frequently, the majority coming
> from one particluar machine (XP SP2):
> 
> [2006/05/19 10:35:06, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981)
>  Attempt to bind using schannel without successful serverauth2
> [2006/05/19 10:40:16, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981)
>  Attempt to bind using schannel without successful serverauth2
> 
> The server seems to function properly so far, thus I am wondering if I can
> safely ignore this message.
> 
> Workstations are able to join the domain and log in.  File sharing seems to
> work well.  The speed and responsiveness of network browsing  is quite
> impressive.  I have no complaints about functionality.
> 
> While researching this message, I found a post on the lists archives (Sun
> Sep 11 18:53:19 GMT 2005, posted by Jeremy Allison) that seems to indicate
> that this message is part of normal operation.
> 
> >I'm starting to think the correct fix is just to raise the debug
> >level of the message in smbd so that people don't get worried by
> >it - it seems to be part of normal operation ....
> 
> If anyone can confirm that this is part of normal operation, or shed some
> light on what this means, I would appreciate it.  We have been using Samba
> 2.2.8a for a few years now, and entries to the log files are very
> infrequent.  Perhaps the newer versions are just more chatty to the log
> files.
> 
> If there is something wrong, I would like to deal with it before I go live
> with the server.
Actually it was a misunderstanding by us of the horror that is schannel
auth :-). This should be fixed in 3.0.23 (I think it was fixed in 3.0.22
also) but the message in itself is usually harmless - the client retries.
But you shouldn't see it with a later release.

Jeremy.