I'm trying to use smbclient to look at a Vista box but I keep getting: # smbclient -L user-pc -U Kellie Password: <Kellie's password> session setup failed: NT_STATUS_LOGON_FAILURE I know the user/password combination is good. I googled around and got the impression that Vista didn't play well with Samba because of some authentication protocol that Vista uses but I also got the impression that the problem was with older version of Samba. I never could find a definitive answer. Does someone know for sure? I have tried with and without the "client ntlmv2 auth = yes" but get the same results. Below I've put the output of # smbclient -L user-pc -U Kellie -d4 It is connecting to the correct machine but there is a user authentication problem. The bit that says Password: Doing spnego session setup (blob length=46) got OID=1 3 6 1 4 1 311 2 2 10 got principal=<null> looks a bit suspect but I don't really know what I'm looking at so it could be perfectly OK. Any suggestion? Thanks, Steve # smbclient --version Version 3.0.30-0.fc8 # smbclient -L user-pc -U Kellie -d4 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" doing parameter workgroup = WORKGROUP doing parameter server string = Steve's Samba Server Version %v doing parameter preferred master = yes doing parameter hosts allow = 127. 192.168.1. doing parameter client ntlmv2 auth = yes doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter security = user doing parameter passdb backend = tdbsam doing parameter local master = no doing parameter cups options = raw doing parameter username map = /etc/samba/smbusers pm_process() returned Yes added interface ip=192.168.1.100 bcast=192.168.1.255 nmask=255.255.255.0 Client started (version 3.0.30-0.fc8). Connecting to 192.168.1.147 at port 445 session request ok Password: Doing spnego session setup (blob length=46) got OID=1 3 6 1 4 1 311 2 2 10 got principal=<null> Got challenge flags: Got NTLMSSP neg_flags=0x628a8215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_CHAL_ACCEPT_RESPONSE NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH SPNEGO login failed: Logon failure session setup failed: NT_STATUS_LOGON_FAILURE
On Thu, 31 Jul 2008, Steve Blackwell might have said:> I'm trying to use smbclient to look at a Vista box but I keep getting: > > # smbclient -L user-pc -U Kellie > Password: <Kellie's password> > session setup failed: NT_STATUS_LOGON_FAILURE > > I know the user/password combination is good.There is a setting I had to change on my vista boxes (in secpol.msc? something like that) to allow lesser security connections to and from vista. The my vista boxes could talk to samba. It's one of those tree 'wizards'. Down on the left I think it said 'security' or 'network security'. Mike
Hallo, Steve, Du (zephod) meintest am 31.07.08:> I'm trying to use smbclient to look at a Vista box but I keep > getting:> # smbclient -L user-pc -U Kellie > Password: <Kellie's password> > session setup failed: NT_STATUS_LOGON_FAILUREhttp://arktur.de/FAQ/28_120_de.html may help. Viele Gruesse! Helmut
---- Helmut Hullen <Hullen@t-online.de> wrote:> Hallo, Steve, > > Du (zephod) meintest am 31.07.08: > > > I'm trying to use smbclient to look at a Vista box but I keep > > getting: > > > # smbclient -L user-pc -U Kellie > > Password: <Kellie's password> > > session setup failed: NT_STATUS_LOGON_FAILURE > > http://arktur.de/FAQ/28_120_de.html > > may help.Thanks Helmut. Google doesn't do a great job of translating the German but I think it's good enough for me to try a couple of things tonight. I'm suprised there isn't more information on the web about this. Steve.
The change I made in my vista boxes is: Start->Run->secpol.msc<ENTER> Local Policies->Security Options set to: Network Security: LAN Manager authentication level->Send LM & NTLM - use NTLMv2 session security if negotiated <OK> File->Exit Mike
Mike Eggleston wrote:> The change I made in my vista boxes is: > > Start->Run->secpol.msc<ENTER> > Local Policies->Security Options > > set to: > > Network Security: LAN Manager authentication level->Send LM & NTLM - use NTLMv2 session security if negotiated > > <OK> > File->Exit > > MikeIf the problem is related to user authentication and the protocol used in client-server negotiation, maybe could be of some help use "max protocol = LANMAN2" or "max protocol = NTLM". And also try to use plain text passwords. Greetings. -- Miguel Da Silva Administrador Junior de Sistemas Unix Centro de Matem?tica - http://www.cmat.edu.uy Facultad de Ciencias - http://www.fcien.edu.uy Universidad de la Rep?blica - http://www.rau.edu.uy
---- Mike Eggleston <mikeegg1@mac.com> wrote:> The change I made in my vista boxes is: > > Start->Run->secpol.msc<ENTER> > Local Policies->Security Options > > set to: > > Network Security: LAN Manager authentication level->Send LM & NTLM - use NTLMv2 session security if negotiated > > <OK> > File->ExitThanks Mike. I'll try that tonight. Steve.
> I'm trying to use smbclient to look at a Vista box but I keep getting: > > # smbclient -L user-pc -U Kellie > Password: <Kellie's password> > session setup failed: NT_STATUS_LOGON_FAILURE > > Below I've put the output of > # smbclient -L user-pc -U Kellie -d4 > > It is connecting to the correct machine but there is a user > authentication problem. The bit that says > > Password: > Doing spnego session setup (blob length=46) > got OID=1 3 6 1 4 1 311 2 2 10 > got principal=<null>I bumped the debug level up to 10 and now I'm fairly sure that this is the problem area. Password: Doing spnego session setup (blob length=46) got OID=1 3 6 1 4 1 311 2 2 10 got principal=<null> write_socket(5,166) write_socket(5,166) wrote 166 got smb length of 378 size=378 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=13966 smb_uid=2048 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 378 (0x17A) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 189 (0xBD) smb_bcc=335 This shows an smb_err=49152 and I'm guessing that the problem is the "got principal=<null>" line. But I have no idea what this means. I suppose my next step is to start digging through the code. Do the developers monitor this list? Steve.
> I'm trying to use smbclient to look at a Vista box but I keep getting: > > # smbclient -L user-pc -U Kellie > Password: <Kellie's password> > session setup failed: NT_STATUS_LOGON_FAILURE > > I know the user/password combination is good.I spent most of yesterday searching the web for more information. Now, I have used wireshark to look at the traffic between my Linux and Vista boxes. First I see a "Negotiate Protocol Request" message from the Linux box to the Vista box which replies with a "Negotiate Protocol Response". Then I see 3 messages which seem to correspond to the type 1, type 2 and type 3 messages of the NTLM authentication protocol as described here. http://davenport.sourceforge.net/ntlm.html#getNTLMv2Response I can see in the type 1 message, listed as "Session Setup AndX Request, NTLMSSP_NEGOTIATE" that the flag is set that Samba says it can use NTLMv2 - Negotiate NTLN2 key - Set. In the type 2 message back from the Vista box, listed as "Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED", the same flag is set. I take this to mean that box boxes have agreed to use NTLMv2. In the type 3 message, listed as "Session Setup AndX Request, NTLMSSP_Auth, User: WORKGRPUP/Kellie", I can see that Samba is sending the correct workgroup as DOMAIN NAME, the correct host and the correct user. Is there some place on the Vista box where I can see the login attempts and get some clue as to why it sends out a final message of "Session Setup AndX Response, Error: STATUS_LOGON FAILURE"? Thanks, Steve
> >> I'm trying to use smbclient to look at a Vista box but I keep > >> getting: > >> > >> # smbclient -L user-pc -U Kellie > >> Password: <Kellie's password> > >> session setup failed: NT_STATUS_LOGON_FAILURE > >> > >> I know the user/password combination is good. > >... Well, I don't understand this but I found a solution. First let me explain that my Vista box is a single user laptop and when it is powered up it shows a logon screen that already has the user's name, "Kellie", displayed and it just asks for a password. When the screensaver kicks in, the same logon screen appears. So, I went into the Vista box and turned on logon auditing but in the event log I couldn't find any references to user "Kellie". The TargetDomainName was set to the name of the Vista box ie "User-PC" as I expected but the TargetUserName was always set to "User". Initially, I assumed that this was some system event related to the logon attempt. Eventually, I decided to try to use smbclient as user "User" and using user "Kellie"'s password... success!!!??! Somewhere under the covers, Vista thinks that user "Kellie" is user "User" even though Control Panel (Classic View)->User Accounts shows only one user called Kellie. Whatever... Steve.