peter pilsl
2009-Apr-01 11:48 UTC
[Samba] new user cannot logon to one computer in the domain
I run a NT-Domain with samba 3.0.28a and WinXP-Clients (SP3) Everything is fine. But now I created a new user and this new user can logon to all machines in the Domain but one. On this machine the user gets the message "user cannot login. check username/password/domain and be aware that username/password are casesensitive" (I translated this from german) Other users can login fine. I applied the sign-seal-regahck on this machine again and the "domain"-reghack, but it didnt help (see below for details) In the log-files I dont see anything suspicious but from the logfiles it seems that the user is authenticated sucessfully: check_ntlm_password: authentication for user [assistance] -> [assistance] -> [assistance] succeeded The eventlog on XP also didnt reveal anything interesting (like it would when its the sign/seal-problem) The full smb-log at LogLevel=3 can be found at: http://www.goldfisch.at/temp/smb.log the smb-log at LogLevel=15 (~400kb) can be found at: http://www.goldfisch.at/temp/smb.level15.log If posting any other log might help please let me know. I would do anything do solve this problem cause it drives me nuts not being able to logon a simple user in my small domain. smb.conf : --------------------------------------- [global] interfaces = eth4 127.0.0.1 bind interfaces only = yes workgroup = VOEV netbios name = server server string = xxxxxxx wins support = yes wins proxy = yes dns proxy = no security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes hosts allow = 127.0.0.1/32 192.168.1.0/255.255.255.0 domain logons = yes domain master = yes preferred master = yes logon path = \\%L\profiles\%U logon drive = O: logon home = \\%L\%U logon script = startup.bat %U %G %h %m %L %M %R %d %a %I %i %T %D %w time server = yes ...... ------------------------------------------------- and finally the reghack I applied (its standard procedure in this network - every machine gets it): --------------------------------------- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requiresignorseal"=dword:00000000 "signsecurechannel"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "CompatibleRUPSecurity"=dword:00000001 --------------------------------------- any help appretiated !! thnx a lot !! peter
Seemingly Similar Threads
- user cannot logon to domain although log says "auth succeeded"
- migrate old samba2.2.8 - smbpasswd to new samba3.0 - ldap - based
- user cannot logon to domain although log says "auth succeeded" (fwd)
- information about XP <-> samba ?
- migrate machine-passwords from smbpasswd to ldap?