peter pilsl
2009-May-19 15:36 UTC
[Samba] user cannot logon to domain although log says "auth succeeded"
I have a very strange problem and I'm doomed. In a samba-domain with
XP-clients certain users cannot logon to some computers.
The user tries to logon but *immediately* gets the message "you cant get
logged on. please check username and domain and retype your password"
(translated from german) on the XP-machine.
In the samba-logs (Loglevel=2) it says:
[2009/05/19 16:47:16, 2] lib/access.c:check_access(406)
Allowed connection from (192.168.1.77)
[2009/05/19 16:47:16, 2] smbd/reply.c:reply_special(492)
netbios connect: name1=SERVER name2=VOEV12
[2009/05/19 16:47:16, 2] smbd/reply.c:reply_special(499)
netbios connect: local=server remote=voev12, name type = 0
[2009/05/19 16:47:26, 2] auth/auth.c:check_ntlm_password(308)
check_ntlm_password: authentication for user [ingrid] -> [ingrid] ->
[ingrid] succeeded
I used samba 3.0.28 that comes with ubuntu 8.10 but now I compiled recent 3.3.4
and have the same problem, so its either a problem on WinXP-side or in the
config itself.
A more detailed log at Loglevel=15 can be viewed at :
http://www.goldfisch.at/temp/smb.log.txt (~150kB)
I'm kind of desperate here and I'm really looking forward for any
hint/tip/help ...
thnx,
peter
here is my config
[global]
interfaces = eth4 127.0.0.1
bind interfaces only = yes
workgroup = VOEV
netbios name = server
server string = Freire2
wins support = yes
wins proxy = yes
; wins server = w.x.y.z
dns proxy = no
log file = /data/log/samba/log.%m
log level=15
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
; guest account = nobody
; invalid users = root
hosts allow = 127.0.0.1/32 192.168.1.0/255.255.255.0
domain logons = yes
domain master = yes
preferred master = yes
logon path = \\%L\profiles\%U
logon drive = O:
logon home = \\%L\%U
logon script = startup.bat %U %G %h %m %L %M %R %d %a %I %i %T %D %w
time server = yes
load printers = no
printcap name = /dev/null
disable spoolss = yes
socket options = TCP_NODELAY
unix charset = UTF-8
display charset = UTF-8
add machine script = /usr/sbin/useradd -g machines -c Machine -s /bin/false %u
message command = echo %t %f %s >>/opt/msg.txt &
[profiles]
comment = NT Profiles
path = /data/samba/profiles/%a
browseable = Yes
csc policy = manual
directory mode = 0700
profile acls = yes
read only = No
[homes]
comment = PRIVATE home
browseable = No
read only = No
path = /data/samba/user/%U
create mask = 0700
directory mask = 0700
force group = users
[netlogo]
# to avoid netlogo-errors in the log
comment = wannabe NTserver
path = /data/samba/netlogon
browseable = No
writeable = No
[netlogon]
comment = wannabe NTserver
path = /data/samba/netlogon
browseable = No
writeable = No
[daten]
comment = Daten
path = /data/samba/daten
create mode = 6777
directory mode = 6777
read only = No
Volker Lendecke
2009-May-19 15:54 UTC
[Samba] user cannot logon to domain although log says "auth succeeded"
On Tue, May 19, 2009 at 04:19:34PM +0100, peter pilsl wrote:> A more detailed log at Loglevel=15 can be viewed at : > http://www.goldfisch.at/temp/smb.log.txt (~150kB)I never understand why people cut log files. There is NO indication whatsoever about any failure, but a lot of indication that parts of the log file were cut off. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20090519/baec8e89/attachment.bin