David M Noriega
2009-Jul-02 21:13 UTC
[Samba] Samba BDC + LDAP failing to authenticate users
I have Samba 3.2.4 running on Solaris 10 from sunfreeware. From what I can tell just recently happened to this server, which runs as a BDC + LDAP. Previously I have been able to authenticate against it as well as map drives from it. Though now it complains about no such user exists, though they do. here is the log entries, level 2 With correct password [2009/07/02 12:21:33, 2] smbd/sesssetup.c:setup_new_vc_session(1363) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2009/07/02 12:21:33, 2] smbd/sesssetup.c:setup_new_vc_session(1363) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2009/07/02 12:21:33, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571) init_sam_from_ldap: Entry found for user: user.name [2009/07/02 12:21:33, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) pdb_get_group_sid: Failed to find Unix account for user.name [2009/07/02 12:21:33, 1] auth/auth_util.c:make_server_info_sam(562) User user.name in passdb, but getpwnam() fails! [2009/07/02 12:21:33, 0] auth/auth_sam.c:check_sam_security(355) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' [2009/07/02 12:21:33, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [user.name] -> [user.name] FAILED with error NT_STATUS_NO_SUCH_USER with wrong password [2009/07/02 12:22:40, 2] smbd/sesssetup.c:setup_new_vc_session(1363) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2009/07/02 12:22:40, 2] smbd/sesssetup.c:setup_new_vc_session(1363) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2009/07/02 12:22:40, 2] lib/smbldap.c:smbldap_open_connection(796) smbldap_open_connection: connection opened [2009/07/02 12:22:40, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571) init_sam_from_ldap: Entry found for user: user.name [2009/07/02 12:22:40, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) pdb_get_group_sid: Failed to find Unix account for user.name [2009/07/02 12:22:40, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [user.name] -> [user.name] FAILED with error NT_STATUS_WRONG_PASSWORD smb.conf [Global] workgroup = x.x.x netbios name = xxx server string = BDC %v passdb backend = ldapsam:ldap://x.x.x.x domain master = no domain logons = yes ldap suffix = dc=x,dc=x,dc=x ldap user suffix = ou=people ldap group suffix = ou=group ldap machine suffix = ou=machines ldap admin dn = cn=manager,dc=x,dc=x,dc=x encrypt passwords = yes enable privileges = yes log level = 0 syslog = 0 domain master = no wins support = no wins server = x.x.x.x ntlm auth = yes lanman auth = yes ldap ssl = start tls local master = yes os level = 33 preferred master = yes [gtest] path = /var/gtest browseable = yes writeable = yes create mask = 0777 directory mask = 0777 force group = "Domain Users" public = yes Any ideas? -- Personally, I liked the university. They gave us money and facilities, we didn't have to produce anything! You've never been out of college! You don't know what it's like out there! I've worked in the private sector. They expect results. -Ray Ghostbusters