samba - Apr 2010 - Problems connecting to samba with a valid user

Hi,

I'm having some troubles with my samba configuration:

I'm running a FreeBSD 8 file server with samba version 3.2.15.
The port was compilated with WinBIND and UTMP support.

Samba is started by the /etc/rc.conf option: samba_enable="YES"
so that all smbd, nmbd and winbindd daemons are launched.

There is no fw on the box.

I used the smb.conf.default configuration file. I've just added log level 3
and two shares definitions as following:

    [Data01]
        path = /mnt/Data01
        public = yes
        browseable = yes

    [Data02]
        path = /mnt/Data02
        valid users = Popof
        public = no
        browseable = yes

Popof is a valid user on system and I've created a password for samba using
smbpasswd -a Popof (using a different password than the system one (just in
case)).
root has also a valid account also created with smbpasswd.

Here is the output of pdbedit for Popof

    # pdbedit -v Popof
    ---------------
    Unix username:        Popof
    NT username:
    Account Flags:        [U          ]
    User SID:             S-1-5-21-1382845880-3197856027-3249247086-3002
    Primary Group SID:    S-1-5-21-1382845880-3197856027-3249247086-513
    Full Name:            User &
    Home Directory:       \\\Popof
    HomeDir Drive:
    Logon Script:
    Profile Path:         \\\Popof\profile
    Domain:
    Account desc:
    Workstations:
    Munged dial:
    Logon time:           0
    Logoff time:          never
    Kickoff time:         never
    Password last set:    Fri, 09 Apr 2010 16:49:50 CEST
    Password can change:  Fri, 09 Apr 2010 16:49:50 CEST
    Password must change: never
    Last bad password   : 0
    Bad password count  : 0
    Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

When I try to login from a client box on my server with user Popof using
smbclient (smbclient -U Popof -W MYGROUP -L <server_address>)
I get the following error in log files:

    [2010/04/09 16:59:07,  3] auth/auth.c:check_ntlm_password(220)
      check_ntlm_password:  Checking password for unmapped user
[MYGROUP]\[Popof]@[POPOF] with the new password interface
    [2010/04/09 16:59:07,  3] auth/auth.c:check_ntlm_password(223)
      check_ntlm_password:  mapped user is: []\[Popof]@[POPOF]
    [2010/04/09 16:59:07,  2] auth/auth.c:check_ntlm_password(318)
      check_ntlm_password:  Authentication for user [Popof] -> [Popof]
FAILED with error NT_STATUS_NO_SUCH_USER
    [2010/04/09 16:59:07,  3] smbd/error.c:error_packet_set(61)
      error packet at smbd/sesssetup.c(127) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
    [2010/04/09 16:59:07,  3] smbd/process.c:smbd_process(2058)
      receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting
    [2010/04/09 16:59:07,  3] smbd/sec_ctx.c:set_sec_ctx(324)
      setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
    [2010/04/09 16:59:07,  3] smbd/connection.c:yield_connection(31)
      Yielding connection to
    [2010/04/09 16:59:07,  3] smbd/server.c:exit_server_common(953)
      Server exit (normal exit)

But if I use the same command without entering password (logged as nobody)
it works well.
Also I can acces the Data01 share with anonymous account but if I try to get
into Data02 the system asks me for a password and I get the same error.

Does anyone have any idea on what is wrong?

On Fri, Apr 9, 2010 at 11:08 AM, Popof Popof <popofnewslists at gmail.com>
wrote:
> Hi,
>
> I'm having some troubles with my samba configuration:
>
> I'm running a FreeBSD 8 file server with samba version 3.2.15.
> The port was compilated with WinBIND and UTMP support.
>
> Samba is started by the /etc/rc.conf option: samba_enable="YES"
> so that all smbd, nmbd and winbindd daemons are launched.
>
> There is no fw on the box.
>
> I used the smb.conf.default configuration file. I've just added log
level > 3 and two shares definitions as following:
>
> ? ?[Data01]
> ? ? ? ?path = /mnt/Data01
> ? ? ? ?public = yes
> ? ? ? ?browseable = yes
>
> ? ?[Data02]
> ? ? ? ?path = /mnt/Data02
> ? ? ? ?valid users = Popof
> ? ? ? ?public = no
> ? ? ? ?browseable = yes
>
> Popof is a valid user on system and I've created a password for samba
using
> smbpasswd -a Popof (using a different password than the system one (just in
> case)).
> root has also a valid account also created with smbpasswd.
>
> Here is the output of pdbedit for Popof
>
> ? ?# pdbedit -v Popof
> ? ?---------------
> ? ?Unix username: ? ? ? ?Popof
> ? ?NT username:
> ? ?Account Flags: ? ? ? ?[U ? ? ? ? ?]
> ? ?User SID: ? ? ? ? ? ? S-1-5-21-1382845880-3197856027-3249247086-3002
> ? ?Primary Group SID: ? ?S-1-5-21-1382845880-3197856027-3249247086-513
> ? ?Full Name: ? ? ? ? ? ?User &
> ? ?Home Directory: ? ? ? \\\Popof
> ? ?HomeDir Drive:
> ? ?Logon Script:
> ? ?Profile Path: ? ? ? ? \\\Popof\profile
> ? ?Domain:
> ? ?Account desc:
> ? ?Workstations:
> ? ?Munged dial:
> ? ?Logon time: ? ? ? ? ? 0
> ? ?Logoff time: ? ? ? ? ?never
> ? ?Kickoff time: ? ? ? ? never
> ? ?Password last set: ? ?Fri, 09 Apr 2010 16:49:50 CEST
> ? ?Password can change: ?Fri, 09 Apr 2010 16:49:50 CEST
> ? ?Password must change: never
> ? ?Last bad password ? : 0
> ? ?Bad password count ?: 0
> ? ?Logon hours ? ? ? ? : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>
> When I try to login from a client box on my server with user Popof using
> smbclient (smbclient -U Popof -W MYGROUP -L <server_address>)
> I get the following error in log files:
>
> ? ?[2010/04/09 16:59:07, ?3] auth/auth.c:check_ntlm_password(220)
> ? ? ?check_ntlm_password: ?Checking password for unmapped user
> [MYGROUP]\[Popof]@[POPOF] with the new password interface
> ? ?[2010/04/09 16:59:07, ?3] auth/auth.c:check_ntlm_password(223)
> ? ? ?check_ntlm_password: ?mapped user is: []\[Popof]@[POPOF]
> ? ?[2010/04/09 16:59:07, ?2] auth/auth.c:check_ntlm_password(318)
> ? ? ?check_ntlm_password: ?Authentication for user [Popof] -> [Popof]
> FAILED with error NT_STATUS_NO_SUCH_USER
> ? ?[2010/04/09 16:59:07, ?3] smbd/error.c:error_packet_set(61)
> ? ? ?error packet at smbd/sesssetup.c(127) cmd=115 (SMBsesssetupX)
> NT_STATUS_LOGON_FAILURE
> ? ?[2010/04/09 16:59:07, ?3] smbd/process.c:smbd_process(2058)
> ? ? ?receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting
> ? ?[2010/04/09 16:59:07, ?3] smbd/sec_ctx.c:set_sec_ctx(324)
> ? ? ?setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> ? ?[2010/04/09 16:59:07, ?3] smbd/connection.c:yield_connection(31)
> ? ? ?Yielding connection to
> ? ?[2010/04/09 16:59:07, ?3] smbd/server.c:exit_server_common(953)
> ? ? ?Server exit (normal exit)
>
> But if I use the same command without entering password (logged as nobody)
> it works well.
> Also I can acces the Data01 share with anonymous account but if I try to
get
> into Data02 the system asks me for a password and I get the same error.
>
> Does anyone have any idea on what is wrong?
> --
Username and machine name can not be the same.

John