samba - Mar 2011 - possible to deactivate pre-authentification on the Linux (or windows)- Please help

Dear Friend,


Is it possible to deactivate pre-authentification on the Linux (or

Windows) side to avoid these messages ?

Becouse i am getting lot of erro in windows 2003 domain.

Hi, 

When validating users on my Linux system against an ActiveDirectory, 
the Windows event log are filled with messages like these (Windows 
Event ID 675): 

Pre-authentication failed: 
User Name: linux$ 
User ID: KK\linux$ 
Service Name: krbtgt/KK.LOCAL 
Pre-Authentication Type: 0x0 
Failure Code: 0x19 
Client Address: 1.2.3.4 


(1.2.3.4 is the IP address of the Linux machine, LINUX the hostname of 
the Linux machine). 

The message above comes at every request from the Linux machine (every 5 
minutes on this installation). If I am validating a user, the same 
message is shown for the user like this (user name validated=test): 

Pre-authentication failed: 
User Name: test$ 
User ID: KK\test$ 
Service Name: krbtgt/KK.LOCAL 
Pre-Authentication Type: 0x0 
Failure Code: 0x19 
Client Address: 1.2.3.4 

Messages logged on behalf of a user may be disabled by deactivating 
pre-authentification for each user. But I cannot find any place in 
ActiveDirectory to disable it for the machine account. 

What is missing ? 

Is it possible to deactivate pre-authentification on the Linux (or 
Windows) side to avoid these messages ?

On Wed, Mar 9, 2011 at 12:33 AM, Sharik M <sharikonline at yahoo.com>
wrote:
> Dear Friend,
>
>
> Is it possible to deactivate pre-authentification on the Linux (or
>
> Windows) side to avoid these messages ?
>
> Becouse i am getting lot of erro in windows 2003 domain.
>
> Hi,
>
> When validating users on my Linux system against an ActiveDirectory,
> the Windows event log are filled with messages like these (Windows
> Event ID 675):
>
> Pre-authentication failed:
> User Name: linux$
> User ID: KK\linux$
> Service Name: krbtgt/KK.LOCAL
> Pre-Authentication Type: 0x0
> Failure Code: 0x19
> Client Address: 1.2.3.4
>
>
> (1.2.3.4 is the IP address of the Linux machine, LINUX the hostname of
> the Linux machine).
>
> The message above comes at every request from the Linux machine (every 5
> minutes on this installation). If I am validating a user, the same
> message is shown for the user like this (user name validated=test):
>
> Pre-authentication failed:
> User Name: test$
> User ID: KK\test$
> Service Name: krbtgt/KK.LOCAL
> Pre-Authentication Type: 0x0
> Failure Code: 0x19
> Client Address: 1.2.3.4
>
> Messages logged on behalf of a user may be disabled by deactivating
> pre-authentification for each user. But I cannot find any place in
> ActiveDirectory to disable it for the machine account.
>
> What is missing ?
>
> Is it possible to deactivate pre-authentification on the Linux (or
> Windows) side to avoid these messages ?
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: ?https://lists.samba.org/mailman/options/samba
>
Although annoying, these are not necessarily all that bad of audit
entries because it may be trying different methods of authenticating.
First one fails so it tries a more difficult one.
i wonder if it would be better to attempt a reset of the machine
account password from AD, then setting DONT_REQ_PREAUTH.

You can change it via adsiedit or adexplorer.exe
DONT_REQ_PREAUTH

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B305144
ms-DS-User-Account-Control-Computed

p.s. i typed this 5 days ago and just found it was not sent.