similar to: nitwit's attempt to edit samba source

On 26.11.2015 03:51, mourik jan heupink wrote: > Hi, > > Since I really would like some more info (specifically: remote ip > address) to be logged with failed password attempts, I have tried to > edit the samba source code. :-) > > Anyway, I changed in source4/auth/ntlm/auth.c > > >> if (tevent_req_is_nterror(req, &status)) { >>

Hi Viktor! Thanks for your try at this, I am already doing what you suggest: the iptables - timestaps. But that is rather troublesome, and I would very much samba to log this vital info. Anyway, I tried what you suggested, and now it stopped compiling. :-) Does this error perhaps tell you something, or are you just as clueless as I am now: > [1955/4033] Compiling source4/auth/ntlm/auth.c

Hi, As Viktor has picked up on, remote_host is a struct of type tsocket_address. It's not very typical to be able to directly access this kind of information and there'll usually be some function that looks helpful. In the tsocket guide that he's posted, there seems to be a function that you want, which takes your remote_host and converts it to what looks to be a proper (ipv4 or

Hello List, I'm dealing with the following issue here: https://forum.zentyal.org/index.php?topic=25300.0 Although it starts with OpenChange, it ends with Samba4 so I very much hope that somebody on this list can help me out. Basically I try to authenticate users through the Outlook autoconfigurator using RPC-OVER-HTTP to a samba server. The problem is that in Samba4/LDAP I cannot have

Hi there, I'm trying to get FreeRADIUS to authenticate against my Samba DC. It's Samba 4.7.6-ubuntu running on Ubuntu 18 (kernel version 4.15.0-66-generic). It came nicely packaged with Zentyal, which provides a nice GUI for managing a domain, as well as a CA and lots of cool small features. That same Zentyal also includes support for FreeRADIUS (3.0.16). This is my smb.conf:

Hi, In the past (2 months ago) : I have two AD Domain under Samba 4.1 : A and B. I war able to  connect a share in A from B. Now (after upgrade) : I have a W2016 domain (B) and a Samba 4.6 domain (A) but I can't connect a share in A from B. The user from B which try to connect the share in A has the same login in the two domains. So since the upgrade I don't have the same behavior

Hi, I have been having issues with NTLMv2 on newly provisioned domains, using Samba 4.1 from backports on Debian Wheezy. Everything seems to be working fine, except for NTLMv2 authentication with Squid and "ntlm_auth" on newer Windows versions. If I set "Lmcompatibility" down on the Windows PCs, then authentication works, but that is temporary workaround at best. I have

I recently migrated our samba PDC to an LDAP backend on a test machine. Testing my account policies, I found out that the password lockout did not work. When authentication fail, samba seems to call init_ldap_from_sam asking to update the bad password count. When I set the lockout threshold to 1, the account is locked after a failed attempt and the badPasswordCount attribute is updated correctly

This may have been asked before, but I can't find it. I am getting repeated external attempted to log into our AD/DC (running Samba 4.4.14). In /var/log/samba/log.samba I get entried like: 2017/09/19 05:02:25.562957, 2] ../source4/auth/ntlm/auth.c:430(auth_check_password_recv) auth_check_password_recv: sam_ignoredomain authentication for user [HPRS\333] FAILED with error

Hi, Anybody got experienced that the shared folder (in SAMBAAD domain) can't be accessible on the trusting domain (TESTHV). Background: SAMBAAD has one-way trust with TESTHV. TESTHV users can login in the SAMBAAD connected machines. Currently using Version 4.9.0rc5. It's working fine if the SAMBAAD users access with it, but users in TESTHV could not access with it even the permission

Hi, As I configured the Roaming profiles under linux, it more or less generate an abnormal operation (in less than 2 mins) if I add/copy some files to the home directory. But for Windows XP and Windows 7 is running smoothly and it generates folders at the Samba4 server location with corresponding users. e.g. Administrator (for XP), and Administrator.V2 (for Win7/2008) based on my observations. I

I used to also get related log messages of the form: auth_check_password_send: Checking password for unmapped user [HPRS]\[mark]@[ROVER] auth_check_password_send: mapped user is: [HPRS]\[mark]@[ROVER] but now all I get is the auth_check_password_recv in the log. Perhaps the change is due to an upgrade to Samba, or perhaps a change I made to my smb.conf log options? (see log config in my

Hi again, I just started to debug things on the samba4 side: When trying to mount the Windows NFS share, I get the following error on the samba4 dc (just grepping for nfs in the logs): auth_check_password_send: Checking password for unmapped user [S5DOM.TEST]\[nfs/nfsclient.mydom.test]@[] map_user_info_cracknames: Mapping user [MYDOM.TEST]\[nfs/nfsclient.mydom.test] from workstation []

Hi all, I am running a Samba 4.2.14 Active Directory server on Debian and it is working fine. I have Windows workstations, Linux servers and some web services authenticate against the Samba AD. The only thing that I am missing is a proper logging for the authentication events on this system. Especially in case of web services, which are using LDAP authentication against Samba, from the logs I can

Am 22.01.2018 um 21:39 schrieb Andrew Bartlett: > On Mon, 2018-01-22 at 21:30 +0100, Johannes Engel via samba wrote: >> [2018/01/22 21:15:50.022197, 2] >> ../source4/auth/ntlm/auth.c:475(auth_check_password_recv) >> auth_check_password_recv: sam_failtrusts authentication for user >> [MYDOMAIN\ldap] FAILED with error NT_STATUS_NO_TRUST_LSA_SECRET, >>

I've setup samba4 to authenticate against a separate LDAP server. I can ssh to my server but attempts to login to a windows7 member server using the ldap domain are not working. Relevant errors: [2014/07/18 06:46:28.177400, 3] ../source4/auth/ntlm/auth.c:270(auth_check_password_send) auth_check_password_send: Checking password for unmapped user [ldapdom]\[user]@[win7host]

On Sun, 26 Jun 2016 09:24:16 Rowland penny <rpenny at samba.org> wrote: > ... > So, if you are looking for an ipaddress of a failed login attempt, it > seems you can get it. That looked interesting. I tried creating the logfile /var/log/samba/.log.samba.%m and restart samba. What it did was immediately create separate log files for each currently attached workstation:

I am running Samba Version 4.1.23 as an AD/DC on Linux Slackware64 14.1. I am logging samba messages to /var/log/samba/log.samba with logging set to the following in smb.conf: log level = 2 passdb:5 auth:10 winbind:2 lanman:10 I have a script that scans this logfile for message like the following: auth_check_password_recv: sam_ignoredomain authentication for user [HPRS\thisuser] FAILED with

Hi all, I'm having a problem with an upgrade of Samba running on a Redhat4 Update 4 system. The default installation provides only 3.0.10 which doesn't include the privilege model or a number of fixes including some in 3.0.21a and 3.0.23 which it looks like we'll need. The system runs in PDC mode with user accounts in an ldap database. On a test system which I'm using to

I don't think it will be easy to identify the problem remotely. You can try logging in with password (if not disabled), or sshing with some other key, or logging into some other user. If you are able to get access to the machine, post the server's error log here. On Mon, Oct 24, 2016 at 9:55 PM, Jin Li <lijin.abc at gmail.com> wrote: > Hi Tanmay, > > The server is not