samba authentication
j.ignacio.leon at gmail.com
j.ignacio.leon at gmail.com
Wed Feb 23 18:30:48 MST 2005
I cannot for the life of me get samba 3.0.10 to authenticate users properly.
I have gone through the entire manual at samba.org, the fault tree at
o'reilly and nothing cures the NT_STATUS_WRONG_PASSWORD error when
looking at the logs.
The only way I can get shares to work is by setting security=share and
then only my OS X box can authenticate properly. My Windows XP boxes
still can't logon to any password protected shares. They can only
logon to public shares.
My smb.conf file is full of things I have tried, but this is the dump
of testparm:
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[www]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = CASA
server string = Samba Server
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *
passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log level = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 33
dns proxy = No
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[www]
comment = webfiles
path = /var/www
valid users = myuser
write list = myuser
-------------------------------------------------------------------------------------
A sample of my log error:
Home server: charlie
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_profile_path(760)
pdb_set_profile_path: setting profile path \\charlie\myuser\profile, was
[2005/02/23 19:23:47, 4] lib/substitute.c:automount_server(323)
Home server: charlie
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_homedir(814)
pdb_set_homedir: setting home dir \\charlie\myuser, was
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_dir_drive(787)
pdb_set_dir_drive: setting dir drive , was NULL
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_logon_script(733)
pdb_set_logon_script: setting logon script , was
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
element 33 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
element 32 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
element 20 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
element 21 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
element 9 -> now SET
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/23 19:23:47, 9] passdb/passdb.c:pdb_update_autolock_flag(2319)
pdb_update_autolock_flag: Account jils not autolocked, no check needed
[2005/02/23 19:23:47, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
ntlm_password_check: Checking NT MD4 password
[2005/02/23 19:23:47, 3] libsmb/ntlm_check.c:ntlm_password_check(344)
ntlm_password_check: NT MD4 password check failed for user myuser
[2005/02/23 19:23:47, 10] lib/account_pol.c:account_policy_get(155)
account_policy_get: bad lockout attempt:0
[2005/02/23 19:23:47, 9] passdb/passdb.c:pdb_increment_bad_password_count(2380)
No lockout policy, don't track bad passwords
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/23 19:23:47, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/23 19:23:47, 5] auth/auth_util.c:debug_nt_user_token(486)
NT user token: (NULL)
[2005/02/23 19:23:47, 5] auth/auth_util.c:debug_unix_user_token(505)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2005/02/23 19:23:47, 10] passdb/pdb_smbpasswd.c:mod_smbfilepwd_entry(715)
mod_smbfilepwd_entry: opening file /etc/samba/smbpasswd
[2005/02/23 19:23:47, 6] passdb/pdb_smbpasswd.c:mod_smbfilepwd_entry(828)
mod_smbfilepwd_entry: entry exists for user myuser
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/23 19:23:47, 5] auth/auth.c:check_ntlm_password(271)
check_ntlm_password: sam authentication for user [myuser] FAILED
with error NT_STATUS_WRONG_PASSWORD
[2005/02/23 19:23:47, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [myuser] -> [myuser]
FAILED with error NT_STATUS_WRONG_PASSWORD
[2005/02/23 19:23:47, 5] auth/auth_util.c:free_user_info(1318)
attempting to free (and zero) a user_info structure
[2005/02/23 19:23:47, 10] auth/auth_util.c:free_user_info(1321)
structure was created for myuser
---------------------------------------------------------
Any suggestions?
I have been tinkering with the conf files for weeks now with hardly any success.
More information about the yellowdog-newbie
mailing list