samba authentication

j.ignacio.leon at gmail.com j.ignacio.leon at gmail.com
Wed Feb 23 18:30:48 MST 2005 

I cannot for the life of me get samba 3.0.10 to authenticate users properly.
I have gone through the entire manual at samba.org, the fault tree at
o'reilly and nothing cures the NT_STATUS_WRONG_PASSWORD error when
looking at the logs.

The only way I can get shares to work is by setting security=share and
then only my OS X box can authenticate properly.  My Windows XP boxes
still can't logon to any password protected shares.  They can only
logon to public shares.

My smb.conf file is full of things I have tried, but this is the dump
of testparm:

Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[www]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

# Global parameters
[global]
        workgroup = CASA
        server string = Samba Server
        security = user
        encrypt passwords = yes
        smb passwd file = /etc/samba/smbpasswd
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *
passwd:*all*authentication*tokens*updated*successfully*
        unix password sync = Yes
        log level = 10
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        os level = 33
        dns proxy = No
        cups options = raw

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[www]
        comment = webfiles
        path = /var/www
        valid users = myuser
        write list = myuser

-------------------------------------------------------------------------------------
A sample of my log error:
  Home server: charlie
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_profile_path(760)
  pdb_set_profile_path: setting profile path \\charlie\myuser\profile, was
[2005/02/23 19:23:47, 4] lib/substitute.c:automount_server(323)
  Home server: charlie
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_homedir(814)
  pdb_set_homedir: setting home dir \\charlie\myuser, was
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_dir_drive(787)
  pdb_set_dir_drive: setting dir drive , was NULL
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_logon_script(733)
  pdb_set_logon_script: setting logon script , was
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 33 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 32 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 20 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 21 -> now SET
[2005/02/23 19:23:47, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 9 -> now SET
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/23 19:23:47, 9] passdb/passdb.c:pdb_update_autolock_flag(2319)
  pdb_update_autolock_flag: Account jils not autolocked, no check needed
[2005/02/23 19:23:47, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
  ntlm_password_check: Checking NT MD4 password
[2005/02/23 19:23:47, 3] libsmb/ntlm_check.c:ntlm_password_check(344)
  ntlm_password_check: NT MD4 password check failed for user myuser
[2005/02/23 19:23:47, 10] lib/account_pol.c:account_policy_get(155)
  account_policy_get: bad lockout attempt:0
[2005/02/23 19:23:47, 9] passdb/passdb.c:pdb_increment_bad_password_count(2380)
  No lockout policy, don't track bad passwords
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:push_sec_ctx(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/23 19:23:47, 3] smbd/uid.c:push_conn_ctx(365)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/23 19:23:47, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2005/02/23 19:23:47, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/02/23 19:23:47, 10] passdb/pdb_smbpasswd.c:mod_smbfilepwd_entry(715)
  mod_smbfilepwd_entry: opening file /etc/samba/smbpasswd
[2005/02/23 19:23:47, 6] passdb/pdb_smbpasswd.c:mod_smbfilepwd_entry(828)
  mod_smbfilepwd_entry: entry exists for user myuser
[2005/02/23 19:23:47, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/23 19:23:47, 5] auth/auth.c:check_ntlm_password(271)
  check_ntlm_password: sam authentication for user [myuser] FAILED
with error NT_STATUS_WRONG_PASSWORD
[2005/02/23 19:23:47, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [myuser] -> [myuser]
FAILED with error NT_STATUS_WRONG_PASSWORD
[2005/02/23 19:23:47, 5] auth/auth_util.c:free_user_info(1318)
  attempting to free (and zero) a user_info structure
[2005/02/23 19:23:47, 10] auth/auth_util.c:free_user_info(1321)
  structure was created for myuser

---------------------------------------------------------

Any suggestions?








I have been tinkering with the conf files for weeks now with hardly any success.

More information about the yellowdog-newbie mailing list