On 12/10/09 14:39, Nick Pappin wrote:
On Tue, Dec 8, 2009 at 4:40 PM, Nick Pappin<npap...@latahfcu.org> wrote:
Hey Everyone,
So here is what is going on I have two computers on the same network
that are both connected to the PDC of a samba domain (on the same network
segment):
____________________________________________
|
| |
|
| |
_________
_________ ______
| comp1 | | comp2 |
| PDC |
---------------
--------------- ----------
Now when i try to connect to the registry of comp1 from comp2 I get an
error saying i don't have permission to connect using the domain
administrator account. This also coincides with a name mismatch error:
[2009/12/08 16:10:43, 0] lib/util_sock.c:matchname(1721)
matchname: host name/name mismatch: FOO != FOO.bar.com
Could this be causing my problem and how should I troubleshoot this
problem. Any ideas would be greatly appreciated.
Thanks,
Nick
Hi everyone,
I have fixed the mismatch error but it still isn't working I was
hoping someone could help me. From what I can tell in the logs I am
authenticating on the machine however then I see a wrong password entry.
Could someone please explain to me what is going on.
I have attached a level 2 log file if you need higher I can do that as well.
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: root
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_group_from_ldap(2366)
init_group_from_ldap: Entry found for group: 512
[2009/12/10 11:21:49, 2] auth/auth.c:check_ntlm_password(308)
check_ntlm_password: authentication for user [root] -> [root] -> [root]
succeeded
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: root
[2009/12/10 11:21:49, 0] lib/util_sock.c:matchname(1749)
matchname: host name/address mismatch: ::ffff:192.168.1.200 != it0
[2009/12/10 11:21:49, 0] lib/util_sock.c:get_peer_name(1870)
Matchname failed on it0 ::ffff:192.168.1.200
[2009/12/10 11:21:49, 2] rpc_server/srv_samr_nt.c:_samr_LookupDomain(3456)
Returning domain sid for domain LATAHFCU ->
S-1-5-21-2238568125-4161709326-2298815865
[2009/12/10 11:21:49, 2] rpc_server/srv_samr_nt.c:_samr_LookupDomain(3456)
Returning domain sid for domain LATAHFCU ->
S-1-5-21-2238568125-4161709326-2298815865
[2009/12/10 11:21:49, 2] rpc_server/srv_samr_nt.c:_samr_LookupDomain(3456)
Returning domain sid for domain LATAHFCU ->
S-1-5-21-2238568125-4161709326-2298815865
[2009/12/10 11:21:49, 2] rpc_server/srv_samr_nt.c:_samr_LookupDomain(3456)
Returning domain sid for domain LATAHFCU ->
S-1-5-21-2238568125-4161709326-2298815865
[2009/12/10 11:21:49, 2] smbd/sesssetup.c:setup_new_vc_session(1368)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2009/12/10 11:21:49, 2] smbd/sesssetup.c:setup_new_vc_session(1368)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all
old resources.
[2009/12/10 11:21:49, 2] lib/smbldap.c:smbldap_open_connection(856)
smbldap_open_connection: connection opened
[2009/12/10 11:21:49, 2] lib/module.c:do_smb_load_module(64)
Module '/usr/lib64/samba/vfs/full_audit.so' loaded
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: root
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_ldap_from_sam(1128)
init_ldap_from_sam: Setting entry for user: root
[2009/12/10 11:21:49, 2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password: Authentication for user [Administrator] -> [root]
FAILED with error NT_STATUS_WRONG_PASSWORD
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: root
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_group_from_ldap(2366)
init_group_from_ldap: Entry found for group: 512
[2009/12/10 11:21:49, 2] auth/auth.c:check_ntlm_password(308)
check_ntlm_password: authentication for user [root] -> [root] -> [root]
succeeded
[2009/12/10 11:21:49, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: root
[2009/12/10 11:21:49, 2] auth/auth.c:check_ntlm_password(308)
check_ntlm_password: authentication for user [root] -> [root] -> [root]
succeeded
[2009/12/10 11:21:54, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: root
[2009/12/10 11:21:54, 2] passdb/pdb_ldap.c:init_ldap_from_sam(1128)
init_ldap_from_sam: Setting entry for user: root
[2009/12/10 11:21:54, 2] auth/auth.c:check_ntlm_password(318)
check_ntlm_password: Authentication for user [Administrator] -> [root]
FAILED with error NT_STATUS_WRONG_PASSWORD
Thank you for your time,
--
Nick
Did you map the Administrator account to the root account?
I would try either creating an Administrator account in unix and not
have the mapping or try adding another WIndows account to the domain
admin group and seeing if that account can to the remote registry
management.
If you log in to a PC as a Domain Administrator, are you able to do
Administrative things like adding local users?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
