On Thu, 2006-03-16 at 11:26 -0500, Bradish, Jeff wrote: > One correction to my original email; I am running Solaris 9 rather than > Solaris 8 (typo). > > Following are my smb.conf settings: > [global] > workgroup = AMER > netbios name = USAHSSMC001 > netbios aliases = USAHSSMC001 > server string = EDS GSCO > security = DOMAIN > encrypt passwords = Yes > password server = usahd100 uspld100 usahd101 usahd102 usahd103 > usahd104 > username map = /etc/samba/username.map > log level = 4 > preferred master = No > local master = No > domain master = No > dns proxy = No > create mask = 0664 > name resolve order = lmhosts > > My issue is: Everything was fine until the AD domain controllers were > "upgraded" to Windows Server 2003 SP1. User authentication would no longer > function until I pointed the password server entry to domain controllers that > have not been upgraded to SP1. > > I upgraded to Samba 3.0.21c, downloaded the pre-compiled version for Solaris > 9 and installed with no problems. At this point, I cannot get Samba 3.0.21c > to be recognized by either Windows Server 2003 or Windows Server 2003 SP1. I > have tried rejoining the domain with no success. > > Samba log entries: > cli_nt_create failed on pipe \NETLOGON to machine <name>. Error was > NT_STATUS_ACCESS_DENIED > failed to get schannel session key from server <name> for domain <domainname>. > domain_client_validate: Domain password server not available > check_ntlm_password: Authentication for user [id] -> [id] FAILED with error > NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE > > At this point, I can not get domain security to function for either Samba > version when pointed to a Windows Server 2003 SP1 AD controller. > > Any help with this situation would be appreciated. > ---- I'm out of my league here but try...
client schannel = no (see man smb.conf) Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba