Re: [Samba] Problem with domain membership
Just to be sure, I got it right: here is, what I do to get into the domain and the dump the avaiable services: ---snip--- [EMAIL PROTECTED]> /etc/init.d/samba stop Shutting down SAMBA nmbd : done Shutting down SAMBA smbd : done [EMAIL PROTECTED]> rm /opt/samba/private/s* [EMAIL PROTECTED]> smbpasswd -j -r -U Administrator Password: Joined domain . [EMAIL PROTECTED]> /etc/init.d/samba start Starting SAMBA nmbd : done Starting SAMBA smbd : done [EMAIL PROTECTED]> smbclient -L //hal -U jwitte -W added interface ip=10.128.0.23 bcast=10.128.0.255 nmask=255.255.255.0 Password: session setup failed: NT_STATUS_LOGON_FAILURE [EMAIL PROTECTED]> smbpasswd -X hal # == localhost SID for domain hal is: S-1-5-21-1600896514-926734994-3729081620 [EMAIL PROTECTED]> smbpasswd -X Mundwerk SID for domain Mundwerk is: S-1-5-21-1790986081-3911417905-1778689532 ---snip--- If anybody has an idea, I would greatly appreciate it, since this is a real blocker Regards Jochen Am Mittwoch, den 23.03.2005, 11:35 +0100 schrieb Jochen Witte: > Hello - can anybody explain, what this means in detail? > > ---snip--- > 10 smb_io_rpc_hdr_resp rpc_hdr_resp > 0010 alloc_hint: 0010 > 0014 context_id: > 0016 cancel_ct : 00 > 0017 reserved : 00 > rpc_api_pipe: len left: 0 smbtrans read: 40 > rpc_api_pipe: fragment first and last both set > 18 net_io_r_auth_2 > 18 smb_io_chal > 0018 data: c8 d8 ff bf 3b 5f 0e 08 > 20 net_io_neg_flags > 0020 neg_flags: 41ff > 0024 status: NT_STATUS_ACCESS_DENIED > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > cli_nt_setup_creds: auth2 challenge failed > connect_to_domain_password_server: unable to setup the PDC credentials > to machine PDC-SERVER. Error was : NT_STATUS_OK. > write_socket(19,45) > write_socket(19,45) wrote 45 > ---snip--- > > > > > > Am Dienstag, den 22.03.2005, 22:18 +0100 schrieb Jochen Witte: > > OKOK no attachements here. On the PDC side I get: > > > > ---snip--- > > > > account_policy_get: password history:0 > > pdb_set_user_sid: setting user sid > > S-1-5-21-1790986081-3911417905-1778689532-132098 > > pdb_set_user_sid_from_rid: > > setting user sid S-1-5-21-1790986081-3911417905-1778689532-132098 from > > rid 132098 > > pdb_set_group_sid: setting group sid > > S-1-5-21-1790986081-3911417905-1778689532-61001 > > pdb_set_group_sid_from_rid: > > setting group sid S-1-5-21-1790986081-3911417905-1778689532-61001 from > > rid 61001 > > pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0 > > [000] 4A 8C 6C 14 69 D1 72 B8 46 71 33 55 75 F8 01 C3 J.l.i.r. > > Fq3Uu... > > cred_session_key > > clnt_chal: E166CA9056B37776 > > srv_chal : 5EC8E922D299E1CE > > clnt+srv : 3F2FB4B3284D5945 > > sess_key : 629F7453EFF68A4B > > cred_create > > sess_key : 629F7453EFF68A4B > > stor_cred: E166CA9056B37776 > > timestamp: 0 > > timecred : E166CA9056B37776 > > calc_cred: FE38AA70FD16006A > > cred_assert > > challenge : 4C87E9631DF688E5 > > calculated: FE38AA70FD16006A > > credentials check wrong > > 00 net_io_r_auth_2 > > 00 smb_io_chal > > data: c8 d8 ff bf 3b 5f 0e 08 > > 08 net_io_neg_flags > > 0008 neg_flags: 41ff > > 000c status: NT_STATUS_ACCESS_DENIED > > api_rpcTNP: called NETLOGON successfully > > free_pipe_context: destroying talloc pool of size 78 > > write_to_pipe: data_used = 140 > > read_from_pipe: 712c name: NETLOGON len: 156 > > read_from_pipe: NETLOGON: fault_state = 0 : data_sent_length = 0, > > prs_offset(&p->out_data.rdata) = 16. > > ---snip--- > > > > Am Dienstag, den 22.03.2005, 22:07 +0100 schrieb Jochen Witte: > > > Attached are the logs with the according log-level. > > > > > > ---snip--- > > > doing parameter workgroup = > > > doing parameter netbios name = HAL > > > 18 smb_io_chal > > > 0018 data: c8 d8 ff bf 3b 5f 0e 08 > > > 20 net_io_neg_flags > > > 0020 neg_flags: 41ff > > > 0024 status: NT_STATUS_ACCESS_DENIED > > > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > > > cli_nt_setup_creds: auth2 challenge failed > > > connect_to_domain_password_server: unable to setup the PDC credentials > > > to machine . Ewrite_socket(19,45) > > > ---snip--- > > > > > > Do I have a wrong secrets.tdb ? I deleted it completely and then joined > > > the domain again (after removing the machine account in my ldap server). > > > > > > Am Dienstag, den 22.03.2005, 05:07 -0600 schrieb Gerald (Jerry) Carter: > > > > -BEGIN PGP SIGNED MESSAGE- > > > > Hash: SHA1 > > > > > > > > Jochen Witte wrote: > > > > | One update: when trying security=server > > > > | on the fileserver side, I can log on > > > > | to the fileserver. But i do not want > > > > | security=server! Any hints out there? > > > > > > > > You need to look at a level 10 log on the server > > > > (and set 'debug timestamp = no' for high debug logs). > > > > There's not enough information here to really offer > > > > sound advice.
[Fwd: Re: [Samba] Problem with domain membership]
Well, this is what I did: I removed secrets.tdb, joined the domain again -- and then I got this error Is there a chance to sniff details of the credentials the member-server uses to connect to the PDC? Weitergeleitete Nachricht Von: Gerald (Jerry) Carter <[EMAIL PROTECTED]> An: Jochen Witte <[EMAIL PROTECTED]> Kopie: samba@lists.samba.org Betreff: Re: [Samba] Problem with domain membership Datum: Wed, 23 Mar 2005 08:14:27 -0600 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jochen Witte wrote: | Hello - can anybody explain, what this means in detail? | | ---snip--- | 10 smb_io_rpc_hdr_resp rpc_hdr_resp | 0010 alloc_hint: 0010 | 0014 context_id: | 0016 cancel_ct : 00 | 0017 reserved : 00 | rpc_api_pipe: len left: 0 smbtrans read: 40 | rpc_api_pipe: fragment first and last both set | 18 net_io_r_auth_2 | 18 smb_io_chal | 0018 data: c8 d8 ff bf 3b 5f 0e 08 | 20 net_io_neg_flags | 0020 neg_flags: 41ff | 0024 status: NT_STATUS_ACCESS_DENIED | cli_net_auth2: Error NT_STATUS_ACCESS_DENIED | cli_nt_setup_creds: auth2 challenge failed | connect_to_domain_password_server: unable to setup the PDC credentials | to machine PDC-SERVER. Error was : NT_STATUS_OK. | write_socket(19,45) | write_socket(19,45) wrote 45 | ---snip--- It means the machine trust account password on the Samba server is invalid. Rejoining the domain should clear things up. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCQXnDIR7qMdg1EfYRApUlAJ4lVmZnrztddnlgNW7XlBI6q0UXvACg6bsU uqDMmTuLegaooWduO+ZKApY= =qakP -END PGP SIGNATURE- -- Jochen Witte <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with domain membership
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jochen Witte wrote: | Hello - can anybody explain, what this means in detail? | | ---snip--- | 10 smb_io_rpc_hdr_resp rpc_hdr_resp | 0010 alloc_hint: 0010 | 0014 context_id: | 0016 cancel_ct : 00 | 0017 reserved : 00 | rpc_api_pipe: len left: 0 smbtrans read: 40 | rpc_api_pipe: fragment first and last both set | 18 net_io_r_auth_2 | 18 smb_io_chal | 0018 data: c8 d8 ff bf 3b 5f 0e 08 | 20 net_io_neg_flags | 0020 neg_flags: 41ff | 0024 status: NT_STATUS_ACCESS_DENIED | cli_net_auth2: Error NT_STATUS_ACCESS_DENIED | cli_nt_setup_creds: auth2 challenge failed | connect_to_domain_password_server: unable to setup the PDC credentials | to machine PDC-SERVER. Error was : NT_STATUS_OK. | write_socket(19,45) | write_socket(19,45) wrote 45 | ---snip--- It means the machine trust account password on the Samba server is invalid. Rejoining the domain should clear things up. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCQXnDIR7qMdg1EfYRApUlAJ4lVmZnrztddnlgNW7XlBI6q0UXvACg6bsU uqDMmTuLegaooWduO+ZKApY= =qakP -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with domain membership
Hello - can anybody explain, what this means in detail? ---snip--- 10 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0010 0014 context_id: 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 40 rpc_api_pipe: fragment first and last both set 18 net_io_r_auth_2 18 smb_io_chal 0018 data: c8 d8 ff bf 3b 5f 0e 08 20 net_io_neg_flags 0020 neg_flags: 41ff 0024 status: NT_STATUS_ACCESS_DENIED cli_net_auth2: Error NT_STATUS_ACCESS_DENIED cli_nt_setup_creds: auth2 challenge failed connect_to_domain_password_server: unable to setup the PDC credentials to machine PDC-SERVER. Error was : NT_STATUS_OK. write_socket(19,45) write_socket(19,45) wrote 45 ---snip--- Am Dienstag, den 22.03.2005, 22:18 +0100 schrieb Jochen Witte: > OKOK no attachements here. On the PDC side I get: > > ---snip--- > > account_policy_get: password history:0 > pdb_set_user_sid: setting user sid > S-1-5-21-1790986081-3911417905-1778689532-132098 > pdb_set_user_sid_from_rid: > setting user sid S-1-5-21-1790986081-3911417905-1778689532-132098 from > rid 132098 > pdb_set_group_sid: setting group sid > S-1-5-21-1790986081-3911417905-1778689532-61001 > pdb_set_group_sid_from_rid: > setting group sid S-1-5-21-1790986081-3911417905-1778689532-61001 from > rid 61001 > pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0 > [000] 4A 8C 6C 14 69 D1 72 B8 46 71 33 55 75 F8 01 C3 J.l.i.r. > Fq3Uu... > cred_session_key > clnt_chal: E166CA9056B37776 > srv_chal : 5EC8E922D299E1CE > clnt+srv : 3F2FB4B3284D5945 > sess_key : 629F7453EFF68A4B > cred_create > sess_key : 629F7453EFF68A4B > stor_cred: E166CA9056B37776 > timestamp: 0 > timecred : E166CA9056B37776 > calc_cred: FE38AA70FD16006A > cred_assert > challenge : 4C87E9631DF688E5 > calculated: FE38AA70FD16006A > credentials check wrong > 00 net_io_r_auth_2 > 00 smb_io_chal > data: c8 d8 ff bf 3b 5f 0e 08 > 08 net_io_neg_flags > 0008 neg_flags: 41ff > 000c status: NT_STATUS_ACCESS_DENIED > api_rpcTNP: called NETLOGON successfully > free_pipe_context: destroying talloc pool of size 78 > write_to_pipe: data_used = 140 > read_from_pipe: 712c name: NETLOGON len: 156 > read_from_pipe: NETLOGON: fault_state = 0 : data_sent_length = 0, > prs_offset(&p->out_data.rdata) = 16. > ---snip--- > > Am Dienstag, den 22.03.2005, 22:07 +0100 schrieb Jochen Witte: > > Attached are the logs with the according log-level. > > > > ---snip--- > > doing parameter workgroup = > > doing parameter netbios name = HAL > > 18 smb_io_chal > > 0018 data: c8 d8 ff bf 3b 5f 0e 08 > > 20 net_io_neg_flags > > 0020 neg_flags: 41ff > > 0024 status: NT_STATUS_ACCESS_DENIED > > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > > cli_nt_setup_creds: auth2 challenge failed > > connect_to_domain_password_server: unable to setup the PDC credentials > > to machine . Ewrite_socket(19,45) > > ---snip--- > > > > Do I have a wrong secrets.tdb ? I deleted it completely and then joined > > the domain again (after removing the machine account in my ldap server). > > > > Am Dienstag, den 22.03.2005, 05:07 -0600 schrieb Gerald (Jerry) Carter: > > > -BEGIN PGP SIGNED MESSAGE- > > > Hash: SHA1 > > > > > > Jochen Witte wrote: > > > | One update: when trying security=server > > > | on the fileserver side, I can log on > > > | to the fileserver. But i do not want > > > | security=server! Any hints out there? > > > > > > You need to look at a level 10 log on the server > > > (and set 'debug timestamp = no' for high debug logs). > > > There's not enough information here to really offer > > > sound advice. > > > > > > > > > > > > > > > > > > > > > > > > cheers, jerry > > > = > > > Alleviating the pain of Windows(tm) --- http://www.samba.org > > > GnuPG Key- http://www.plainjoe.org/gpg_public.asc > > > "I never saved anything for the swim back." Ethan Hawk in Gattaca > > > -BEGIN PGP SIGNATURE- > > > Version: GnuPG v1.2.5 (GNU/Linux) > > > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > > > > > iD8DBQFCP/xZIR7qMdg1EfYRAsfVAJ9GqO/9UVgJpgTJmHdODPU+YO2x6gCg3bHl > > > STOznlGLrgKRJuZGUFH0h/E= > > > =Je16 > > > -END PGP SIGNATURE- > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > -- > Jochen Witte <[EMAIL PROTECTED]> > -- Jochen Witte <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with domain membership
OKOK no attachements here. On the PDC side I get: ---snip--- account_policy_get: password history:0 pdb_set_user_sid: setting user sid S-1-5-21-1790986081-3911417905-1778689532-132098 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1790986081-3911417905-1778689532-132098 from rid 132098 pdb_set_group_sid: setting group sid S-1-5-21-1790986081-3911417905-1778689532-61001 pdb_set_group_sid_from_rid: setting group sid S-1-5-21-1790986081-3911417905-1778689532-61001 from rid 61001 pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0 [000] 4A 8C 6C 14 69 D1 72 B8 46 71 33 55 75 F8 01 C3 J.l.i.r. Fq3Uu... cred_session_key clnt_chal: E166CA9056B37776 srv_chal : 5EC8E922D299E1CE clnt+srv : 3F2FB4B3284D5945 sess_key : 629F7453EFF68A4B cred_create sess_key : 629F7453EFF68A4B stor_cred: E166CA9056B37776 timestamp: 0 timecred : E166CA9056B37776 calc_cred: FE38AA70FD16006A cred_assert challenge : 4C87E9631DF688E5 calculated: FE38AA70FD16006A credentials check wrong 00 net_io_r_auth_2 00 smb_io_chal data: c8 d8 ff bf 3b 5f 0e 08 08 net_io_neg_flags 0008 neg_flags: 41ff 000c status: NT_STATUS_ACCESS_DENIED api_rpcTNP: called NETLOGON successfully free_pipe_context: destroying talloc pool of size 78 write_to_pipe: data_used = 140 read_from_pipe: 712c name: NETLOGON len: 156 read_from_pipe: NETLOGON: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 16. ---snip--- Am Dienstag, den 22.03.2005, 22:07 +0100 schrieb Jochen Witte: > Attached are the logs with the according log-level. > > ---snip--- > doing parameter workgroup = > doing parameter netbios name = HAL > 18 smb_io_chal > 0018 data: c8 d8 ff bf 3b 5f 0e 08 > 20 net_io_neg_flags > 0020 neg_flags: 41ff > 0024 status: NT_STATUS_ACCESS_DENIED > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > cli_nt_setup_creds: auth2 challenge failed > connect_to_domain_password_server: unable to setup the PDC credentials > to machine . Ewrite_socket(19,45) > ---snip--- > > Do I have a wrong secrets.tdb ? I deleted it completely and then joined > the domain again (after removing the machine account in my ldap server). > > Am Dienstag, den 22.03.2005, 05:07 -0600 schrieb Gerald (Jerry) Carter: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > Jochen Witte wrote: > > | One update: when trying security=server > > | on the fileserver side, I can log on > > | to the fileserver. But i do not want > > | security=server! Any hints out there? > > > > You need to look at a level 10 log on the server > > (and set 'debug timestamp = no' for high debug logs). > > There's not enough information here to really offer > > sound advice. > > > > > > > > > > > > > > > > cheers, jerry > > = > > Alleviating the pain of Windows(tm) --- http://www.samba.org > > GnuPG Key- http://www.plainjoe.org/gpg_public.asc > > "I never saved anything for the swim back." Ethan Hawk in Gattaca > > -BEGIN PGP SIGNATURE- > > Version: GnuPG v1.2.5 (GNU/Linux) > > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > > > iD8DBQFCP/xZIR7qMdg1EfYRAsfVAJ9GqO/9UVgJpgTJmHdODPU+YO2x6gCg3bHl > > STOznlGLrgKRJuZGUFH0h/E= > > =Je16 > > -END PGP SIGNATURE- > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- Jochen Witte <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with domain membership
Attached are the logs with the according log-level. ---snip--- doing parameter workgroup = doing parameter netbios name = HAL 18 smb_io_chal 0018 data: c8 d8 ff bf 3b 5f 0e 08 20 net_io_neg_flags 0020 neg_flags: 41ff 0024 status: NT_STATUS_ACCESS_DENIED cli_net_auth2: Error NT_STATUS_ACCESS_DENIED cli_nt_setup_creds: auth2 challenge failed connect_to_domain_password_server: unable to setup the PDC credentials to machine . Ewrite_socket(19,45) ---snip--- Do I have a wrong secrets.tdb ? I deleted it completely and then joined the domain again (after removing the machine account in my ldap server). Am Dienstag, den 22.03.2005, 05:07 -0600 schrieb Gerald (Jerry) Carter: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Jochen Witte wrote: > | One update: when trying security=server > | on the fileserver side, I can log on > | to the fileserver. But i do not want > | security=server! Any hints out there? > > You need to look at a level 10 log on the server > (and set 'debug timestamp = no' for high debug logs). > There's not enough information here to really offer > sound advice. > > > > > > > > cheers, jerry > = > Alleviating the pain of Windows(tm) --- http://www.samba.org > GnuPG Key- http://www.plainjoe.org/gpg_public.asc > "I never saved anything for the swim back." Ethan Hawk in Gattaca > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.5 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFCP/xZIR7qMdg1EfYRAsfVAJ9GqO/9UVgJpgTJmHdODPU+YO2x6gCg3bHl > STOznlGLrgKRJuZGUFH0h/E= > =Je16 > -END PGP SIGNATURE- -- Jochen Witte <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with domain membership
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jochen Witte wrote: | One update: when trying security=server | on the fileserver side, I can log on | to the fileserver. But i do not want | security=server! Any hints out there? You need to look at a level 10 log on the server (and set 'debug timestamp = no' for high debug logs). There's not enough information here to really offer sound advice. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCP/xZIR7qMdg1EfYRAsfVAJ9GqO/9UVgJpgTJmHdODPU+YO2x6gCg3bHl STOznlGLrgKRJuZGUFH0h/E= =Je16 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with domain membership
One update: when trying security=server on the fileserver side, I can log on to the fileserver. But i do not want security=server! Any hints out there? Regards Jochen Am Samstag, den 19.03.2005, 13:11 +0100 schrieb Jochen Witte: > Hello, > > I have a Samba 3.0.11/LDAP-Backend PDC configured and I am able to join > all kinds of machines quite well. However my Samba 2.2.12 Linux > Fileserver is just able to join the domain: > > ---snip--- > > [EMAIL PROTECTED]/opt/samba> smbpasswd -j -r -U > Administrator > Password: > Joined domain > ---snip--- > > When I now try to access my Fileserver with a valid PDC account, I get: > > ---snip--- > [EMAIL PROTECTED]/opt/samba> /opt/samba/bin/smbclient -L //hal -U jwitte -W > -d4 > Serverzone is 0 > Initialising global parameters > params.c:pm_process() - Processing configuration file > "/opt/samba-2.2.12/lib/smb.conf" > Processing section "[global]" > doing parameter workgroup = > doing parameter netbios name = HAL > handle_netbios_name: set global_myname to: HAL > doing parameter server string = Samba 2.2.12 on HAL > doing parameter log file = /var/log/samba/%m-log.smbd > doing parameter lock dir = /var/lock/samba > doing parameter template homedir = /home/%U > doing parameter guest account = ftp > doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY > SO_SNDBUF=8192 SO_RCVBUF=8192 SO_KEEPALIVE > doing parameter kernel oplocks = yes > doing parameter log level = 4 > doing parameter debuglevel = 4 > doing parameter security = domain > doing parameter encrypt passwords = yes > doing parameter password server = * > doing parameter os level = 33 > doing parameter local master = no > doing parameter wins server = 10.128.0.24 > wins_srv_load_list(): Building WINS server list: > 10.128.0.24, > 1 WINS server listed. > doing parameter dns proxy = no > pm_process() returned Yes > added interface ip=10.128.0.23 bcast=10.128.0.255 nmask=255.255.255.0 > Client started (version 2.2.12). > resolve_lmhosts: Attempting lmhosts lookup for name hal<0x20> > resolve_hosts: Attempting host lookup for name hal<0x20> > Connecting to 10.128.0.23 at port 139 > session request ok > Password: > session setup failed: NT_STATUS_LOGON_FAILURE > > ---snip--- > > On the PDC side I get the following: > > ---snip--- > > [2005/03/19 13:08:22, 3] smbd/oplock.c:init_oplocks(1345) > open_oplock_ipc: opening loopback UDP socket. > [2005/03/19 13:08:22, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks > (303) > Linux kernel oplocks enabled > [2005/03/19 13:08:22, 3] smbd/oplock.c:init_oplocks(1376) > open_oplock ipc: pid = 349, global_oplock_port = 36763 > [2005/03/19 13:08:22, 4] lib/time.c:get_serverzone(122) > Serverzone is -3600 > [2005/03/19 13:08:22, 3] smbd/process.c:process_smb(1091) > Transaction 0 of length 168 > [2005/03/19 13:08:22, 3] smbd/process.c:switch_message(886) > switch message SMBnegprot (pid 349) conn 0x0 > [2005/03/19 13:08:22, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [PC NETWORK PROGRAM 1.0] > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [MICROSOFT NETWORKS 1.03] > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [MICROSOFT NETWORKS 3.0] > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [LANMAN1.0] > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [LM1.2X002] > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(461) > Requested protocol [Samba] > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_nt1(327) > not using SPNEGO > [2005/03/19 13:08:22, 3] smbd/negprot.c:reply_negprot(555) > Selected protocol NT LANMAN 1.0 > [2005/03/19 13:08:22, 3] smbd/process.c:process_smb(1091) > Transaction 1 of length 92 > [2005/03/19 13:08:22, 3] smbd/process.c:switch_message(886) > switch message SMBsesssetupX (pid 349) conn 0x0 > [2005/03/19 13:08:22, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2005/03/19 13:08:22, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) > wct=13 flg2=0xc001 > [2005/03/19 13:08:22, 3] smbd/sesssetup.c:reply_sesssetup_and_X(789) > Domain=[] NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[] > [2005/03/19 13:08:22, 3] smbd/sesssetup.c:reply_sesssetup_and_X(804) > sesssetupX:[EMAIL PROTECTED] > [2005/03/19 13:08:22, 3] smbd/sesssetup.c:check_guest_password(116) > Got anonymous request > [2005/03/19 13:08:22, 3] auth/auth.c:check_ntlm_password(219) > check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] > with the new password interface > [2005/03/19 13:08:22, 3] auth/auth.c:check_ntlm_password(222) > check_ntlm_password: mapped user is: [EMAIL PROTECTED] > [2005/03/19 13:08:22, 3] auth/auth.c:check_ntlm_password(268) > check_ntlm_password: guest authentication for user [] succeeded >