RE: User Authentication Fails on Server 2003 SP1
- From: Irv <Irv@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 22 Mar 2006 07:40:30 -0800
Oops!!!!! You need to enable this policy. You want to be able to send
unencrypted passwords 3rd party SMB servers.
You will then need to change the .conf file to to require encrypted
passwords I think. Try it both ways!
"Jeff Bradish" wrote:
Checked with Domain Admins and they replied:.
"It is disabled and it is a group policy that applies to all Domain
controllers"
So it does not seem to be the issue.
As an FYI I am including my smb.conf settings from Samba 2.2.8 if it might
help:
[global]
workgroup = AMER
netbios name = USAHSSMC001
netbios aliases = USAHSSMC001
server string = EDS GSCO
security = DOMAIN
encrypt passwords = Yes
password server =
usahd100,uspld100,usahd101,usahd102,usahd103,usahd104
username map = /etc/sfw/username.map
log level = 2
preferred master = No
local master = No
domain master = No
dns proxy = No
create mask = 0664
I am also using the same smb.conf settings for Samba 3.0.21c.
--
Jeff Bradish
"Irv" wrote:
I think W2003 SP1 required the Domain Controllers to default to having all
communication encrypted which may be giving Samba SMB issues. You could try
modifying your domain controller policy to disable the need to send encrypted
passwords to 3rd party SMB
Computer Config\Windows Settings\Security Settings\Local Policies\Security
Options
Microsoft Network Client: Send unencrypted password to 3rd party SMB servers
Disabled
Not sure if you need to change anything on the Samba end
HTH
Irv
"Jeff Bradish" wrote:
I have tried upgrading Samba to 3.0.21c and still seeing problems with
authentication. In fact, I cannot get Samba 3.0.21c to successfully join the
domain.
I have 2 domain controllers in the domain that have not been upgraded to
2003 SP1. When I point the Samba password server to one of these systems,
authentication works fine, but not when pointed to a domain controller
sitting at 2003 SP1.
--
Jeff Bradish
"Irv" wrote:
I think you need to upgrade Sanmba to version 3.0.14a.
Irv
"Jeff Bradish" wrote:
I have been using Samba 2.2.8 on a Solaris 9 system to share out a Unix file
system to Windows XP users for the past year. Samba was configured to
authenticate users to a Server 2003 domain. Recently the domain controllers
were upgraded to Windows Server 2003 SP1 and authentication to the domain
started to fail and I cannot get the authentication process to function.
Samba logs are showing:
[2006/03/06 10:17:25, 3] smbd/reply.c:(880) Domain=[AMER] NativeOS=[Windows
2002 Service Pack 1 2600] NativeLanMan=[Windows 2002 5.1]
[2006/03/06 10:17:26, 0] rpc_client/cli_pipe.c:(1202)
cli_nt_session_open: cli_nt_create failed on pipe \NETLOGON to machine
USAHD100. Error was NT_STATUS_ACCESS_DENIED
[2006/03/06 10:17:26, 0] smbd/password.c:(1358)
connect_to_domain_password_server: unable to open the domain client session
to machine USAHD100. Error was : NT_STATUS_ACCESS_DENIED
I have been struggling to correct this issue for the past 2 weeks with no
success.
If anyone has any ideas on how to correct this situation, I would really
appreciate the help. Thanks.
--
Jeff Bradish
- References:
- RE: User Authentication Fails on Server 2003 SP1
- From: Jeff Bradish
- RE: User Authentication Fails on Server 2003 SP1
- Prev by Date: RE: User Authentication Fails on Server 2003 SP1
- Next by Date: logon server
- Previous by thread: RE: User Authentication Fails on Server 2003 SP1
- Next by thread: logon server
- Index(es):
Relevant Pages
|
