Prev: [Samba] Problem with file ownerships on domain member server
Next: [Samba] AD Computer Account Becoming Disabled on Re-Join
From: Johan.Bergstrom on 2 Feb 2010 05:40
It seems I have the same problem that was discussed briefly earlier on this list in a mail from Kris Kaido. I didn't see any solution, so I'm wondering if it's considered a bug that needs to be fixed or simply a configuration error.
To be more specifc;
I have joined a Win2008R2 Forest/Domain AD with my server running RHEL5.4 - samba-3.0.33-3.14.el5 without problems.
I can view users and groups in the domain with wbinfo -u / wbinfo -g
Getent passwd also works fine, aswell as 'su - <domainuser>'
But I cannot authenticate users with password, ie login.
wbinfo -K domainuser%password works fine.
wbinfo -a domainuser%password fails on both plaintext and challenge/response password. See below for output.
# wbinfo -K domainuser%password
plaintext kerberos password authentication for [domainuser%password] succeeded (requesting cctype: FILE)
credentials were put in: FILE:/tmp/krb5cc_0
# wbinfo -a domainuser%password
plaintext password authentication failed
error code was NT code 0x00000721 (0x721)
error messsage was: NT code 0x00000721
Could not authenticate user domainuser%password with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_PIPE_DISCONNECTED (0xc00000b0)
error messsage was: Named pipe dicconnected
Could not authenticate user domainuser with challenge/response
To unsubscribe from this list go to the following URL and read the