Are the workstations XP, Vista or Win 7?
What happens if you log in to the non-domain workstation using a
username and password that match a valid domain name and password
If you run "testparm -v" on the samba server do you have both ports 139
and 445 open?
Yesterday I was trouble shooting a remote access issue as well.
Windows XP machines in the domain on the LAN have no problem with samba
shares.
A Window 7 user over VPN could only access shares on some samba servers
but not others. I tested over VPN with an XP workstation, I had
trouble with one server until I reenabled 445 by DISABLING the following
line in smb.conf
smb ports = 139
Fixed it for XP, not for Win 7. The logs on the server
(/var/log/samba/the-win7-machine) showed that the user failed with
[2010/09/30 05:01:10, 2] auth/auth.c:320(check_ntlm_password)
check_ntlm_password: Authentication for user [jsmith] -> [jsmith]
FAILED with error NT_STATUS_WRONG_PASSWORD
On 09/30/2010 01:52 PM, Lorenzo Monti wrote:
Hello everybody --
can someone please help with this:
win 2008 AD domain controller
samba 3.2.5 on debian lenny configured as domain member
workstations joined to domain can access samba shares.
workstations outside domain cannot access shares.
anytime one tries to connect, popup shows asking for credentials. no
combination of domain\user + password, u...@domain + password or
whatever will be accepted.
I have a similar situation in another site with a 2003 AD domain wich
works flawlessly, configuration files are the same so I guess it can
be a samba<->2008 AD compatibility issue?
config file follows:
-----------------------------------
[global]
unix charset = UTF8
display charset = UTF8
netbios name = DEBIAN
workgroup = ##########
realm = ##########.LOCAL
encrypt passwords = true
server string = Samba Server %v
security = ads
log level = 1
syslog = 0
log file = /var/log/samba/%m.log
max log size = 500
ldap ssl = no
winbind separator = +
winbind uid = 100000-200000
winbind gid = 100000-200000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = no
idmap backend = idmap_rid:##########=100000-200000
allow trusted domains = no
passdb backend = tdbsam
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
passdb expand explicit = no
os level = 40
local master = no
dns proxy = no
template shell = /usr/sbin/nologin
template homedir = /dev/null
wins support = no
disable netbios = no
# wins server = 192.168.1.253
map hidden = yes
# hide files = /desktop.ini/Thumbs.db/
nt acl support = no
dos filemode = yes
create mask = 0745
directory mask = 0755
kernel change notify = yes
kernel oplocks = yes
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=8192
SO_RCVBUF=8192
panic action = /usr/share/samba/panic-action %d
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
