On Tue, 9 Dec 2003 14:18 , McKeever Chris [EMAIL PROTECTED]> sent: >samba 2.2.8a/LDAP backend >Red Hat 7.3 >Windows 2000 server, connected to the samba controlled domain >Sql Server 7.0 > > >It seems that my sql server does not want to run scheduled jobs as a domain user, I >am needing to do this for a network share that I am >saving to, otherwise I would just run as SA > >Error from sql server: >The job failed. Unable to determine if the owner (PRUPREF.COM\Administrator) of job >Transaction Log Backup Job for DB Maintenance >Plan 'Morning Database Backup' has server access (reason: Could not obtain >information about Windows NT >group/user 'PRUPREF.COM\Administrator'. [SQLSTATE 42000] (Error 8198)). > >I have turned the samba debuglevel up to 10, and I can see where it fails, but I am >not sure why. Administrator is a proper username, and it >logs into the domain no problem. It is almost like the NT password is not correct, >this happens for any account I use, same error. >I have marked the failure location below > >I am able to log into the machine using the domain accoutn and password no problem > >Any ideas? Thanks >Chris > > >SAMBA LOG: >[2003/12/09 14:02:51, 6] param/loadparm.c:lp_file_list_changed(2302) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Dec 9 13:52:49 > 2003 > >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122) > ldap_open_connection: starting... >[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148) > Initializing connection to ldap.prupref.com on port 389 >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186) > StartTLS issued: using a TLS connection >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217) > ldap_open_connection: connection opened >[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315) > ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com" >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331) > ldap_connect_system: succesful connection to the LDAP server >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343) > ldap_search_one_user: searching > for:[(&(uid=administrator)(objectclass=sambaAccount))] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [uid] = [administrator] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576) > Entry found for user: administrator >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdLastSet] = [1068626880] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [logonTime] = [0] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [logoffTime] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [kickoffTime] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdCanChange] = [0] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdMustChange] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [cn] = [administrator administrator] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [homeDrive] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626) > homeDrive fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [smbHome] = [] >[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183) > Home server: prupref-ldap >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(635) > smbHome fell back to \\prupref-ldap\administrator >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [scriptPath] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(644) > scriptPath fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [profilePath] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(653) > profilePath fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [description] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [userWorkstations] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [rid] = [98478] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [primaryGroupID] = [3005] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [lmPassword] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [ntPassword] = ] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [acctFlags] = [[UX ]] >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(475) > > >Here is where it starts to flake out: > > smb_password_ok: Checking SMB password for user administrator >[2003/12/09 14:02:51, 5] smbd/password.c:smb_password_ok(489) > smb_password_ok: challenge received >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(499) > smb_password_ok: Checking NT MD4 password >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(504) > smb_password_ok: NT MD4 password check failed >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(518) > smb_password_ok: Checking LM password >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(523) > smb_password_ok: LM password check failed >[2003/12/09 14:02:51, 2] smbd/password.c:pass_check_smb(575) > pass_check_smb failed - invalid password for user [administrator] >[2003/12/09 14:02:51, 2] smbd/reply.c:reply_sesssetup_and_X(997) > NT Password did not match for user 'administrator'! >[2003/12/09 14:02:51, 2] smbd/reply.c:reply_sesssetup_and_X(1007) > Defaulting to Lanman password for administrator >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:ldap_open_connection(122) > ldap_open_connection: starting... >[2003/12/09 14:02:51, 10] passdb/pdb_ldap.c:ldap_open_connection(148) > Initializing connection to ldap.prupref.com on port 389 >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(186) > StartTLS issued: using a TLS connection >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_open_connection(217) > ldap_open_connection: connection opened >[2003/12/09 14:02:51, 0] passdb/pdb_ldap.c:ldap_connect_system(315) > ldap_connect_system: Binding to ldap server as "cn=root,dc=prupref,dc=com" >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_connect_system(331) > ldap_connect_system: succesful connection to the LDAP server >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:ldap_search_one_user(343) > ldap_search_one_user: searching > for:[(&(uid=administrator)(objectclass=sambaAccount))] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [uid] = [administrator] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(576) > Entry found for user: administrator >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdLastSet] = [1068626880] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [logonTime] = [0] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [logoffTime] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [kickoffTime] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdCanChange] = [0] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [pwdMustChange] = [2147483647] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [cn] = [administrator administrator] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [homeDrive] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(626) > homeDrive fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [smbHome] = [] >[2003/12/09 14:02:51, 4] lib/substitute.c:automount_server(183) > Home server: prupref-ldap >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(635) > smbHome fell back to \\prupref-ldap\administrator >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [scriptPath] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(644) > scriptPath fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [profilePath] = [] >[2003/12/09 14:02:51, 5] passdb/pdb_ldap.c:init_sam_from_ldap(653) > profilePath fell back to >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [description] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(435) > get_single_attribute: [userWorkstations] = [] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [rid] = [98478] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [primaryGroupID] = [3005] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [lmPassword] = [949591E535F780E34234234234] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [ntPassword] = [9951F4C2FF5234234234234234234] >[2003/12/09 14:02:51, 2] passdb/pdb_ldap.c:get_single_attribute(441) > get_single_attribute: [acctFlags] = [[UX ]] > > >Second Pass through it looks like, same results > >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(475) > smb_password_ok: Checking SMB password for user administrator >[2003/12/09 14:02:51, 5] smbd/password.c:smb_password_ok(489) > smb_password_ok: challenge received >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(499) > smb_password_ok: Checking NT MD4 password >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(504) > smb_password_ok: NT MD4 password check failed >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(518) > smb_password_ok: Checking LM password >[2003/12/09 14:02:51, 4] smbd/password.c:smb_password_ok(523) > smb_password_ok: LM password check failed >[2003/12/09 14:02:51, 2] smbd/password.c:pass_check_smb(575) > pass_check_smb failed - invalid password for user [administrator] >[2003/12/09 14:02:51, 1] smbd/reply.c:reply_sesssetup_and_X(1023) > Rejecting user 'administrator': authentication failed >[2003/12/09 14:02:51, 3] smbd/error.c:error_packet(109) > >Here is the failure message back to NT > > error packet at smbd/reply.c(1025) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE >[2003/12/09 14:02:51, 5] lib/util.c:show_msg(268) > >
Logs under a normal login show that the NT password is infact good: [2003/12/09 22:51:36, 4] smbd/password.c:smb_password_ok(475) smb_password_ok: Checking SMB password for user administrator [2003/12/09 22:51:36, 5] smbd/password.c:smb_password_ok(489) smb_password_ok: challenge received [2003/12/09 22:51:36, 4] smbd/password.c:smb_password_ok(499) smb_password_ok: Checking NT MD4 password [2003/12/09 22:51:36, 4] smbd/password.c:smb_password_ok(501) smb_password_ok: NT MD4 password check succeeded Any ideas??? thanks > > >------------------------------------------- >Chris McKeever >If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com >http://www.prupref.com > > > > >---- Prudential Preferred Properties www.prupref.com > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > ---- Prudential Preferred Properties www.prupref.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
