Just to be sure, I got it right: here is, what I do to get into the domain and the dump the avaiable services:
---snip--- [EMAIL PROTECTED]> /etc/init.d/samba stop Shutting down SAMBA nmbd : done Shutting down SAMBA smbd : done [EMAIL PROTECTED]> rm /opt/samba/private/s* [EMAIL PROTECTED]> smbpasswd -j <DOMAINNAME> -r <PDC> -U Administrator Password: Joined domain <DOMAINNAME>. [EMAIL PROTECTED]> /etc/init.d/samba start Starting SAMBA nmbd : done Starting SAMBA smbd : done [EMAIL PROTECTED]> smbclient -L //hal -U jwitte -W <DOMAIN> added interface ip=10.128.0.23 bcast=10.128.0.255 nmask=255.255.255.0 Password: <RIGHT PASSWORD HERE> session setup failed: NT_STATUS_LOGON_FAILURE [EMAIL PROTECTED]> smbpasswd -X hal # == localhost SID for domain hal is: S-1-5-21-1600896514-926734994-3729081620 [EMAIL PROTECTED]> smbpasswd -X Mundwerk SID for domain Mundwerk is: S-1-5-21-1790986081-3911417905-1778689532 ---snip--- If anybody has an idea, I would greatly appreciate it, since this is a real blocker.... Regards Jochen Am Mittwoch, den 23.03.2005, 11:35 +0100 schrieb Jochen Witte: > Hello - can anybody explain, what this means in detail? > > ---snip--- > 000010 smb_io_rpc_hdr_resp rpc_hdr_resp > 0010 alloc_hint: 00000010 > 0014 context_id: 0000 > 0016 cancel_ct : 00 > 0017 reserved : 00 > rpc_api_pipe: len left: 0 smbtrans read: 40 > rpc_api_pipe: fragment first and last both set > 000018 net_io_r_auth_2 > 000018 smb_io_chal > 0018 data: c8 d8 ff bf 3b 5f 0e 08 > 000020 net_io_neg_flags > 0020 neg_flags: 400001ff > 0024 status: NT_STATUS_ACCESS_DENIED > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > cli_nt_setup_creds: auth2 challenge failed > connect_to_domain_password_server: unable to setup the PDC credentials > to machine PDC-SERVER. Error was : NT_STATUS_OK. > write_socket(19,45) > write_socket(19,45) wrote 45 > ---snip--- > > > > > > Am Dienstag, den 22.03.2005, 22:18 +0100 schrieb Jochen Witte: > > OKOK no attachements here. On the PDC side I get: > > > > ---snip--- > > > > account_policy_get: password history:0 > > pdb_set_user_sid: setting user sid > > S-1-5-21-1790986081-3911417905-1778689532-132098 > > pdb_set_user_sid_from_rid: > > setting user sid S-1-5-21-1790986081-3911417905-1778689532-132098 from > > rid 132098 > > pdb_set_group_sid: setting group sid > > S-1-5-21-1790986081-3911417905-1778689532-61001 > > pdb_set_group_sid_from_rid: > > setting group sid S-1-5-21-1790986081-3911417905-1778689532-61001 from > > rid 61001 > > pop_sec_ctx (99, 99) - sec_ctx_stack_ndx = 0 > > [000] 4A 8C 6C 14 69 D1 72 B8 46 71 33 55 75 F8 01 C3 J.l.i.r. > > Fq3Uu... > > cred_session_key > > clnt_chal: E166CA9056B37776 > > srv_chal : 5EC8E922D299E1CE > > clnt+srv : 3F2FB4B3284D5945 > > sess_key : 629F7453EFF68A4B > > cred_create > > sess_key : 629F7453EFF68A4B > > stor_cred: E166CA9056B37776 > > timestamp: 0 > > timecred : E166CA9056B37776 > > calc_cred: FE38AA70FD16006A > > cred_assert > > challenge : 4C87E9631DF688E5 > > calculated: FE38AA70FD16006A > > credentials check wrong > > 000000 net_io_r_auth_2 > > 000000 smb_io_chal > > 0000 data: c8 d8 ff bf 3b 5f 0e 08 > > 000008 net_io_neg_flags > > 0008 neg_flags: 400001ff > > 000c status: NT_STATUS_ACCESS_DENIED > > api_rpcTNP: called NETLOGON successfully > > free_pipe_context: destroying talloc pool of size 78 > > write_to_pipe: data_used = 140 > > read_from_pipe: 712c name: NETLOGON len: 156 > > read_from_pipe: NETLOGON: fault_state = 0 : data_sent_length = 0, > > prs_offset(&p->out_data.rdata) = 16. > > ---snip--- > > > > Am Dienstag, den 22.03.2005, 22:07 +0100 schrieb Jochen Witte: > > > Attached are the logs with the according log-level. > > > > > > ---snip--- > > > doing parameter workgroup = <DOMAINNAME> > > > doing parameter netbios name = HAL > > > 000018 smb_io_chal > > > 0018 data: c8 d8 ff bf 3b 5f 0e 08 > > > 000020 net_io_neg_flags > > > 0020 neg_flags: 400001ff > > > 0024 status: NT_STATUS_ACCESS_DENIED > > > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > > > cli_nt_setup_creds: auth2 challenge failed > > > connect_to_domain_password_server: unable to setup the PDC credentials > > > to machine <PDCHOST>. Ewrite_socket(19,45) > > > ---snip--- > > > > > > Do I have a wrong secrets.tdb ? I deleted it completely and then joined > > > the domain again (after removing the machine account in my ldap server). > > > > > > Am Dienstag, den 22.03.2005, 05:07 -0600 schrieb Gerald (Jerry) Carter: > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > Hash: SHA1 > > > > > > > > Jochen Witte wrote: > > > > | One update: when trying security=server > > > > | on the fileserver side, I can log on > > > > | to the fileserver. But i do not want > > > > | security=server! Any hints out there? > > > > > > > > You need to look at a level 10 log on the server > > > > (and set 'debug timestamp = no' for high debug logs). > > > > There's not enough information here to really offer > > > > sound advice. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > cheers, jerry > > > > ===================================================================== > > > > Alleviating the pain of Windows(tm) ------- http://www.samba.org > > > > GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc > > > > "I never saved anything for the swim back." Ethan Hawk in Gattaca > > > > -----BEGIN PGP SIGNATURE----- > > > > Version: GnuPG v1.2.5 (GNU/Linux) > > > > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > > > > > > > iD8DBQFCP/xZIR7qMdg1EfYRAsfVAJ9GqO/9UVgJpgTJmHdODPU+YO2x6gCg3bHl > > > > STOznlGLrgKRJuZGUFH0h/E= > > > > =Je16 > > > > -----END PGP SIGNATURE----- > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: https://lists.samba.org/mailman/listinfo/samba > > -- > > Jochen Witte <[EMAIL PROTECTED]> > > > -- > Jochen Witte <[EMAIL PROTECTED]> > > -- Jochen Witte <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
