Hi, I suspect, that you're AD connection fails (by whatever reason).
If you are using the IP address the client falls back to NTLM authentication.
The reason is, that the client requests a ticket at the AD-Server for e.g. 10.1.2.3. This machine is not known on the AD-Server and replies with a "I don't have a ticket for this machine" to the client.
Then the client tries to use NTLM authentication with the Samba server and might succeed. If the client receives a ticket - and the ticket verification fails, the client says "access denied".
~ Martin Yujie Liang wrote:
Hi, folks I installed samba 3.0.21b-2 with winbind on a Fedora 5 server. I edited 5 files (show below) and join Windows AD by "net join ADS" command. It worked in the first month. I could access to folders with appropriate permission. Then I found I couldn't access to the server by keying-in "\\smbservername". A pop-up Windows box say "Incorrect password or unknown user". I tried domain\domain-username, domain-username, userNo-in-getent-passwd but none of them worked. However, if I use its IP address such as \\10.10.10.2, it worked as normal. I check DNS record. They all exist in the DNS server. I even key in the DNS record in all hosts file. But no difference. I also noticed one thing. When I use Windows XP I check the security tag of the folder shared on this FC5. I can see AD username, AD group name and everyone which stand for user, group and others. All check-boxed in front of these username, groupname and everyone are un-checked even if I can access the folders. What did I do wrong? Shall I edit /etc/pam.d/login file as well? How?
[...] -- Martin Zielinski [EMAIL PROTECTED] Software Development SEH Computertechnik GmbH www.seh.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
