Jason Gerfen <jason.gerfen <at> scl.utah.edu> writes: > > Have you tried to look at the user account information using ldapsearch? > Just to ensure the POSIX account data is present in AD. > > If you are attempting to authenticate as a domain user try the username > as DOMAIN\Username. >
Hi Jason, Thanks for the quick reply. I haven't tried using ldapsearch, but I have used the lsldap command to list the attributes for test01 (which includes the R2 rfc2307 schema): aixplay1-root /opt/pware/bin > lsldap -a passwd test01 dn: CN=test01,OU=MIS,OU=Temecula-CA,OU=People,DC=test,DC=local objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: test01 givenName: test01 distinguishedName: CN=test01,OU=MIS,OU=Temecula-CA,OU=People,DC=test,DC=local instanceType: 4 whenCreated: 20080807000211.0Z whenChanged: 20080808170937.0Z displayName: test01 uSNCreated: 20660 uSNChanged: 32974 name: test01 objectGUID: |*[_B Ud'' VQ userAccountControl: 512 badPwdCount: 0 codePage: 0 countryCode: 0 badPasswordTime: 128626909010102324 lastLogoff: 0 lastLogon: 128629403833937446 pwdLastSet: 128626889779722918 primaryGroupID: 513 objectSid: accountExpires: 9223372036854775807 logonCount: 28 sAMAccountName: test01 sAMAccountType: 805306368 userPrincipalName: [EMAIL PROTECTED] objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=test,DC=local dSCorePropagationData: 20080807001936.0Z dSCorePropagationData: 20080807001936.0Z dSCorePropagationData: 20080807001936.0Z dSCorePropagationData: 20080807001150.0Z dSCorePropagationData: 16010108151056.0Z uid: test01 msSFU30Name: test01 msSFU30NisDomain: test uidNumber: 50002 gidNumber: 1 unixHomeDirectory: /home/test01 loginShell: /usr/bin/ksh And then regarding using the domain in the username (such as DOMAIN\user) -- I have tried that on the Windows side, and that's what's failing. However, if you're referring the wbinfo tests, it's failing with the same NT_STATUS_NO_SUCH_USER error: aixplay1-root /opt/pware/bin > wbinfo -a TEST\test01%password plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc0000064) error messsage was: No such user Could not authenticate user TESTtest01%password with plaintext password challenge/response password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc0000064) error messsage was: No such user Could not authenticate user TESTtest01 with challenge/response I'm not sure why it's removing the '\' in the error message between the domain and the username, but I also tried it with two backslashes, and a forward slash, and they all failed. What am I missing here? Thanks again for your help, Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
