[Bug 479955] [NEW] winbind authentication fails after karmic upgrade

Tue, 10 Nov 2009 04:15:47 -0800 

Public bug reported:

Binary package hint: samba

One of our users upgraded their Ubuntu workstation to 9.10 and they can
no longer authenticate via pam_winbind with the domain controller (Samba
3.3.7).

# apt-cache policy winbind
winbind:
  Installed: 2:3.4.0-3ubuntu5
  Candidate: 2:3.4.0-3ubuntu5
  Version table:
 *** 2:3.4.0-3ubuntu5 0
        500 http://gb.archive.ubuntu.com karmic/main Packages
        100 /var/lib/dpkg/status

After the upgrade, the following messages appear in the winbind log
every five minutes:

[2009/11/10 11:45:01,  0] libsmb/ntlmssp_sign.c:208(ntlmssp_check_packet)
  NTLMSSP NTLM2 packet check failed due to invalid signature!
[2009/11/10 11:45:01,  0] rpc_client/cli_pipe.c:620(cli_pipe_verify_ntlmssp)
  cli_pipe_verify_ntlmssp: failed to unseal packet from host SKIPPY. Error was 
NT_STATUS_ACCESS_DENIED.

Attempting to authenticate results in the following:

# wbinfo -a chrisa
Enter chrisa's password:
plaintext password authentication failed
Could not authenticate user chrisa with plaintext password
Enter chrisa's password:
challenge/response password authentication failed
error code was NT code 0x1c010002 (0x1c010002)
error messsage was: NT code 0x1c010002
Could not authenticate user chrisa with challenge/response

And this message appears in the winbind log:

[2009/11/10 11:44:58,  1] 
rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR 
received from host SKIPPY!

This appears to match the behaviour mentioned in the upstream bug #6646 which 
was fixed in Samba 3.4.1:
  https://bugzilla.samba.org/show_bug.cgi?id=6646

Patch looks quite trivial.  Would it be possible to backport it?

Thanks,
Chris

** Affects: samba (Ubuntu)
     Importance: Undecided
         Status: New

-- 
winbind authentication fails after karmic upgrade
https://bugs.launchpad.net/bugs/479955
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to