Hi all,
I'm trying to use samba inside a jail.
The jail is using a bridge epair connection so I don't think my problem is broadcast related.
My problem is that when I try to access a private share, I get NT_STATUS_LOGON_FAILURE, and the server's log shows NT_STATUS_NO_SUCH_USER.
Both the server and the test client are 8.2-STABLE (amd64), using samba34-3.4.9_2 compiled from ports.
Here are some information about the setup:
Network configuration:
Adding the user to samba's database:
Checking that the user exists as a unix user and a samba user:
Samba's configuration: one public share and a private one.
On a separate computer, listing the shares:
Accessing the public share:
Accessing the private share:
In samba's log:
Does anyone knows what I'm doing wrong?
Thanks for any answer.
I'm trying to use samba inside a jail.
The jail is using a bridge epair connection so I don't think my problem is broadcast related.
My problem is that when I try to access a private share, I get NT_STATUS_LOGON_FAILURE, and the server's log shows NT_STATUS_NO_SUCH_USER.
Both the server and the test client are 8.2-STABLE (amd64), using samba34-3.4.9_2 compiled from ports.
Here are some information about the setup:
Network configuration:
Code:
# ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:60:ad:00:0e:0b
inet6 fe80::60:adff:fe00:e0b%epair0b prefixlen 64 scopeid 0x2
inet 192.168.3.165 netmask 0xffffff00 broadcast 192.168.3.255
nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
Adding the user to samba's database:
Code:
# pdbedit -a -u testuser
new password:
retype new password:
tdbsam_open: Converting version 0.0 database to version 4.0.
tdbsam_convert_backup: updated /usr/local/etc/samba34/passdb.tdb file.
account_policy_get: tdb_fetch_uint32 failed for field 1 (min password length), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 2 (password history), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 3 (user must logon to change password), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 4 (maximum password age), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 5 (minimum password age), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 6 (lockout duration), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 7 (reset count minutes), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 8 (bad lockout attempt), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 9 (disconnect time), returning 0
account_policy_get: tdb_fetch_uint32 failed for field 10 (refuse machine password change), returning 0
Unix username: testuser
NT username:
Account Flags: [U ]
User SID: S-1-5-21-726842876-3509445548-190429279-1000
Primary Group SID: S-1-5-21-726842876-3509445548-190429279-513
Full Name: Test User
Home Directory: \\testsambahost\testuser
HomeDir Drive:
Logon Script:
Profile Path: \\testsambahost\testuser\profile
Domain: TESTSAMBAHOST
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Sun, 04 Dec 219250468 16:30:07 CET
Kickoff time: Sun, 04 Dec 219250468 16:30:07 CET
Password last set: Fri, 26 Aug 2011 11:16:40 CEST
Password can change: Fri, 26 Aug 2011 11:16:40 CEST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Checking that the user exists as a unix user and a samba user:
Code:
# pw usershow testuser
testuser:*:1001:1001::0:0:Test User:/home/testuser:/usr/sbin/nologin
# pdbedit -L
testuser:1001:Test User
Samba's configuration: one public share and a private one.
Code:
# testparm
Load smb config files from /usr/local/etc/smb.conf
max_open_files: sysctl_max (11095) below minimum Windows limit (16384)
rlimit_max: rlimit_max (11095) below minimum Windows limit (16384)
Processing section "[public]"
Processing section "[testshare]"
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = TESTGROUP
netbios name = TESTSAMBAHOST
interfaces = 192.168.3.165/24
log level = 3
hosts allow = 192.168.3., 127.
[public]
path = /usr/public
read only = No
guest ok = Yes
[testshare]
path = /usr/testshare
valid users = testuser
read only = No
On a separate computer, listing the shares:
Code:
> smbclient -L 192.168.3.165
Enter whatever's password:
Anonymous login successful
Domain=[TESTGROUP] OS=[Unix] Server=[Samba 3.5.9]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba 3.5.9)
testshare Disk
public Disk
Anonymous login successful
Domain=[TESTGROUP] OS=[Unix] Server=[Samba 3.5.9]
Server Comment
--------- -------
Workgroup Master
--------- -------
Accessing the public share:
Code:
> smbclient //192.168.3.165/public
Enter whatever's password:
Anonymous login successful
Domain=[TESTGROUP] OS=[Unix] Server=[Samba 3.5.9]
smb: \> ls
. D 0 Wed Aug 24 15:00:45 2011
.. D 0 Fri Aug 26 11:13:33 2011
poulet 0 Wed Aug 24 15:00:44 2011
63454 blocks of size 131072. 25461 blocks available
smb: \>
Accessing the private share:
Code:
> smbclient //192.168.3.165/testshare -U testuser
Enter testuser's password:
session setup failed: NT_STATUS_LOGON_FAILURE
In samba's log:
Code:
[2011/08/26 09:34:37.655432, 3] smbd/sesssetup.c:1254(reply_sesssetup_and_X_spnego)
NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2011/08/26 09:34:37.655470, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth)
Got user=[testuser] domain=[TESTWORKGROUP] workstation=[TESTSAMBAHOST] len1=24 len2=24
[2011/08/26 09:34:37.655524, 3] auth/auth.c:216(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [TESTWORKGROUP]\[testuser]@[TESTSAMBAHOST] with the new password interface
[2011/08/26 09:34:37.655550, 3] auth/auth.c:219(check_ntlm_password)
check_ntlm_password: mapped user is: [TESTSAMBAHOST]\[testuser]@[TESTSAMBAHOST]
[2011/08/26 09:34:37.655580, 2] auth/auth.c:314(check_ntlm_password)
check_ntlm_password: Authentication for user [testuser] -> [testuser] FAILED with error NT_STATUS_NO_SUCH_USER
[2011/08/26 09:34:37.655605, 3] smbd/error.c:80(error_packet_set)
error packet at smbd/sesssetup.c(111) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
[2011/08/26 09:34:37.655851, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/08/26 09:34:37.655880, 3] smbd/connection.c:31(yield_connection)
Yielding connection to
[2011/08/26 09:34:37.655979, 3] smbd/server.c:923(exit_server_common)
Server exit (failed to receive smb request)
Does anyone knows what I'm doing wrong?
Thanks for any answer.