Description: In windows workstations (xp or windows 7) joined to samba domain controller cannot login to workstation shares using local user accounts. Steps to Reproduce: - We have two configured ubuntu servers as samba active directory controllers (PDC and BDC) all by default. - Joined two windows 7 machines named ws-test1 and ws-test2 to the domain "DOMAIN.LAN". - If I login as local administrator (not domain administrator) to ws-test1, then connect to "windows share" from ws-test1 to \\ws-test2\c$ (which has already the same local administrator account with the same password) it tells STATUS_LOGON_FAILED. Actual Results: ws-test1 starts smb2 session with NTLMSSP_AUTH with ws-test2, then ws-test2 starts DCERPC session with samba domain controller, and after response ws-test2 sends me STATUS_LOGON_FAILURE. Expected Results: It should log me in successfully, like in the same setup with WINDOWS domain controllers. Build Date & Hardware: Dec 8 19:35:06 UTC 2014, Ubuntu 14.04.1 LTS, VMWARE Additional Information: I searched a little bit and discovered that samba is mapping every context to domain name: before: WS-TEST1\administrator now: DOMAIN\administrator before: RANDOM_CONTEXT\administrator now: DOMAIN\administrator And it wants only domain administrator password. So EVERYTHING_IN_THIS_CONTEXT\administrator with domain password will login successefully. Log: [2015/01/14 14:36:08.854338, 3] ../libcli/auth/schannel_state_tdb.c:112(schannel_store_session_key_tdb)schannel_store_session_key_tdb: stored schannel info with key SECRETS/SCHANNEL/WS-TEST2 [2015/01/14 14:36:08.854422, 3] ../source4/auth/ntlm/auth.c:270(auth_check_password_send)auth_check_password_send: Checking password for unmapped user [WS-TEST1]\[administrator]@[WS-TEST1] [2015/01/14 14:36:08.854490, 5] ../source4/auth/ntlm/auth_util.c:57(map_user_info_cracknames)map_user_info_cracknames: Mapping user [WS-TEST1]\[administrator] from workstation [WS-TEST1]auth_check_password_send: mapped user is: [DOMAIN]\[administrator]@[WS-TEST1] [2015/01/14 14:36:08.854990, 5] ../source4/auth/ntlm/auth.c:66(auth_get_challenge)auth_get_challenge: returning previous challenge by module netr_LogonSamLogonWithFlags (normal) [2015/01/14 14:36:08.855058, 5] ../lib/util/util.c:556(dump_data)[0000] 9c 32 26 6A B1 E7 87 CF .3%n..G. [2015/01/14 14:36:08.855589, 4] ../libcli/auth/ntlm_check.c:405(ntlm_password_check)ntlm_password_check: Checking NT MD4 password [2015/01/14 14:36:08.855716, 3] ../libcli/auth/ntlm_check.c:419(ntlm_password_check)ntlm_password_check: NT MD4 password check failed for user administrator [2015/01/14 14:36:08.855790, 2] ../source4/auth/ntlm/auth.c:420(auth_check_password_recv)auth_check_password_recv: sam_ignoredomain authentication for user [DOMAIN\administrator] FAILED with error NT_STATUS_WRONG_PASSWORD
Not test infrastructure.