The Samba-Bugzilla – Bug 3366
Lots of rejecting auth request messages
Last modified: 2007-03-05 10:25:12 UTC
[2006/01/01 17:12:40, 0] libsmb/credentials.c:creds_server_check(159)
creds_server_check: credentials check failed.
[2006/01/01 17:12:40, 0] rpc_server/srv_netlog_nt.c:_net_sam_logon(667)
_net_sam_logon: creds_server_step failed. Rejecting auth request from client WORKSTATION machine account WORKSTATION$
More details please. How is this reproduced, under what circumstances, which clients, how often - intermittent or constant. This is a very abbreviated bug report. Can't do much with this without a lot more data.
The bug report is this short because of the generality of the messages.
Produced obviously by every client type (W2K, XP, W2003) on every auth process.
F.e. the Exchange server gives this 2 lines in the logs for every Outlook client connecting to.
Nothing to find in the client events. At the moment I can see no lack of functionality.
If a level 10 log is useful, I can generate it.
Yes, a level 10 debug log from an smbd serving a single client would be very useful, thanks.
Ok, I've sent it to you per mail.
Please attach it to the bug report instead of sending it to me as mail, I'll just clog my in-box and really needs to be associated with the bug if anyone else needs to analyse it anyway.
I'm always a little bit afraid of revealing the level 10 logs of our company's network including passwords to whole world.
But the attachments seem to have no privileges, f.e. developers only.
To provide it fast I intentionally sent it per mail, I can add a somehow obfuscated part of the log later.
Ok, checked out your log file - we're successfully storing the netauth2 credentials but only restoring them in the schannel case it looks like. Can you try adding "server schannel = true" to the global section of your smb.conf and see if it fixes it.
The other thing to note is that this is an informational message, the client seems to re-authenticate using the NETAUTH2 call and continue successfully, without a problem that I can see.
I've tried server schannel = true, it doesn't fix it.
Created attachment 1640 [details]
Level 10 log
i'm seeing this also. clients are w2k and xp, server is samba-3.0.21a (SuSE packages by lmuelle). no apparent loss of functionality, but still disquieting.
the following messages occur whenever a user logs on or unlocks a machine:
Jan 3 13:00:29 pol-serv1 smbd: [2006/01/03 13:00:29, 0] libsmb/credentials.c:creds_server_check(159)
Jan 3 13:00:29 pol-serv1 smbd: creds_server_check: credentials check failed.
Jan 3 13:00:29 pol-serv1 smbd: [2006/01/03 13:00:29, 0] rpc_server/srv_netlog_nt.c:_net_sam_logon(667)
Jan 3 13:00:29 pol-serv1 smbd: _net_sam_logon: creds_server_step failed. Rejecting auth request from client POL-24 machine account POL-24$
i also tried server schannel = yes as requested by jeremy, but it does not help.
I think it's pretty harmless - I'll ensure this message debug level is raised for 3.0.22. I still need to do more investigation but it's not a funtionality problem for clients.
Messages disappeared in 3.0.21b and debug level 1.
happens on one of our systems aswell (samba-3.0.23c, Windows XP Pro SP2):
[2007/03/02 07:56:08, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(478)
_net_auth2: creds_server_check failed. Rejecting auth request from client ACER-E1345 machine account ACER-E1345$
[2007/03/02 12:58:12, 0] smbd/service.c:set_current_service(150)
chdir (/data/Admin) failed