Bug 3447 - Rejecting auth request from client COMPUTER machine account COMPUTER$ messages
Summary: Rejecting auth request from client COMPUTER machine account COMPUTER$ messages
Status: RESOLVED WORKSFORME
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.0.21a
Hardware: x86 Linux
: P3 normal
Target Milestone: none
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-01-25 10:41 UTC by M. D. Parker (dead mail address)
Modified: 2020-12-20 23:01 UTC (History)
1 user (show)

See Also:


Attachments
Log containing failure message from a client. (115.22 KB, application/x-gzip)
2006-02-01 23:27 UTC, M. D. Parker (dead mail address)
no flags Details
Samba log for a failed Win7 machine (164.29 KB, application/octet-stream)
2010-09-23 05:21 UTC, Szombathelyi György
no flags Details
tcpdump capture for the same attempt (164.29 KB, application/octet-stream)
2010-09-23 05:22 UTC, Szombathelyi György
no flags Details
tcpdump capture for the same attempt (try2, sorry for the previous) (8.73 KB, application/octet-stream)
2010-09-23 05:23 UTC, Szombathelyi György
no flags Details
Log level 256 samba.log (276.94 KB, application/x-rar)
2010-10-11 08:00 UTC, Martin Hochreiter (mail address dead)
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description M. D. Parker (dead mail address) 2006-01-25 10:41:03 UTC
Rejecting auth request from client COMPUTER machine account COMPUTER$ messages seem to be occurring on my Samba 3.0.21a running as a PDC.  These type of messages concern me as they do not occur on Samba 3.0.20b.  I had been getting reports of some stations having some weird access problems.  

Is this some type of capitalization issue?  or non-comparison of the actual machine accounts?

One one machine, I did a quick test and removed myself from the domain and added it back but with the system in CAPS eventhough it is displayed in lower case on the W2K System Properties.  This stopped the messages.

In my site it is not feasible to go to 50 or so machines and re-join them to the domain.  Clearly some change in 3.0.21a has been made that is causing this problem whereby in 3.0.20b this is NOT a problem at all.

Sorry I cannot provide more information as the system is a production system serving hundreds of users.  I do see that others are having the same problem as reported in the Samba mailing list.

Mike Parker
parkerm@ga.con
Comment 1 Jeremy Allison 2006-01-25 10:46:09 UTC
Can you get me a debug level 10 log and/or an ethereal trace of this please. It's urgent as I'd like to ensure this is fixed for 3.0.21b.
Jeremy.
Comment 2 M. D. Parker (dead mail address) 2006-01-25 11:15:21 UTC
Would love to if I can isolate this further...remember I talking about a production system and also, it was not all the stations getting the problem just a lot of them.  At this time I have to run 3.0.20b.  A level 10 waiting for one person to have this is going to create quite a log mess (file use) since we have a few hundred users.

I understand the importance of getting this information and I'll certainly try to see what I can do.
Comment 3 M. D. Parker (dead mail address) 2006-02-01 23:14:52 UTC
(In reply to comment #2)
> Would love to if I can isolate this further...remember I talking about a
> production system and also, it was not all the stations getting the problem
> just a lot of them.  At this time I have to run 3.0.20b.  A level 10 waiting
> for one person to have this is going to create quite a log mess (file use)
> since we have a few hundred users.
> I understand the importance of getting this information and I'll certainly try
> to see what I can do.


This bug still exists on samba 3.0.21b.  However, I have successfully isolated an instance that I could get a level 10 log.  I'll include the thing here once I figure out how to do this.  Hopefully, this bug can be fixed as I am still interested in upgrading to something later than 3.0.20b.

Mike Parker
Comment 4 M. D. Parker (dead mail address) 2006-02-01 23:27:11 UTC
Created attachment 1717 [details]
Log containing failure message from a client.
Comment 5 M. D. Parker (dead mail address) 2006-02-01 23:28:02 UTC
(In reply to comment #4)
> Created an attachment (id=1717) [edit]
> Log containing failure message from a client.

The failure log is contained on the Samba PDC after logging in on a MS Windows machine.  


Comment 6 Jeremy Allison 2006-02-10 11:22:33 UTC
Just an update. You wouldn't *believe* the amount of trouble this one caused :-). I think I understand how to create a fix now, it'll be in 3.0.22 but I'd appreciate it if you could test the code once I've got it in SVN.
Thanks,
Jeremy.
Comment 7 Björn Jacke 2009-12-17 06:57:31 UTC
has this been fixed in the mean time and can the bug be closed?
Comment 8 Jeff Green 2010-01-27 10:33:54 UTC
(In reply to comment #7)
> has this been fixed in the mean time and can the bug be closed?
> 

I'm running samba 3.2.5 in a Debian Lenny environment and can say that the problem is still there, at least for my BDC machine. The PDC doesn't seem to produce these messages in the volume the BDC does.
Comment 9 Szombathelyi György 2010-09-23 05:20:01 UTC
Drives me crazy with Windows 7 clients and samba 3.5.5. Authentication on PDC succeed most of the time (but not all), on BDC always fail. No problems with Win XP.

Uploading a loglevel=10 log and a tcpdump capture, hopefully this will solved forever, as I see many people have this problem.
Comment 10 Szombathelyi György 2010-09-23 05:21:42 UTC
Created attachment 5978 [details]
Samba log for a failed Win7 machine
Comment 11 Szombathelyi György 2010-09-23 05:22:31 UTC
Created attachment 5979 [details]
tcpdump capture for the same attempt
Comment 12 Szombathelyi György 2010-09-23 05:23:38 UTC
Created attachment 5980 [details]
tcpdump capture for the same attempt (try2, sorry for the previous)
Comment 13 Martin Hochreiter (mail address dead) 2010-09-24 07:16:16 UTC
Hi there!

What is the current status of that issue as this is similar to my filed bug, I am interested to solve that.
May I be of any help to investigate that further?

regards
Martin
Comment 14 Martin Hochreiter (mail address dead) 2010-10-11 08:00:31 UTC
Created attachment 6009 [details]
Log level 256 samba.log

I created a log level 256 log of a login between windows 7 and a Samba 3.5.5
please have a look at it and enlighten us
Comment 15 Björn Jacke 2020-12-20 23:01:20 UTC
well yes, Windows clients occasionally authenticate to servers with their machine account. You need to have a vadlid id mapping for the machine account also. This is not a samba bug.