Samba started rejecting some (like 25 out of 150) machines like a few days ago, In the log.smbd I get some messages like these. [2006/09/25 13:04:33, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(478) _net_auth2: creds_server_check failed. Rejecting auth request from client L265PC01 machine account L265PC01$ Now I started investigating the problem and I found some values got changed without any reason. I'm using the mysql PDB but I don't think the problem lies within this package. The values that are getting changed are the ones in the nt_pw field in the mysql user table. I compared the values with the ones from a backup 2 weeks ago. As soon as these values changed logons from that computers where impossible. When I manually edit the mysql field and put it back to the value I had in a backup everything works again. Is there anyone who found the same problem like me or anyone who knows a solution? I'm Using a AMD athlon 64 4400+ 2GB DDR memory debian (latest stable) samba and mysql-pdb are own compiled. Thanks
In addition to my post: From the moment a user logs in onto one of these machines the nt_pw values changes back to something else and again logons from that point are rejected.
Found the cause of the problem, Our computers are using a security utility called "Skanix Illusion" It restores stuff like the registry when the computer gets rebooted. Domain computers often change some kind of ID that is stored into the nt_pw field. I just had to set the account option [X]