Bug 4126 - Rejecting auth request from client
Summary: Rejecting auth request from client
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.0.23b
Hardware: x64 Windows XP
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2006-09-26 02:06 UTC by koen v
Modified: 2006-09-26 07:34 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description koen v 2006-09-26 02:06:59 UTC
Samba started rejecting some (like 25 out of 150) machines like a few days ago,
In the log.smbd I get some messages like these.

[2006/09/25 13:04:33, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(478)
  _net_auth2: creds_server_check failed. Rejecting auth request from client L265PC01 machine account L265PC01$

Now I started investigating the problem and I found some values got changed without any reason.

I'm using the mysql PDB but I don't think the problem lies within this package.

The values that are getting changed are the ones in the nt_pw field in the mysql user table.
I compared the values with the ones from a backup 2 weeks ago.
As soon as these values changed logons from that computers where impossible.
When I manually edit the mysql field and put it back to the value I had in a backup everything works again.

Is there anyone who found the same problem like me or anyone who knows a solution?

I'm Using a AMD athlon 64 4400+
2GB DDR memory
debian (latest stable)
samba and mysql-pdb are own compiled.

Comment 1 koen v 2006-09-26 02:21:50 UTC
In addition to my post:

From the moment a user logs in onto one of these machines the nt_pw values changes back to something else and again logons from that point are rejected.
Comment 2 koen v 2006-09-26 07:34:22 UTC
Found the cause of the problem,

Our computers are using a security utility called "Skanix Illusion"
It restores stuff like the registry when the computer gets rebooted.

Domain computers often change some kind of ID that is stored into the nt_pw field.
I just had to set the account option [X]