Bug 635 - Samba 2.8 server can't join Samba 3.0 domain
Samba 2.8 server can't join Samba 3.0 domain
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control
3.0.0
All Linux
: P3 normal
: none
Assigned To: Jeremy Allison
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-10-16 05:31 UTC by Hubertus Bartkowski
Modified: 2007-04-28 08:26 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hubertus Bartkowski 2003-10-16 05:31:14 UTC
There is a problem to join a Samba 3.0 domain with my Samba 2.8 server. 
I can only join the domain if I use "unix charset = UTF8" on my PDC. 
Any other "unix charset" on my PDC won't work.

I set the "unix charset = iso8859-1" on my PDC.
Now I join the domain from my Samba 2.8 server.

# smbpasswd -j MYDOM 
Joined domain MYDOM

If I try to connect to my server via win2k and get the error messages

[2003/10/16 15:56:10, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
  cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2003/10/16 15:56:10, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72)
  cli_nt_setup_creds: auth2 challenge failed
[2003/10/16 15:56:10, 0] smbd/password.c:connect_to_domain_password_server(1368)
  connect_to_domain_password_server: unable to setup the PDC credentials to mach
ine MYDOM. Error was : NT_STATUS_OK.
[2003/10/16 15:56:10, 0] smbd/password.c:domain_client_validate(1601)
  domain_client_validate: Domain password server not available.
[2003/10/16 15:56:10, 1] smbd/password.c:pass_check_smb(545)
  Couldn't find user 'bart' in passdb.
[2003/10/16 15:56:10, 2] smbd/reply.c:reply_sesssetup_and_X(997)
  NT Password did not match for user 'bart'!
[2003/10/16 15:56:10, 2] smbd/reply.c:reply_sesssetup_and_X(1007)
  Defaulting to Lanman password for bart
[2003/10/16 15:56:10, 1] smbd/password.c:pass_check_smb(545)
  Couldn't find user 'bart' in passdb.
[2003/10/16 15:56:10, 1] smbd/reply.c:reply_sesssetup_and_X(1023)
  Rejecting user 'bart': authentication failed
[2003/10/16 15:56:10, 0] rpc_client/cli_netlogon.c:cli_net_auth2(157)
  cli_net_auth2: Error NT_STATUS_ACCESS_DENIED
[2003/10/16 15:56:10, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72)
  cli_nt_setup_creds: auth2 challenge failed

Now I set the "unix charset =  UTF8" on my PDC and 
rejoin the domain from my Samba 2.8 server.

# smbpasswd -j MYDOM 
Joined domain MYDOM

If I connect to my server via win2k everything works fine,
also if i change back to "unix charset = iso8859-1".

I hope you can fix this "bug" without any problems.

Thank you and Viele Grüße
Hubertus Bartkowski
Comment 1 Gerald (Jerry) Carter 2003-11-04 20:10:24 UTC
Jeremy,  Can you look at this one?
Comment 2 Jeremy Allison 2003-11-05 16:41:22 UTC
Ok, I need much more information to try and reproduce this.
Can you give me the entire smb.conf files from both the Samba 3.0 PDC
and the Samba 2.2.8a member server please. Plus I need to know
the exact NetBIOS names of the member server.
Thanks,
Jeremy.
Comment 3 Hubertus Bartkowski 2003-11-11 06:16:47 UTC
Here are the smb.conf files

Samba 2.2.8 Fileserver 
NetBIOS name = LXTEST

[global]
        netbios name = LxTest
        server string = Linux Testserver
        workgroup = MYDOM

        security = domain
        encrypt passwords = yes
        password server = lxpdc
        log level = 2
        log file = /usr/local/samba/var/log.%m

        browse list = yes
        load printers = no

        protocol = NT1
        default case = lower
        mangle case = no
        mangled names = no
        case sensitive = no
        preserve case = yes
        short preserve case = yes
        character set = iso8859-1

[homes]
        path = /daten/user/%u
        comment = Eigene Dateien
        read only = no
        browsable = no
        create mask = 0666
        directory mask = 0777

[root]
        path = /daten
        comment = /daten
        browsable = yes
        valid users = @admin
        create mask = 0666
        directory mask = 0777



Samba 3.0.0 PDC 
NetBIOS name = LXBACKUP

[global]
        netbios name = LXBackup
        server string = Linux PDC
        workgroup = MYDOM

        security = user
        encrypt passwords = yes
        os level = 65
        wins support = no
        domain master = yes
        domain logons = yes
        local master = yes
        preferred master = yes
        announce version = 4.0
        announce as = NT Server
        admin users = administrator

        log level = 1
        log file = /usr/local/samba/var/log.%m

        passdb backend = ldapsam:ldap://localhost
        ldap suffix = dc=mydom,dc=de
        ldap machine suffix = ou=rechner
        ldap user suffix = ou=nutzer
        ldap admin dn = "cn=root,dc=mydom,dc=de"
        ldap server = localhost
        ldap port = 389
        ldap passwd sync = no

        guest account = nobody
        map to guest = never
        browse list = yes
        load printers = no

        socket options = TCP_NODELAY IPTOS_LOWDELAY \
                         SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192
        dead time = 15
        getwd cache = yes

        protocol = NT1
        default case = lower
        mangle case = no
        mangled names = no
        case sensitive = no
        preserve case = yes
        short preserve case = yes
        unix charset = iso8859-1

[netlogon]
        path = /daten/user/netlogon
        browseable = yes
        read only = no
        locking = no
        public = no

[profiles]
        path = /daten/user/profile
        browseable = no
        read only = no
        comment = Benutzerprofile
        create mode = 0660
        directory mode = 0770

[homes]
        path = /daten/user/%u
        comment = Eigene Dateien
        read only = no
        browsable = no
        create mask = 0666
        directory mask = 0777

[root]
        path = /daten
        comment = /daten
        read only = no
        browsable = yes
        valid users = @admin
        create mask = 0666
        directory mask = 0777
Comment 4 Gerald (Jerry) Carter 2004-03-26 06:42:05 UTC
I cannot reproduce this using your config sett9ings 
with the latest 3.0 cvs code so my guess is that this 
is fixed in 3.0.3pre1.
Comment 5 Gerald (Jerry) Carter 2005-08-24 10:17:38 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 6 Gerald (Jerry) Carter 2005-11-14 09:27:47 UTC
database cleanup
Comment 7 SPAMMER 2007-04-28 08:26:31 UTC
Created attachment 2532