I have a Samba domain of Windows XP. I tried to have a new Windows 7 PC join the Samba domain. And I failed to logon, as any account, on that PC. It says that either my user name or password is incorrect. I checked by log, and this seems to be related: ------------------------------ [2010/01/04 17:49:13, 2] libsmb/credentials.c:223(netlogon_creds_server_check) netlogon_creds_server_check: credentials check failed. [2010/01/04 17:49:13, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client CLIENT-PC machine account CLIENT-PC$ ------------------------------ You can find the full per-machine log at the URL attached.
Created attachment 5116 [details] per-machine log file show the error To prevent Google Docs from failing us, I also attach the per-machine log-file here.
Hallo, have you change the registry on then windows 7 machine?: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Have you change the user over the button "other user" (or similary - i havn't a english windows) to domain-users? On my installations logon are possible, but in logfiles the error-messages was similary: Rejecting auth request from client CLIENT-PC machine account CLIENT-PC$ I found out, that all machine-names use lower letters in /etc/passwd and /var/lib/samba/passwd.tdb. If in /etc/passwd the same entry in uppercase the errormessages disappears. So I create a workarround: Frist create a file /usr/sbin/maschineadd: #!/bin/bash gross=$(echo $* | /usr/bin/tr a-z A-Z) /usr/sbin/useradd -s /bin/false -d /dev/null -g 515 $gross second change in smb.conf: add machine script = /usr/sbin/machineadd %u Hint: You must have a group 515 (Domain-Computers). Then delete the old entries in /etc/passwd and /var/lib/samba/passwd.tdb pdbedit -x CLIENT-PC$ userdel CLIENT-PC$ and get domain-member from the client-pc-side. It should create the names in capital letters and the error-message disappears. I hope your login-problem too. with regards Andreas Matthus
Sorry to confirm that the add machine script work rounds here do not work here. I actually had a windows 7 ultimate PC working in a Samba 3.4 domain earlier in the year. As of this week profiles failed to load. The usual fix to remove all traces of the client in the domain and re-add the client back into the domain are failing to create a valid machine account. This is logged: [2010/09/09 16:50:31, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client W7 machine account W7$ As such none of the users can login to the Windows 7 client with these logs: [2010/09/09 16:52:53, 1] smbd/service.c:1063(make_connection_snum) w7 (::ffff:192.168.2.106) connect to service profiles initially as user elbournb (uid=1000, gid=100) (pid 14074) [2010/09/09 16:52:53, 0] smbd/nttrans.c:2119(call_nt_transact_ioctl) call_nt_transact_ioctl(0x900eb): Currently not implemented. [2010/09/09 16:52:53, 1] smbd/service.c:1063(make_connection_snum) w7 (::ffff:192.168.2.106) connect to service profiles initially as user w7$ (uid=1017, gid=1017) (pid 14074) [2010/09/09 16:52:53, 1] smbd/vfs.c:932(check_reduced_name) reduce_name: couldn't get realpath for elbournb.V2/ntuser.ini [2010/09/09 16:52:53, 1] smbd/vfs.c:932(check_reduced_name) reduce_name: couldn't get realpath for elbournb.V2/ntuser.ini [2010/09/09 16:52:54, 1] smbd/service.c:1063(make_connection_snum) w7 (::ffff:192.168.2.106) connect to service elbournb initially as user elbournb (uid=1000, gid=100) (pid 14074) [2010/09/09 16:53:04, 1] smbd/service.c:1240(close_cnum) w7 (::ffff:192.168.2.106) closed connection to service profiles Samba version is 3.4.8 from Debian backports.
if this does not work this is most probably a client registry setting fault.