samba-users August 2010 archive
Main Archive Page > Month Archives  > samba-users archives
samba-users: [Samba] Samba 3.0.37 with Windows Server 2008

[Samba] Samba 3.0.37 with Windows Server 2008

From: Nick Couchman <Nick.Couchman_at_nospam>
Date: Wed Aug 11 2010 - 05:39:04 GMT
To: <samba@lists.samba.org>

I'm running Windows Server 2008 and trying to connect to Samba 3.0.37 on Opensolaris. The Samba system is a member of a Windows Server 2008-based Active Directory domain - it was able to join the domain just fine - and Windows XP, Windows 2000, Windows Vista, and Windows 7 can connect, but Windows Server 2008 SP2 cannot connect. The log file is posted below - I'm guessing the key is the message about krb5_rd_req with auth failed (Bad encryption type), but none of the solutions out there that I've looked at seem to apply - it doesn't seem to be the same bug as was in Windows Server 2003, and I'm not sure what kerberos keytab has to do with remote connections to the machine. Any hints would be greatly appreciate.

Thanks,
Nick

[2010/08/10 20:05:22, 5] smbd/uid.c:(338)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [LANMAN1.0]
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [Windows for Workgroups 3.1a]
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [LM1.2X002]
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [LANMAN2.1]
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [NT LM 0.12]
[2010/08/10 20:05:22, 3] smbd/negprot.c:(505)
  Requested protocol [SMB 2.002]
[2010/08/10 20:05:22, 5] smbd/connection.c:(182)
  claiming 0
[2010/08/10 20:05:22, 3] smbd/negprot.c:(364)
  using SPNEGO
[2010/08/10 20:05:22, 3] smbd/negprot.c:(606)
  Selected protocol NT LM 0.12
[2010/08/10 20:05:22, 5] smbd/negprot.c:(612)
  negprot index=5
[2010/08/10 20:05:22, 5] lib/util.c:(484)
[2010/08/10 20:05:22, 5] lib/util.c:(494)
  size=173
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=65535
  smb_pid=65279
  smb_uid=0
  smb_mid=0
  smt_wct=17
  smb_vwv[ 0]= 5 (0x5)
  smb_vwv[ 1]=12807 (0x3207)
  smb_vwv[ 2]= 256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]= 65 (0x41)
  smb_vwv[ 5]= 0 (0x0)
  smb_vwv[ 6]= 256 (0x100)
  smb_vwv[ 7]=24832 (0x6100)
  smb_vwv[ 8]= 82 (0x52)
  smb_vwv[ 9]=64512 (0xFC00)
  smb_vwv[10]= 243 (0xF3)
  smb_vwv[11]= 128 (0x80)
  smb_vwv[12]=39069 (0x989D)
  smb_vwv[13]=63911 (0xF9A7)
  smb_vwv[14]=52024 (0xCB38)
  smb_vwv[15]=26625 (0x6801)
  smb_vwv[16]= 1 (0x1)
  smb_bcc=104
[2010/08/10 20:05:22, 3] smbd/process.c:(1083)
  Transaction 1 of length 1640
[2010/08/10 20:05:22, 5] lib/util.c:(484)
[2010/08/10 20:05:22, 5] lib/util.c:(494)
  size=1636
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=24
  smb_flg2=51207
  smb_tid=65535
  smb_pid=65279
  smb_uid=0
  smb_mid=64
  smt_wct=12
  smb_vwv[ 0]= 255 (0xFF)
  smb_vwv[ 1]= 0 (0x0)
  smb_vwv[ 2]=16644 (0x4104)
  smb_vwv[ 3]= 50 (0x32)
  smb_vwv[ 4]= 0 (0x0)
  smb_vwv[ 5]= 0 (0x0)
  smb_vwv[ 6]= 0 (0x0)
  smb_vwv[ 7]= 1573 (0x625)
  smb_vwv[ 8]= 0 (0x0)
  smb_vwv[ 9]= 0 (0x0)
  smb_vwv[10]= 212 (0xD4)
  smb_vwv[11]=40960 (0xA000)
  smb_bcc=1577
[2010/08/10 20:05:22, 3] smbd/process.c:(932)
  switch message SMBsesssetupX (pid 21089) conn 0x0
[2010/08/10 20:05:22, 3] smbd/sec_ctx.c:(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/08/10 20:05:22, 5] auth/auth_util.c:(448)
  NT user token: (NULL)
[2010/08/10 20:05:22, 5] auth/auth_util.c:(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2010/08/10 20:05:22, 5] smbd/uid.c:(338)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2010/08/10 20:05:22, 3] smbd/sesssetup.c:(1258)
  wct=12 flg2=0xc807
[2010/08/10 20:05:22, 2] smbd/sesssetup.c:(1214)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/08/10 20:05:22, 3] smbd/sesssetup.c:(1040)
  Doing spnego session setup
[2010/08/10 20:05:22, 3] smbd/sesssetup.c:(1071)
  NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
[2010/08/10 20:05:22, 5] smbd/sesssetup.c:(669)
  parse_spnego_mechanisms: Got OID 1 2 840 48018 1 2 2
[2010/08/10 20:05:22, 5] smbd/sesssetup.c:(669)
  parse_spnego_mechanisms: Got OID 1 2 840 113554 1 2 2
[2010/08/10 20:05:22, 5] smbd/sesssetup.c:(669)
  parse_spnego_mechanisms: Got OID 1 3 6 1 4 1 311 2 2 10
[2010/08/10 20:05:22, 3] smbd/sesssetup.c:(699)
  reply_spnego_negotiate: Got secblob of size 1507
[2010/08/10 20:05:22, 3] libads/kerberos_verify.c:(427)
  ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type)
[2010/08/10 20:05:22, 1] smbd/sesssetup.c:(316)
  Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE!
[2010/08/10 20:05:22, 3] smbd/error.c:(106)
  error packet at smbd/sesssetup.c(318) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
[2010/08/10 20:05:22, 5] lib/util.c:(484)

--------
This e-mail may contain confidential and privileged material for the sole use of the intended recipient. If this email is not intended for you, or you are not responsible for the delivery of this message to the intended recipient, please note that this message may contain SEAKR Engineering (SEAKR) Privileged/Proprietary Information. In such a case, you are strictly prohibited from downloading, photocopying, distributing or otherwise using this message, its contents or attachments in any way. If you have received this message in error, please notify us immediately by replying to this e-mail and delete the message from your mailbox. Information contained in this message that does not relate to the business of SEAKR is neither endorsed by nor attributable to SEAKR.
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba