| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | 
04-22-2010, 06:17 AM
| | |  still dealing with samba
Hi there,
i'm working to make work zimbra against samba 
i've followed the guide: UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 - Zimbra :: Wiki
all seems to be ok, samba can view groups and users via "getent", and can create the domain into zimbra if it not exists...but when i try to authenticate a user (pre-existing or new it doesn't matter) i get NT_STATUS_LOGON_FAILURE.
Someone could help me please? |
04-22-2010, 06:44 AM
| | Advanced Member | |
Posts: 213
| |
Look in your /var/log/samba/* directory... probably log.smbd and also log.IP_Address or log.HOSTNAME. See if there is anything to clue you in as to what is going on, any more-helpful error messages. |
04-22-2010, 06:58 AM
| | |
i've yet take a look int hat folder, but anything was helpful: Code: [2010/04/08 14:11:05, 3] smbd/oplock.c:init_oplocks(875)
init_oplocks: initializing messages.
[2010/04/08 14:11:05, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(241)
Linux kernel oplocks enabled
[2010/04/08 14:11:05, 3] smbd/process.c:process_smb(1570)
Transaction 0 of length 194 (0 toread)
[2010/04/08 14:11:05, 3] smbd/process.c:switch_message(1374)
switch message SMBnegprot (pid 4895) conn 0x0
[2010/04/08 14:11:05, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [MICROSOFT NETWORKS 1.03]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [LANMAN1.0]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [LM1.2X002]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [DOS LANMAN2.1]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [LANMAN2.1]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [Samba]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [NT LANMAN 1.0]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(568)
Requested protocol [NT LM 0.12]
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_nt1(392)
using SPNEGO
[2010/04/08 14:11:05, 3] smbd/negprot.c:reply_negprot(673)
Selected protocol NT LANMAN 1.0
[2010/04/08 14:11:05, 3] smbd/process.c:process_smb(1570)
Transaction 1 of length 174 (0 toread)
[2010/04/08 14:11:05, 3] smbd/process.c:switch_message(1374)
switch message SMBsesssetupX (pid 4895) conn 0x0
[2010/04/08 14:11:05, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1409)
wct=12 flg2=0xc801
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1173)
Doing spnego session setup
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1208)
NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(800)
reply_spnego_negotiate: Got secblob of size 55
[2010/04/08 14:11:05, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2010/04/08 14:11:05, 3] smbd/process.c:process_smb(1570)
Transaction 2 of length 312 (0 toread)
[2010/04/08 14:11:05, 3] smbd/process.c:switch_message(1374)
switch message SMBsesssetupX (pid 4895) conn 0x0
[2010/04/08 14:11:05, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1409)
wct=12 flg2=0xc801
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1173)
Doing spnego session setup
[2010/04/08 14:11:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1208)
NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2010/04/08 14:11:05, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(745)
Got user=[user.name] domain=[DOMAIN] workstation=[MACHINENAME] len1=24 len2=24 while log.smbd says nothing relevant.  |
04-22-2010, 07:33 AM
| | Advanced Member | |
Posts: 213
| |
Nothing helpful in there. Confirm this first, please... your profile indicates you are using 5.0.18 of ZCS... is that correct? Because you posted the Samba instructions/wiki for ZCS 6.0. Rather, if you have ZCS 5.x, you should follow these instructions instead. UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI - Zimbra :: Wiki |
04-22-2010, 07:35 AM
| | |
my bad, i've not specified that i'm working on a test machine with ZCS OS 6.0.1 |
04-22-2010, 08:09 AM
| | Advanced Member | |
Posts: 213
| | Example
Can you PM me the full logfile for that workstation/IP? The log.smbd as well (to make sure there is nothing obviously wrong). Also, the results of "getent passwd" and "getent group" (to make sure we have LDAP results). I'm no expert, but I've gone through this a few times, maybe I can see something. Also, what OS is this?
Here is a snippet of what it looks like from a log on my testbed, /var/log/samba/log.winxp-pc Code: [2010/04/07 16:11:01, 2] lib/smbldap.c:smbldap_open_connection(890)
smbldap_open_connection: connection opened
[2010/04/07 16:11:01, 3] lib/smbldap.c:smbldap_connect_system(1101)
ldap_connect_system: successful connection to the LDAP server
[2010/04/07 16:11:01, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(747)
Got user=[jsmith] domain=[SMB-DOMAIN] workstation=[WINXP-PC] len1=24 len2= 4
[2010/04/07 16:11:01, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2010/04/07 16:11:01, 3] auth/auth.c:check_ntlm_password(220)
check_ntlm_password: Checking password for unmapped user [SMB-DOMAIN]\[jsmith ]@[WINXP-PC] with the new password interface
[2010/04/07 16:11:01, 3] auth/auth.c:check_ntlm_password(223)
check_ntlm_password: mapped user is: [SMB-DOMAIN]\[jsmith]@[WINXP-PC]
[2010/04/07 16:11:01, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user: jsmith
[2010/04/07 16:11:01, 2] passdb/pdb_ldap.c:init_group_from_ldap(2366)
init_group_from_ldap: Entry found for group: 10002
[2010/04/07 16:11:01, 2] passdb/pdb_ldap.c:init_group_from_ldap(2366)
init_group_from_ldap: Entry found for group: 10002
[2010/04/07 16:11:01, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/04/07 16:11:01, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/04/07 16:11:01, 3] auth/auth.c:check_ntlm_password(269)
check_ntlm_password: sam authentication for user [jsmith] succeeded
[2010/04/07 16:11:01, 3] smbd/sec_ctx.c:push_sec_ctx(224)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2010/04/07 16:11:01, 3] smbd/uid.c:push_conn_ctx(440)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2010/04/07 16:11:01, 3] smbd/sec_ctx.c:set_sec_ctx(324)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/04/07 16:11:01, 3] smbd/sec_ctx.c:pop_sec_ctx(432)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/04/07 16:11:01, 2] auth/auth.c:check_ntlm_password(308)
succeeded
[2010/04/07 16:11:01, 3] smbd/password.c:register_existing_vuid(289)
register_existing_vuid: User name: jsmith Real name: John Smith
[2010/04/07 16:11:01, 3] smbd/password.c:register_existing_vuid(299)
register_existing_vuid: UNIX uid 10002 is UNIX user jsmith, and will be vuid 101
[2010/04/07 16:11:01, 3] smbd/password.c:register_homes_share(217)
Using static (or previously created) service for user 'jsmith'; path = '/home/jsmith' |
04-22-2010, 08:35 AM
| | |
send via mail cause of they were too big for PMs |
04-22-2010, 09:49 AM
| | Advanced Member | |
Posts: 213
| | gap in log
Got them. There is a strange 1-minute gap in the client log, where mine continues on (a successfull connection), and I guess yours does not. Not sure where it is failing yet. Sent email for more info/detail...
greg Code: [2010/04/08 11:04:10, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1173) Doing spnego session setup
[2010/04/08 11:04:10, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(1208) NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2010/04/08 11:04:10, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(745) Got user=[john.jones] domain=[MYDOMAIN] workstation=[MYWORKSTATION] len1=24 len2=24
[2010/04/08 11:05:57, 3] smbd/oplock.c:init_oplocks(875) init_oplocks: initializing messages. |
04-22-2010, 11:03 AM
| | Zimbra Employee | |
Posts: 580
| |
Quote:
Originally Posted by sgnaus  my bad, i've not specified that i'm working on a test machine with ZCS OS 6.0.1 | Use the ZCS 6.0.6 release. You'll have problems with the zimlets in the 6.0.1 release.
__________________
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
| | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
