From: Andrew Melchert on
Hello,

I have an intermittent authentication error between a Windows 2003 Server and AIX 6.1 TL4 Samba 2.2.7. I have the Samba server passing auth details to an active directory server. The account exists on AIX but is locked and there is no smbpasswd entry (this is how I setup all my samba shares). On the Windows server a mapping has been created to mount this path on restart. In most cases this works fine but from time to time it fails with authentication issue. Rebooting the Windows server fixes the problem but I would like to find the root cause and fix it. I have setup debug level 2 and got the following. Any help would be greatly appreciated.

Couldn't find user 'aonunitp' in passdb.
Rejecting user 'aonunitp': authentication failed
Couldn't find user 'aonunitp' in passdb.
NT Password did not match for user 'aonunitp'!
Defaulting to Lanman password for aonunitp
Couldn't find user 'aonunitp' in passdb.
Rejecting user 'aonunitp': authentication failed
reboot
aonprod (10.1.66.235) connect to service aonunitp as user aonunitp (uid=512, gid=1) (pid 4530328)
aonprod (10.1.66.235) closed connection to service aonunitp
aonprod (10.1.66.235) connect to service aonunitp as user aonunitp (uid=512, gid=1) (pid 4411538)


smb.conf
security = server
password server = dc1

AIX account
aonunitp id=512 pgrp=staff groups=staff home=/home/aonunitp shell=/usr/local/bin/no_shell gecos=Functional Account - XPLAN login=false su=false rlogin=false daemon=true admin=false sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=files SYSTEM=compat logintimes= loginretries=3 pwdwarntime=4 account_locked=true minage=1 maxage=6 maxexpired=7 minalpha=2 minother=1 mindiff=2 maxrepeats=4 minlen=8 histexpire=0 histsize=4 pwdchecks= dictionlist=/usr/share/dict/words core_compress=on core_path=on core_pathname=/tmp/cores core_naming=on fsize=-1 cpu=-1 data=262144 stack=65536 core=2097151 rss=65536 nofiles=2000 unsuccessful_login_count=0 roles=





Regards,

Andrew Melchert | Technical Services| Pillar Administration
( (02) 4298 6985 | Ë 0434 604 139 | * andrew_melchert(a)pillar.com.au <blocked::blocked::mailto:andrew_melchert(a)pillar.com.au>



************************************************************************************************************************
This email (including all attachments) is confidential, may contain personal or legally privileged information and is intended solely for the named addressee. Confidentiality or privilege is not waived or lost because this email has been sent to you by mistake. If you have received it in error, please let us know by reply email, delete it from your system and destroy any copies.
This email is also subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. Any personal information in this email must be handled in accordance with the Privacy Act 1988 (Cth).
Emails may be interfered with, may contain computer viruses or other defects and may not be successfully replicated on other systems. Pillar Administration makes no representations and gives no warranties in relation to these matters and does not accept liability for any loss or damage which may result from this email.
If you have any doubts about the authenticity of an email purportedly sent by Pillar Administration, please contact us immediately.
************************************************************************************************************************
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba