[Bug 479955] Re: [SRU] winbind authentication fails after karmic upgrade
Konna77
konnuus77 at hotmail.com
Tue Mar 2 11:50:07 GMT 2010
** Description changed:
Binary package hint: samba
One of our users upgraded their Ubuntu workstation to 9.10 and they can
no longer authenticate via pam_winbind with the domain controller (Samba
3.3.7).
# apt-cache policy winbind
winbind:
- Installed: 2:3.4.0-3ubuntu5
- Candidate: 2:3.4.0-3ubuntu5
- Version table:
- *** 2:3.4.0-3ubuntu5 0
- 500 http://gb.archive.ubuntu.com karmic/main Packages
- 100 /var/lib/dpkg/status
+ Installed: 2:3.4.0-3ubuntu5
+ Candidate: 2:3.4.0-3ubuntu5
+ Version table:
+ *** 2:3.4.0-3ubuntu5 0
+ 500 http://gb.archive.ubuntu.com karmic/main Packages
+ 100 /var/lib/dpkg/status
After the upgrade, the following messages appear in the winbind log
every five minutes:
[2009/11/10 11:45:01, 0] libsmb/ntlmssp_sign.c:208(ntlmssp_check_packet)
- NTLMSSP NTLM2 packet check failed due to invalid signature!
+ NTLMSSP NTLM2 packet check failed due to invalid signature!
[2009/11/10 11:45:01, 0] rpc_client/cli_pipe.c:620(cli_pipe_verify_ntlmssp)
- cli_pipe_verify_ntlmssp: failed to unseal packet from host SKIPPY. Error was NT_STATUS_ACCESS_DENIED.
+ cli_pipe_verify_ntlmssp: failed to unseal packet from host SKIPPY. Error was NT_STATUS_ACCESS_DENIED.
Attempting to authenticate results in the following:
# wbinfo -a chrisa
Enter chrisa's password:
plaintext password authentication failed
Could not authenticate user chrisa with plaintext password
Enter chrisa's password:
challenge/response password authentication failed
error code was NT code 0x1c010002 (0x1c010002)
error messsage was: NT code 0x1c010002
Could not authenticate user chrisa with challenge/response
And this message appears in the winbind log:
[2009/11/10 11:44:58, 1] rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu)
- cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host SKIPPY!
+ cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host SKIPPY!
This appears to match the behaviour mentioned in the upstream bug #6646 which was fixed in Samba 3.4.1:
- https://bugzilla.samba.org/show_bug.cgi?id=6646
+ https://bugzilla.samba.org/show_bug.cgi?id=6646
Patch looks quite trivial. Would it be possible to backport it?
Thanks,
Chris
--
[SRU] winbind authentication fails after karmic upgrade
https://bugs.launchpad.net/bugs/479955
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
More information about the Ubuntu-server-bugs
mailing list