Quantcast

root passwd not working anymore

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

root passwd not working anymore

Adi Nugraha
Hi,

since nobody answered my previous post I'm hoping to get an answer for this
one, I have a working samba PDC with LDAP backend, recently i tried to add a
W2k Workstation to the domain using root account and it returned with a
wrong password, but i am able to login using the same account to the server,
I've tried changing the password to join the doain and it worked again, but
I'd like to know what made the password unable to join machines to the
domain anymore, here is the level 10 log from the machine that failed to
join with the old password

  NT user token: (NULL)
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/04/23 08:51:32, 5] smbd/uid.c:change_to_root_user(218)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/04/23 08:51:32, 4] smbd/reply.c:reply_tcon_and_X(278)
  Client requested device type [?????] for share [IPC$]
[2005/04/23 08:51:32, 5] smbd/service.c:make_connection(869)
  making a connection to 'normal' service ipc$
[2005/04/23 08:51:32, 5] lib/username.c:Get_Pwnam(288)
  Finding user root
[2005/04/23 08:51:32, 5] lib/username.c:Get_Pwnam_internals(223)
  Trying _Get_Pwnam(), username as lowercase is root
[2005/04/23 08:51:32, 5] lib/username.c:Get_Pwnam_internals(251)
  Get_Pwnam_internals did find user [root]!
[2005/04/23 08:51:32, 0] smbd/service.c:set_admin_user(321)
  root logged in as admin user (root privileges)
[2005/04/23 08:51:32, 3] smbd/service.c:make_connection_snum(543)
  Connect path is '/var/tmp' for service [IPC$]
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/04/23 08:51:32, 3] smbd/uid.c:push_conn_ctx(287)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:get_current_groups(171)
  get_current_groups: user is in 2 groups: 0, 512
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:get_current_groups(171)
  get_current_groups: user is in 2 groups: 0, 512
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:push_sec_ctx(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/04/23 08:51:32, 3] smbd/uid.c:push_conn_ctx(287)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/04/23 08:51:32, 5] lib/smbldap.c:smbldap_search(919)
  smbldap_search: base => [dc=westindo,dc=com], filter =>
[(&(uid=root)(objectclass=sambaSamAccount))], scope => [2]
[2005/04/23 08:51:32, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
  init_sam_from_ldap: Entry found for user: root
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(235)
  fetch sid from gid cache 0 -> S-1-5-21-555172016-203035953-3233999674-1001
[2005/04/23 08:51:32, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(235)
  fetch sid from gid cache 0 -> S-1-5-21-555172016-203035953-3233999674-1001
[2005/04/23 08:51:32, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(235)
  fetch sid from gid cache 512 ->
S-1-5-21-555172016-203035953-3233999674-512
[2005/04/23 08:51:32, 4] rpc_server/srv_srvsvc_nt.c:get_share_security(217)
  get_share_security: using default secdesc for IPC$
[2005/04/23 08:51:32, 3] lib/util_seaccess.c:se_access_check(251)
[2005/04/23 08:51:32, 3] lib/util_seaccess.c:se_access_check(252)
  se_access_check: user sid is S-1-5-21-555172016-203035953-3233999674-1000
  se_access_check: also S-1-5-21-555172016-203035953-3233999674-1001
  se_access_check: also S-1-1-0
  se_access_check: also S-1-5-2
  se_access_check: also S-1-5-11
  se_access_check: also S-1-5-21-555172016-203035953-3233999674-512
[2005/04/23 08:51:32, 5] lib/util_seaccess.c:se_access_check(309)
  se_access_check: access (2) granted.
[2005/04/23 08:51:32, 3] smbd/vfs.c:vfs_init_default(203)
  Initialising default vfs hooks
[2005/04/23 08:51:32, 5] smbd/connection.c:claim_connection(170)
  claiming IPC$ 0
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_nt_user_token(491)
  NT user token of user S-1-5-21-555172016-203035953-3233999674-1000
  contains 6 SIDs
  SID[  0]: S-1-5-21-555172016-203035953-3233999674-1000
  SID[  1]: S-1-5-21-555172016-203035953-3233999674-1001
  SID[  2]: S-1-1-0
  SID[  3]: S-1-5-2
  SID[  4]: S-1-5-11
  SID[  5]: S-1-5-21-555172016-203035953-3233999674-512
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 2 supplementary groups
  Group[  0]: 0
  Group[  1]: 512
[2005/04/23 08:51:32, 5] smbd/uid.c:change_to_user(203)
  change_to_user uid=(0,0) gid=(0,0)
[2005/04/23 08:51:32, 3] smbd/service.c:make_connection_snum(705)
  pc125 (192.168.0.163) connect to service IPC$ initially as user root
(uid=0, gid=0) (pid 23956)
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_nt_user_token(486)
  NT user token: (NULL)
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/04/23 08:51:32, 5] smbd/uid.c:change_to_root_user(218)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/04/23 08:51:32, 3] smbd/reply.c:reply_tcon_and_X(326)
  tconX service=IPC$
[2005/04/23 08:51:32, 5] lib/util.c:show_msg(456)
[2005/04/23 08:51:32, 5] lib/util.c:show_msg(466)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=1
  smb_pid=65279
  smb_uid=100
  smb_mid=192
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=    0 (0x0)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/04/23 08:51:32, 3] smbd/process.c:process_smb(890)
  Transaction 5 of length 104
[2005/04/23 08:51:32, 5] lib/util.c:show_msg(456)
[2005/04/23 08:51:32, 5] lib/util.c:show_msg(466)
  size=100
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=24
  smb_flg2=51207
  smb_tid=1
  smb_pid=212
  smb_uid=100
  smb_mid=256
  smt_wct=24
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=57054 (0xDEDE)
  smb_vwv[ 2]= 3584 (0xE00)
  smb_vwv[ 3]= 5632 (0x1600)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=40704 (0x9F00)
  smb_vwv[ 8]=  513 (0x201)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=  768 (0x300)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=  256 (0x100)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=16384 (0x4000)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=  512 (0x200)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=  768 (0x300)
  smb_bcc=17
[2005/04/23 08:51:32, 3] smbd/process.c:switch_message(685)
  switch message SMBntcreateX (pid 23956)
[2005/04/23 08:51:32, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_nt_user_token(491)
  NT user token of user S-1-5-21-555172016-203035953-3233999674-1000
  contains 6 SIDs
  SID[  0]: S-1-5-21-555172016-203035953-3233999674-1000
  SID[  1]: S-1-5-21-555172016-203035953-3233999674-1001
  SID[  2]: S-1-1-0
  SID[  3]: S-1-5-2
  SID[  4]: S-1-5-11
  SID[  5]: S-1-5-21-555172016-203035953-3233999674-512
[2005/04/23 08:51:32, 5] auth/auth_util.c:debug_unix_user_token(505)
  UNIX token of user 0
  Primary group is 0 and contains 2 supplementary groups
  Group[  0]: 0
  Group[  1]: 512
[2005/04/23 08:51:32, 5] smbd/uid.c:change_to_user(203)
  change_to_user uid=(0,0) gid=(0,0)
[2005/04/23 08:51:32, 4] smbd/vfs.c:vfs_ChDir(654)
  vfs_ChDir to /var/tmp
[2005/04/23 08:51:32, 4] smbd/nttrans.c:nt_open_pipe(486)
  nt_open_pipe: Opening pipe \lsarpc.
[2005/04/23 08:51:32, 3] smbd/nttrans.c:nt_open_pipe(503)
  nt_open_pipe: Known pipe lsarpc opening.
[2005/04/23 08:51:32, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
  Open pipe requested lsarpc (pipes_open=0)
[2005/04/23 08:51:32, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(279)
  Create pipe requested lsarpc
[2005/04/23 08:51:32, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(372)
  Created internal pipe lsarpc (pipes_open=0)
[2005/04/23 08:51:32, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(258)
  Opened pipe lsarpc with handle 77b0 (pipes_open=1)
[2005/04/23 08:51:32, 5] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(264)
  open pipes: name lsarpc pnum=77b0
[2005/04/23 08:51:32, 5] smbd/nttrans.c:do_ntcreate_pipe_open(554)
  do_ntcreate_pipe_open: open pipe = \lsarpc
[2005/04/23 08:51:32, 5] lib/util.c:show_msg(456)
[2005/04/23 08:51:32, 5] lib/util.c:show_msg(466)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=1
  smb_pid=212
  smb_uid=100
  smb_mid=256
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=    0 (0x0)
  smb_vwv[ 2]=45056 (0xB000)



It stopped there and I really don't know what caused it, the log.smbd
filedidn't show anything, I am using samba 3.02a and Mandrake 10.0
any suggestion, and if anyone can help me on my previous post about
browsing,


Thanks

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: root passwd not working anymore

John H Terpstra - Samba Team
On Sunday 24 April 2005 23:11, Adi Nugraha wrote:

> Hi,
>
> since nobody answered my previous post I'm hoping to get an answer for this
> one, I have a working samba PDC with LDAP backend, recently i tried to add
> a W2k Workstation to the domain using root account and it returned with a
> wrong password, but i am able to login using the same account to the
> server, I've tried changing the password to join the doain and it worked
> again, but I'd like to know what made the password unable to join machines
> to the domain anymore, here is the level 10 log from the machine that
> failed to join with the old password

Check the validity of the current 'root' account by executing:

        pdbedit -Lv root

Check if your password is expired.

If necessary, renew your password with:

        smbpasswd root

- John T.
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: root passwd not working anymore

Adi Nugraha

I used the idelax smbldap-passwd script to update the password is that ok ??
because that did't work, because the original password still didn't work,



----- Original Message -----
From: "John H Terpstra" <[hidden email]>
To: <[hidden email]>
Sent: Monday, April 25, 2005 1:09 PM
Subject: Re: [Samba] root passwd not working anymore


> On Sunday 24 April 2005 23:11, Adi Nugraha wrote:
> > Hi,
> >
> > since nobody answered my previous post I'm hoping to get an answer for
this
> > one, I have a working samba PDC with LDAP backend, recently i tried to
add
> > a W2k Workstation to the domain using root account and it returned with
a
> > wrong password, but i am able to login using the same account to the
> > server, I've tried changing the password to join the doain and it worked
> > again, but I'd like to know what made the password unable to join
machines

> > to the domain anymore, here is the level 10 log from the machine that
> > failed to join with the old password
>
> Check the validity of the current 'root' account by executing:
>
> pdbedit -Lv root
>
> Check if your password is expired.
>
> If necessary, renew your password with:
>
> smbpasswd root
>
> - John T.
> --
> John H Terpstra
> Samba-Team Member
> Phone: +1 (650) 580-8668
>
> Author:
> The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
> Samba-3 by Example, ISBN: 0131472216
> Hardening Linux, ISBN: 0072254971
> Other books in production.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Loading...