Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 987
  • Last Modified:

Cannot join samba domain with Vista

I've just received a dell notebook with vista business. I'm trying to connect it to our samba 2.2 domain running under redhat but with no success. This is the first vista machine i am trying to connect.

I tried changing the Network Security: LAN Manager authentication level from "NTVLM2 responses only" to "LM and NTLM  use NTLMV2 session security if negotiated"

Any ideas?

Thank you.
Teo
0
temmelv
Asked:
temmelv
  • 14
  • 8
1 Solution
 
woolmilkporcCommented:
Hi,
 
this seems to be a problem of  password encryption.
Try to use unencrypted passwords!
 
wmp
0
 
temmelvAuthor Commented:
If you're referring to "Send unecrypted password to third-party SMB servers" this is disbabled.

Teo
0
 
woolmilkporcCommented:
So, enable it and see what will happen!
 
0
[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

 
temmelvAuthor Commented:
No luck.

I forgot to mention the error message which is the same
"Logon failure: unknown user name or bad password"

Teo
0
 
woolmilkporcCommented:
Sorry, but I have to ask this -
is the user you're trying to connect as really defined in the samba server (smbpasswd) and is the password correct?
wmp
 
0
 
temmelvAuthor Commented:
Yes it is. I disconnected my old laptop which was running xp. I'm using the same user.
I also tried root to connect. This is something that we do for every pc we connect to our domain.

Maybe i'll try to delete the user from the server and create it again.

Teo
0
 
woolmilkporcCommented:
Did your IP address change while there is a 'hosts allow' statement in your smb.conf, either global or for your share?
 
wmp
0
 
temmelvAuthor Commented:
Yes i'm using a different ip, but we dont use the "hosts allow" statement.

Teo
0
 
woolmilkporcCommented:
One more silly question -
did you enable 'NetBios over TCP/IP' in your TCP/IP / WINS properties?
This, along with the 'encrypted passwords" thing are the only clues with Windows Vista and Samba I know about.
 
wmp
 
.
0
 
temmelvAuthor Commented:
It was set to default and i set it to enable. no luck again.

if i spell wrong the domain it gives me a message that it cant find the domain controller.

so it is finding the dc but as you original stated something is going wrong with the user/password.

teo
0
 
woolmilkporcCommented:
One more (rather strange) hint -
please check in your registry under
 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
the setting of
  LmCompatibilityLevel
Is it set to '1' (should be, according to your post).
If not, set it to '1' and give it a try!
 
wmp
0
 
woolmilkporcCommented:
... and check your personal firewall settings regarding LM/NTLM.
I have no Vista at hand now, so I can't tell you where it might be.
 
wmp
 
0
 
woolmilkporcCommented:
... and again -
in secpol (where you set your LAN Manager authentication)  check under  Domain Member  the settings of digital encryption/signature. Test by setting to 'disable'
0
 
temmelvAuthor Commented:
no luck.

i can understand now why alot of people have trashed vista.

teo.
0
 
woolmilkporcCommented:
Well, right you are, but some people do get samba shares mounted under Vista.
To resume -
the most important thing is the one you did before asking your question - the LM/NTLM stuff,
second, the 'send unencrypted oasswords'  part
and, given the samba config on the server is correct,  perhaps some firewall settings,
and (as it is only Windows) -
 
reboot.
 
If this is all done, I must confess - no more idea.
 
But - I'll do some more research ...
 
wmp
 
0
 
woolmilkporcCommented:
Do you have security = share in your [global]?
I hear there could be problems with that, too.
0
 
temmelvAuthor Commented:
no

Teo
0
 
woolmilkporcCommented:
Try '[WORKGROUP]\[username]' instead of [username] alone.
 
desperately -
wmp
 
0
 
woolmilkporcCommented:
Do you see a chance to install samba 3.0.2 on your server?
 
Read this -
 
http://www.swerdna.net.au/linhowtosambavista.html
 
wmp
 
0
 
temmelvAuthor Commented:
Yes, i guess we have to do this.


Teo
0
 
woolmilkporcCommented:
So,
good luck, and have fun and success!
 
Norbert (wmp)
 
0
 
woolmilkporcCommented:
Hi again,
there is one more thing that once helped to solve the issue -
- do you have 'netbios name = [something]' in your smb.conf?
Try to leave it out! As I guess, you don't need it and - it once helped!
 
Norbert (wmp)
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 14
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now