samba server requires smbpasswd -a user constantly
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Binary package hint: samba
I installed an ubuntu server edition (lucid beta, lastest updates applied) for my nas and used my old smb.conf from gentoo, used it for years in different setups and different distributions. What happens is that i cannot connect from my windows7 machine. When i do: sudo smbpasswd -a user it works for a while. But later i have to do it all over again.
dpkg-query -W -f='${Package} ${Version} ${Source} ${Status}\n' | grep samba:
libpam-smbpass 2:3.4.7~
libsmbclient 2:3.4.7~
libwbclient0 2:3.4.7~
samba 2:3.4.7~
samba-common 2:3.4.7~
samba-common-bin 2:3.4.7~
samba-doc 2:3.4.7~
smbclient 2:3.4.7~
smbfs 2:3.4.7~
winbind 2:3.4.7~
lsb_release -rd
Description: Ubuntu lucid (development branch)
Release: 10.04
Martin Waldenvik (waldenvik) wrote : | #1 |
summary: |
- samba server requires a new smbpasswd -a user constantly + samba server requires smbpasswd -a user constantly |
Martin Waldenvik (waldenvik) wrote : | #2 |
Chuck Short (zulcss) wrote : | #3 |
Changed in samba (Ubuntu): | |
importance: | Undecided → Low |
status: | New → Incomplete |
Martin Waldenvik (waldenvik) wrote : | #4 |
- attachment shows smbclient -L //remote_system when i works Edit (516 bytes, text/plain)
I'm not using linux to connect to my samba server but usually windows7, using nfs for linux and afp for mac. But i tried from my ubuntu desktop. At first it worked and later i got with smbclient //192.168.
smb: \>
I can't understand why this happens
Chuck Short (zulcss) wrote : | #5 |
So you are having this problem when connecting t Windows 7?
Martin Waldenvik (waldenvik) wrote : | #6 |
I'm having this problem when connecting from my windows 7 machine to my ubuntu server as stated initially. Yesterday i reseted my smb.conf file. Same error, when trying to connect to ubuntu server from either windows 7 or imac (usually uses afp) i have to enter username/password which never work, when i do a new smbpasswd it works as it should for a while.
Carl Nelvig (leskinen) wrote : | #7 |
I have this very same problem which seems to have started after upgrading from Ubuntu server 9.10 to 10.04 LTS.
Two users on my windows7 machine both connecting to network shares on my Ubuntu server. One of them always manages to connect, the other sometimes managed to connect but every now and then, the samba user seems to not exist
Both users use the same login script in windows consisting of:
net use l: /delete
net use l: \\192.168.1.98\data
When it doesn't work, I get this message in the login script:
"The password or user name is invalid for \\192.168.
The workaround is to log into ubuntu, perform a sudo smbpasswd -a and then run the script again which now works perfectly... (for a while)
Looking at my log files (/var/log/
[2010/05/09 16:24:55, 0] lib/util_
[2010/05/09 16:24:55, 0] lib/util_
getpeername failed. Error was Transport endpoint is not connected
read_
After re-adding the same user in ubuntu with smbpasswd using the same password and running the script again, I get this message when it works:
[2010/05/09 16:33:18, 1] smbd/service.
dumleburken (192.168.1.123) connect to service data initially as user carl (uid=1000, gid=116) (pid 1566)
Anyone got any idea what could be wrong? Let me know what kind of further information you need from me
rolfy (rolfy-rolfy) wrote : | #8 |
I'm having this problem, connecting smbclient connections, or linux (gnome browser) connections or vista connections, so i dont really think it's windows 7 specific...
rolfy (rolfy-rolfy) wrote : | #9 |
Okay, i've been pulling my hair out (there's not much left either, but i digress)...
I started from a very blank smb.conf for one...
I noticed that in gnome now if i restart samba, i have to disconnect and reconnect the drive otherwise i get an error saying:
Could not open location 'smb://
no data available
work around for that issue (if it is a new issue) is to disconnect and reconnect the mount (linux at least - haven't tried windows, hope you don't have to do that there).
==============
$ testparm -s /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
Server role: ROLE_STANDALONE
[global]
server string = Samba Server
log file = /var/log/
max log size = 50
unix extensions = No
dns proxy = No
wide links = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
browsable = No
[printers]
comment = All Printers
path = /usr/spool/samba
printable = Yes
browseable = No
browsable = No
==================
even with that (which is pretty much empty!) if i restart the service, sometimes i get 'Password required' prompt for a drive i've already remembered the password to...
once its in that state, smbclient does:
smbclient -L \\\\MACHINE -U rolfy
Enter rolfy's password:
session setup failed: NT_STATUS_
log.CLIENT has:
=======
[2010/05/12 21:05:28, 1] smbd/service.
create_
[2010/05/12 21:05:28, 1] smbd/service.
merlin (192.168.1.15) connect to service rolfy initially as user rolfy (uid=1001, gid=1001) (pid 8251)
[2010/05/12 21:08:17, 1] smbd/service.
merlin (192.168.1.15) closed connection to service rolfy
[2010/05/12 21:08:26, 1] smbd/service.
create_
[2010/05/12 21:08:58, 1] smbd/service.
create_
========
log.smbd has
========
[2010/05/12 21:08:17, 0] smbd/server.
smbd version 3.4.7 started.
Copyright Andrew Tridgell and the Samba Team 1992-2009
[2010/05/12 21:08:17, 0] smbd/server.
standard input is not a socket, assuming -D option
========
syslog and daemon.log basically has just the 'assuming -D option' message
did a grep in /var/lib/samba, and passdb.tbd does contain my username... so i enabled the user with smbpasswd -e, but that didn't help.
I then added, and it's good to go again....
I'm not sure if this gives more information than was already here, but hopefully it stops someone else taking these same steps...
rolfy (rolfy-rolfy) wrote : | #10 |
i'm not sure how this can be marked as low....
anyway, to 'work around' my problem, i've basically built samba 3.5.2 off their site, and it's now working perfectly. Just in case anyone was wondering...
It's a stuff around (i had to specify a lot of command flags and change some bits and pieces) but at least i can now use samba again, and it looks like this ticket is going nowhere, so i guess it's a good thing i know how to build things!
Martin Waldenvik (waldenvik) wrote : Re: [Bug 566560] Re: samba server requires smbpasswd -a user constantly | #11 |
I reinstalled my old funtoo from a clonezeilla image, since nothing happened.
Martin
On Sat, May 15, 2010 at 02:52, rolfy <email address hidden> wrote:
> i'm not sure how this can be marked as low....
>
> anyway, to 'work around' my problem, i've basically built samba 3.5.2
> off their site, and it's now working perfectly. Just in case anyone was
> wondering...
>
> It's a stuff around (i had to specify a lot of command flags and change
> some bits and pieces) but at least i can now use samba again, and it
> looks like this ticket is going nowhere, so i guess it's a good thing i
> know how to build things!
>
> --
> samba server requires smbpasswd -a user constantly
> https:/
> You received this bug notification because you are a direct subscriber
> of the bug.
>
rolfy (rolfy-rolfy) wrote : | #12 |
*sigh* i have to make a correction. The latest samba had no change.
It appears pretty much every time the user wants to connect again (computer goes into standby, they willingly disconnect etc) their account needs to be re-enabled :|
my current workaround is turning samba to no password and just cronning up a script to set no password on an account often.
The other fix is using that pdbedit program and setting the account to never expires and no password, and then it also lets people login.
I really hope not many people are getting this issue... I hate public shares and am really worried about this bug, but dont have time to troubleshoot it...
Thierry Carrez (ttx) wrote : | #13 |
Could you set "log level = 9" and attach the log from a session where is fails (before running smbpasswd -a to unblock it).
It looks like a corruption of the passwd.tdb where is would refuse the login after a given time. Any logic in when the problem triggers ? At the first reconnection, after a reboot of the server, after N days ? Is smbpasswd -a all it takes to unblock it, or do you have to restart the server as well ?
Changed in samba (Ubuntu): | |
importance: | Low → Medium |
rolfy (rolfy-rolfy) wrote : | #14 |
I'll try to get a time where my wifes not using the network to turn user access back on to trace, or maybe install a VM to see if it happens there too...
Basically i could fairly reliably get it to happen by:
- smbpasswd -a
- map a network drive to my server (home drive or user access drive) (save password)
- after about 10 minutes (not sure the exact time, but wasn't a long time), disconnect that drive (in gnome just click eject)
- reconnect to the drive, and you get prompted for a password (shouldn't!)
After that point, no matter what i do I can't reconnect until I run a command to unlock the account, or set to no password, basically anything that would re-write the password entry i think, but i've never looked at the code, so i can't confirm this.
Timbba (timbba) wrote : | #15 |
Here are some logs:
[2010/06/05 06:05:59, 3] auth/auth.
check_
[2010/06/05 06:05:59, 3] auth/auth.
check_
[2010/06/05 06:05:59, 5] ../lib/
[0000] 44 6F 14 6F C8 66 C6 38 Do.o.f.8
[2010/06/05 06:05:59, 8] lib/util.
is_myname(
[2010/06/05 06:05:59, 3] smbd/sec_
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2010/06/05 06:05:59, 3] smbd/uid.
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2010/06/05 06:05:59, 3] smbd/sec_
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/06/05 06:05:59, 5] auth/token_
NT user token: (NULL)
[2010/06/05 06:05:59, 5] auth/token_
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2010/06/05 06:05:59, 4] lib/substitute.
Home server: server
[2010/06/05 06:05:59, 4] lib/substitute.
Home server: server
[2010/06/05 06:05:59, 3] smbd/sec_
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2010/06/05 06:05:59, 3] smbd/uid.
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2010/06/05 06:05:59, 3] smbd/sec_
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2010/06/05 06:05:59, 5] auth/token_
NT user token: (NULL)
[2010/06/05 06:05:59, 5] auth/token_
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2010/06/05 06:05:59, 3] smbd/sec_
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/06/05 06:05:59, 3] smbd/sec_
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2010/06/05 06:05:59, 3] smbd/uid.
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2010/06/05 06:05:59, 3] smbd/sec_
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2010/06/05 06:05:59, 5] auth/token_
NT user token: (NULL)
[2010/06/05 06:05:59, 5] auth/token_
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2010/06/05 06:05:59, 3] smbd/sec_
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/06/05 06:05:59, 5] lib/username.
Finding user user1
[2010/06/05 06:05:59, 5] lib/username.
Trying _Get_Pwnam(), username as lowercase is user1
[2010/06/05 06:05:59, 5] lib/username.
Get_Pwnam_
[2010/06/05 06:05:59, 5] passdb/
gid_to_sid: winbind failed to find a sid for gid 1000
[2010/06/05 06:05:59, 3] smbd/sec_
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2010/06/05 06:05:59, 3] smbd/uid.
push_con...
Timbba (timbba) wrote : | #16 |
Adding:
My Samba shares always stop working after shutting down the computer. After every boot, I have to readd the user "sudo smbpasswd -a ...." and restart the smbd service. Then it works, but it should work automatically!
Timbba (timbba) wrote : | #17 |
I thought that these lines were the problem:
[2010/06/05 06:05:59, 5] auth/token_
NT user token: (NULL)
[2010/06/05 06:05:59, 5] auth/token_
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
But actually they are not a problem. Here are full logs:
- error.log : after boot --> samba fails
- success.log : after readding user using smbpasswd and restarting smbd service --> samba works
Timbba (timbba) wrote : | #18 |
Thierry Carrez (ttx) wrote : | #19 |
All: I would rate this high if only I was reproducing it. I'm not. I can connect to shares after a reboot, without having to do smbpasswd -a again. So I suspect something more specific.
@Martin: if I understand correctly, you add the user (and set a password) using "smbpasswd -a". Is the password you use here the same as the Unix password used to login as the user on the samba server, or is it different ?
libpam-smbpass, which is installed on your samba server, ensures synchronization of passwords at every login. Suppose you use "secretknock" as the unix password for user "foo" on the server. If you run "sudo smbpasswd -a foo" and set "sk" as the SMB password, it will work for a while... until you log in to the server as user "foo" again, at which point the SMB password for foo will automatically be set to "secretknock".
Martin Waldenvik (waldenvik) wrote : | #20 |
Hi
I use my windows password to connect to samba (easier, i think) and
use a different password to login to ubuntu, same username though.
Martin
On Mon, Jun 7, 2010 at 13:58, Thierry Carrez <email address hidden> wrote:
> All: I would rate this high if only I was reproducing it. I'm not. I can
> connect to shares after a reboot, without having to do smbpasswd -a
> again. So I suspect something more specific.
>
> @Martin: if I understand correctly, you add the user (and set a
> password) using "smbpasswd -a". Is the password you use here the same as
> the Unix password used to login as the user on the samba server, or is
> it different ?
>
> libpam-smbpass, which is installed on your samba server, ensures
> synchronization of passwords at every login. Suppose you use
> "secretknock" as the unix password for user "foo" on the server. If you
> run "sudo smbpasswd -a foo" and set "sk" as the SMB password, it will
> work for a while... until you log in to the server as user "foo" again,
> at which point the SMB password for foo will automatically be set to
> "secretknock".
>
> --
> samba server requires smbpasswd -a user constantly
> https:/
> You received this bug notification because you are a direct subscriber
> of the bug.
>
rolfy (rolfy-rolfy) wrote : | #21 |
i was convinced this was a simple issue, but thus far, i've been unable to reproduce the problem in a virtual machine, which would suggest there's something else at play here, so i'll try to get trace off my file server when i can :|
Timbba (timbba) wrote : | #22 |
@Thierry:
I'm using also different passwords in unix and samba. How to make then persistent SMB password? Do I need to uninstall libpam-smbpass to get rid of this automatical setting of SMB password on login phase?
Thierry Carrez (ttx) wrote : | #23 |
Martin, Timbba: that confirms my hypothesis.
This is not really a bug, it's a feature enabled by default that you should disable in your use case.
Uninstalling libpam-smbpass will remove the password synchronization that occurs every time you log in:
sudo apt-get remove libpam-smbpass
This recurring problem should then disappear. I'll mark the bug as "Invalid", please set it back to "Confirmed" if that does not fix the symptoms you're experiencing.
Changed in samba (Ubuntu): | |
status: | Incomplete → Invalid |
Timbba (timbba) wrote : | #24 |
Seems to solve my problem.
However, I have to say that this is not so nicely managed. User experience is awful and this should be handled more user friendly in the future.
rolfy (rolfy-rolfy) wrote : | #25 |
i can also confirm that i had that module installed (though i dont remember installing it :|) I'll do some testing now that it's removed.
florble (will-thecleverbaggers) wrote : | #26 |
same problem~!
Martin Waldenvik (waldenvik) wrote : | #27 |
Should have noted long time ago that removing libpam-smbpass resolved my problems.
michael brenden (mike-brenden) wrote : | #28 |
21 Feb 2012 -- Having exactly same problem, on Ubuntu 10.04.4 LTS (32bit PAE)
Just found this report and am now trying the "fix" of
apt-get remove libpam-smbpass
and will report back success or fail
michael brenden (mike-brenden) wrote : | #29 |
Having trouble trying to understand what is going on --- libpam-smpass REQUIRES windows password to be identical to unix password?? Please say it ain't so...how stoopid that would be...
Thank you for taking the time to report this bug and helping to make Ubuntu better. Unfortunately we can't fix it without more information.
Please include the information requested at https:/ /wiki.ubuntu. com/DebuggingSa mba#samba- client.