I'm having a problem authenticating to Active Directory. I can join
the machine to the domain, wbinfo -g/-u will list the groups and users
and I can map a drive using: smbclient -k //s-lorentz.s-res.uva.nl/c\$
However when I try to get the linux machine to authenticate a user
it doesn't work giving the error NT_STATUS_NO_LOGON_SERVERS
(0xc000005e). Looking further in the logs it fails at:

[2003/09/16 03:20:22, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(493)
Doing kerberos session setup
[2003/09/16 03:20:22, 5] nsswitch/winbindd_cm.c:cm_get_netlogon_cli(625)
cm_get_netlogon_cli: Using short for of domain name [S-RES.UVA.NL] for netlogon rpc bind
[2003/09/16 03:20:22, 3] rpc_client/cli_pipe.c:rpc_api_pipe(457)
Bind NACK received on pipe 8003!
[2003/09/16 03:20:22, 2] rpc_client/cli_pipe.c:cli_nt_establish_netlogon(1578)
rpc bind to \PIPE\NETLOGON failed
[2003/09/16 03:20:22, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(312)
could not open handle to NETLOGON pipe (error: NT_STATUS_UNSUCCESSFUL)
[2003/09/16 03:20:22, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(379)
NTLM CRAP authentication for user [S-RES.UVA.NL]\[***@S-RES.UVA.NL] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 4)

On the windows side I see the error:
Pre-authentication failed:
User Name: gnowee$
User ID: S-RES\gnowee$
Service Name: krbtgt/S-RES.UVA.NL
Pre-Authentication Type: 0x0
Failure Code: 0x19


I've tried everything I can thing of (I'm using the debian package
3.0rc4, but I've tried compiling my own too) but can't figure out what
I've missed. Anyone else have an idea?

Thanks for any help,
Jim





Details on what I have done:
(s-lorentz.s-res.uva.nl - AD Domain Controller
admin - Domain Admin for AD
jim - regular user
gnowee.ic.uva.nl - Linux machine)

# initialize kerberos sucessfully with:

% kinit ***@S-RES.UVA.NL
Password for ***@S-RES.UVA.NL: gandalf

# Join the machine to active directory

% net ads join -U ***@S-RES.UVA.NL
***@S-RES.UVA.NL password: gandalf
Using short domain name -- S-RES.UVA.NL
Joined 'GNOWEE' to realm 'S-RES.UVA.NL'

# try out wbinfo

% wbinfo -g
S-RES.UVA.NL\blaahgroup
S-RES.UVA.NL\testgroep
...

# Try to authenticate a user

% wbinfo -a ***@S-RES.UVA.NL%wizard
plaintext password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user ***@S-RES.UVA.NL%wizard with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user ***@S-RES.UVA.NL with challenge/response

# /etc/krb5.conf:
[libdefaults]
default_realm = S-RES.UVA.NL

[realms]
S-RES.UVA.NL = {
kdc = s-lorentz.s-res.uva.nl
}

# smb.conf
workgroup = S-RES.UVA.NL
netbios name = gnowee
server string = %h server (Samba %v)
log file = /var/log/samba/log.%m
log level = 3 passdb:5 auth:10 winbind:10
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
realm = S-RES.UVA.NL
encrypt passwords = true
password server = s-lorentz.s-res.uva.nl
security = ADS
socket options = TCP_NODELAY
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes