Nt_status_logon_failure

activedirectory

(Wellington Rodrigues) #1

NethServer Version: 7.4.1708 (Final)

Hi guys.
I’m using NethServer as PDC/AD in the company where I work, we migrated from Zentyal 4.2 to NethServer. I have an ERP software based on Linux and this software has cups printers. I have a computer that is in the domain and it has a Zebra printer to print labels and it is shared on the network. IP 192.168.3.86


When I print by the system it does not work and checking the ERP server logs, I have the following errors:

E [20/Feb/2018:20:50:24 -0300] [Job 1414497]Session setup failed: NT_STATUS_LOGON_FAILURE
E [20/Feb/2018:20:50:24 -0300] [Job 1414497] No ticket cache found for userid=0
E [20/Feb/2018:20:50:24 -0300] [Job 1414497] Can not get the ticket cache for root
E [20/Feb/2018:20:50:24 -0300] [Job 1414497] Session setup failed: NT_STATUS_LOGON_FAILURE
E [20/Feb/2018:20:50:24 -0300] [Job 1414497] Tree connect failed (NT_STATUS_ACCESS_DENIED)
E [20/Feb/2018:20:50:24 -0300] [Job 1414497] Unable to connect to CIFS host, will retry in 60 seconds…

Using smbclient:
[root@saf_servidor ~]# smbclient -L 192.168.3.86 -U wellingtonr -W pdc
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

Does anyone know what could be? Because when we used Zentyal, we never had this problem


(Markus Neuberger) #2

Which OS is installed on that computer?

It could be a protocol problem, you may try to change the protocol in smbclient with the “-m SMB2” option.


(Wellington Rodrigues) #3

[root@bt ~]# cat /proc/version
Linux version 3.10.0-693.11.1.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Mon Dec 4 23:52:40 UTC 2017

smbclient would look like this?
smbclient -L 192.168.3.86 -U wellingtonr -W pdc -M SMB2
because if this is it returns this error Connection to 192.168.3.86 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)


(Markus Neuberger) #4

it’s a lower case letter: smbclient -L 192.168.10.100 -U markus -m SMB2


(Wellington Rodrigues) #5

Sorry, I saw it wrong :sweat_smile:
Return this:

[root@bt ~]# smbclient -L 192.168.3.86 -U wellingtonr -m SMB2
WARNING: The “syslog” option is deprecated
Enter DAMA.LOCAL\wellingtonr’s password:
Domain=[PDC] OS=[] Server=[]

    Sharename       Type      Comment
    ---------       ----      -------
    ADMIN$          Disk      Administração remota
    C$              Disk      Recurso compartilhado padrão
    E$              Disk      Recurso compartilhado padrão
    IPC$            IPC       IPC remoto
    print$          Disk      Drivers de impressora
    zebramp3        Printer   ZDesigner TLP 2844

Connection to 192.168.3.86 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
NetBIOS over TCP disabled – no workgroup available

Do you know what it can be?


(Markus Neuberger) #6

Changing the protocol showed the shares list? If yes I think this is the main problem.

Sorry, I didn’t fully get your scenario:

Where is the ERP software installed, on NethServer or is it a separate machine?

Do you use Nethserver Cups for printing?

Maybe there’s another mismatch in domain/workgroup which appears to be different in your post.

and

The domain is not the same as in username?

In your smbclient you missed the workgroup switch “-W”.


(Wellington Rodrigues) #7

In a separate machine

No, I don’t

Yeah, DAMA.LOCAL is the old PDC/AD. It’s deactivated

[root@bt ~]# smbclient -L 192.168.3.86 -U wellingtonr -m SMB2 -W PDC
WARNING: The “syslog” option is deprecated
Enter PDC\wellingtonr’s password:
Domain=[PDC] OS=[] Server=[]

    Sharename       Type      Comment
    ---------       ----      -------
    ADMIN$          Disk      Administração remota
    C$              Disk      Recurso compartilhado padrão
    E$              Disk      Recurso compartilhado padrão
    IPC$            IPC       IPC remoto
    print$          Disk      Drivers de impressora
    zebramp3        Printer   ZDesigner TLP 2844

Connection to 192.168.3.86 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
NetBIOS over TCP disabled – no workgroup available

Do you have an example? My knowledge in linux is weak :pensive:
I’m dedicating more to linux now


(Wellington Rodrigues) #8

Information from my nethserver

Host and domain name dama.pdc.local
Active Directory local accounts provider for pdc.local DNS domain name ad.pdc.local
NetBIOS domain name PDC
Domain pdc.local
NetBIOS domain name: PDC
LDAP server: 192.168.3.39
LDAP server name: nsdc-dama.ad.pdc.local
Realm: AD.PDC.LOCAL
Bind Path: dc=AD,dc=PDC,dc=LOCAL
LDAP port: 389
Server time: Wed, 21 Feb 2018 08:44:16 -03
KDC server: 192.168.3.39
Server time offset: 0
Last machine account password change: Fri, 16 Feb 2018 23:17:41 -02


(Markus Neuberger) #9

I get the same error with the list option “-L” but without it I can connect and see the files, so to be sure it works you may try printing directly with:

echo Testfile > testfile.txt
smbclient //192.168.3.86/zebramp3 -U wellingtonr -W pdc -c “print testfile.txt”

Does this work on your ERP machine?


(Wellington Rodrigues) #10

it looks like it worked, at least it did not return with error but did not print.
This part I’m already checking with software support’s. any news will alert you


(Wellington Rodrigues) #11

We can make it work using the LPD protocol.
Thanks for your support @mrmarkuz