Home Forums OS X Server and Client Discussion Open Directory Windows Vista can’t join OD domain

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • April 7, 2008 at 11:32 am #372080
    Vegan_admin
    Participant

    Hi All
    Really hope you guys can help.
    We have an OD master with SMB enabled and set as PDC.
    There is no problems for WinXP users to join and bind to the directory. But when trying to bind a Vista machine. It will not accept my directory account.
    The only thing I can think of is kerberos problems. But the kerberos realm is running smoothly
    Any ideas?
    Thanks

    April 8, 2008 at 9:37 pm #372119
    mosx86
    Participant

    Is this ODmaster, Tiger or Leopard?

    April 9, 2008 at 11:33 am #372127
    Vegan_admin
    Participant

    Sorry this is an OD master running leopard 10.5.2.
    Im really lost here…

    April 9, 2008 at 5:03 pm #372141
    mosx86
    Participant

    [QUOTE][u]Quote by: Vegan_admin[/u][p]Sorry this is an OD master running leopard 10.5.2.
    Im really lost here…[/p][/QUOTE]

    I’m working on something similar but haven’t had time to get into it too deeply yet. On my setup, NTLMv2 password authentication is failing. You can use ‘dirt’ to check the SMB password, but it doesn’t use NTLMv2 so I’m not exactly sure how to verify that…

    I will post more as I get a chance to look at it (hopefully by next week)…

    April 10, 2008 at 6:18 pm #372183
    mosx86
    Participant

    [QUOTE][u]Quote by: MacTroll[/u][p]You can have dirt use a specific auth method.

    dirt -a nt -u user[/p][/QUOTE]

    That will only test the SMB-NT password, not the SMB-NTLMv2.

    I haven’t found out how to verify the SMB-NTLMv2 as of yet.

    Here is the password log when running the above dirt command:

    [b]Apr 10 2008 09:53:20 AUTH2: {slotID, diradmin} SMB-NT authentication succeeded.[/b]

    Here is the password log when trying to join Vista to the 10.5.2 OD PDC domain:

    [b]Apr 10 2008 12:23:42 DoAuth: {slotID, diradmin} SMB-NTLMv2 authentication failed, SASL error -13 (password incorrect).[/b]

    April 14, 2008 at 11:43 am #372234
    Vegan_admin
    Participant

    This is exactly what my log says as well… hope you find a solution…
    This is really annoying more of my users upgrade to Vista…

    September 16, 2008 at 6:23 pm #374125
    mosx86
    Participant

    [QUOTE][u]Quote by: Vegan_admin[/u][p]This is exactly what my log says as well… hope you find a solution…
    This is really annoying more of my users upgrade to Vista…[/p][/QUOTE]

    Talk about a late response (by me)…

    The only tool I know that can check NTLMv2 passwords is “ntlm_auth.” However I get winbind errors when using it and as far as I can tell winbindd isn’t running on any of my Tiger SMB servers or PDC/BDC.

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.