Disclaimer: Why not use RH support? They lost our standard subscription we paid for and we do not know how long it will take to fix. I will answer questions as they pop up.
The Issue:
We are running a RHEL 5.10 (Tikanga) system. The kernel is 2.6.18-371.1.2.el5PAE.
Packages of interest are: nautilus-2.16.2-10.el5 samba3-3.6.19-45.el5 samba3-winbind-3.6.19-45.el5
This system is part of a Windows Active Directory (AD) domain and uses Windows (via winbind/Kerberos) to authenticate logins. (That part is working well.) The Windows domain has many Windows shares available that we wish to use via the Nautilus file manager. We start Nautilus via the menubar Applications->System Tools->File Browser. If we choose the Computer button and then double click on the Network icon, Nautilus displays all of the Windows systems with their machine name as we would expect. When we use Wireshark to watch the traffic going back and forth between the RHEL system and Windows, we see that during this time period there are numerous attempts to log into IPC$ for anonymous, guest and 3 attempts to log into our user accounts. Nautilus has not yet asked for our password but it tried to connect with our username/no-password to AD. And since 3 "failed" attempts to login using our username/no-password were sent to Windows, Windows locks our accounts.
Capturing Wireshark data, just after double clicking on the Network icon, the SMB protocol connections are as follows:
NTLMSSP_NEGOTIATE
NTLMSSP_CHALLENGE - ERROR - STATUS_MORE_PROCESSING_REQUIRED
NTLMSSP_AUTH - User: DOMAIN_NAME\my_account_name
Response - ERROR: - STATUS_LOGIN_FAILURE - 1st failure
User: Anonymous
Path: \XX.XX.XX.XX\IPC$
Tree Connect
Tree Disconnect
...
User: Anonymous
Path: \XX.XX.XX.XX\IPC$
Request: Domain Enum
...
User: Anonymous
Path: \MACHINE_NAME\IPC$
...
NTLMSSP_NEGOTIATE
NTLMSSP_CHALLENGE - ERROR - STATUS_MORE_PROCESSING_REQUIRED
NTLMSSP_AUTH - User: DOMAIN_NAME\my_account_name
Response - ERROR: - STATUS_LOGIN_FAILURE - 2nd failure
User: Anonymous
Path: \XX.XX.XX.XX\IPC$
Tree Connect
Tree Disconnect
...
NTLMSSP_NEGOTIATE
NTLMSSP_CHALLENGE - ERROR - STATUS_MORE_PROCESSING_REQUIRED
NTLMSSP_AUTH - User: DOMAIN_NAME\my_account_name
Response - ERROR: - STATUS_LOGIN_FAILURE - 3rd failure
User: Anonymous
Path: \XX.XX.XX.XX\IPC$
Tree Connect
Tree Disconnect
....
How do we make it such that Nautilus sends the Anonymous user first to Windows, prior to it sending my username/no-password? With the anonymous user, it should be able to get the information about the machines connected to the system and should not lock out our AD accounts.
Accessing shared drives from a Windows AD
Issues related to software problems.
Return to “CentOS 5 - Software Support”
Jump to
- CentOS General Purpose
- ↳ CentOS - FAQ & Readme First
- ↳ Announcements
- ↳ CentOS Social
- ↳ User Comments
- ↳ Website Problems
- CentOS 8 / 8-Stream / 9-Stream
- ↳ 8 /8-Stream / 9-Stream - General Support
- ↳ 8 /8-Stream / 9-Stream - Hardware Support
- ↳ 8 /8-Stream / 9-Stream - Networking Support
- ↳ 8 /8-Stream / 9-Stream - Security Support
- CentOS 7
- ↳ CentOS 7 - General Support
- ↳ CentOS 7 - Software Support
- ↳ CentOS 7 - Hardware Support
- ↳ CentOS 7 - Networking Support
- ↳ CentOS 7 - Security Support
- CentOS Legacy Versions
- ↳ CentOS 5
- ↳ CentOS 5 - General Support
- ↳ CentOS 5 - Software Support
- ↳ CentOS 5 - Hardware Support
- ↳ CentOS 5 - Networking Support
- ↳ CentOS 5 - Server Support
- ↳ CentOS 5 - Security Support
- ↳ CentOS 5 - Oracle Installation and Support
- ↳ CentOS 5 - Miscellaneous Questions
- ↳ CentOS 6
- ↳ CentOS 6 - General Support
- ↳ CentOS 6 - Software Support
- ↳ CentOS 6 - Hardware Support
- ↳ CentOS 6 - Networking Support
- ↳ CentOS 6 - Security Support