Re: Gentoo, Samba, Upgrade, Authentications now failing | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
krb5.conf
[libdefaults]
default_realm = UTAH.EDU
[realms]
UTAH.EDU = {
kdc = 155.99.1.95
default_domain = scl.utah.edu
}
[domain_realm]
.utah.edu = UTAH.EDU
utah.edu = UTAH.EDU
scl.utah.edu = UTAH.EDU
[logging]
default = FILE:/var/log/krb5.log
[appdefaults]
pam = {
ticket_lifetime = 365d
renew_lifetime = 365d
forwardable = true
proxiable = false
retain_after_close = true
minimum_uid = 0
}
smb.conf
[global]
workgroup = SCL
realm = SCL.UTAH.EDU
server string = valhalla.scl.utah.edu
netbios name = valhalla
password server = *
encrypt passwords = true
security = ads
lanman auth = no
ntlm auth = no
os level = 20
allow trusted domains = yes
auth methods = winbind
ldap ssl = no
ldap suffix = dc=scl,dc=utah,dc=edu
interfaces = eth0, lo
bind interfaces only = yes
socket options = TCP_NODELAY
log level = 20
log file = /var/log/samba/log.%m
max log size = 50
client signing = yes
client schannel = no
client use spnego = yes
client lanman auth = no
client NTLMv2 auth = yes
client plaintext auth = no
preferred master = no
local master = no
domain master = no
wins proxy = no
dns proxy = No
obey pam restrictions = yes
template shell = /bin/bash
nt acl support = yes
inherit permissions = yes
create mask = 0022
template homedir = /home/samba/%U
winbind uid = 1000-2000000
winbind gid = 500-2000000
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind use default domain = yes
winbind offline logon = true
# winbind nss info = sfu
winbind nss info = rfc2307
idmap uid = 1000-2000000
idmap gid = 500-2000000
idmap domains = SCL
idmap config SCL:backend = ad
idmap config SCL:default = yes
# idmap config SCL:schema_mode = sfu
idmap config SCL:schema_mode = rfc2307
idmap config SCL:range = 1000 - 300000000
Enumerating users, enumerating groups, SID to UID conversion, and lookup
of user information using getent and wbinfo all work.
Here is some abbreviated log data: %> tail -f /var/log/samba/log.* | grep smb [2008/06/03 07:02:36, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Tue Jun 3 06:32:45 2008
make_user_info_map: Mapping user [VALHALLA]\[smb] from workstation [LOKI] attempting to make a user_info for smb (smb) making strings for smb's user_info struct making blobs for smb's user_info struct made an encrypted user_info for smb (smb)check_ntlm_password: Checking password for unmapped user [VALHALLA]\[smb]@[LOKI] with the new password interface
check_ntlm_password: mapped user is: [VALHALLA]\[smb]@[LOKI]check_ntlm_password: Authentication for user [smb] -> [smb] FAILED with error NT_STATUS_NO_SUCH_USER
structure was created for smb [2008/06/03 07:02:36, 3] smbd/error.c:error_packet_set(106)error packet at smbd/sesssetup.c(105) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
As you can see from the logs it is showing the message NT_STATUS_NO_SUCH_USER even though wbinfo -i smb works and shows the user account in Active directory.
I did however notice this odd entry in the logs as well: Attempting to register auth backend smbserver [2008/06/03 07:02:36, 5] auth/auth.c:smb_register_auth(59) Successfully added auth method 'smbserver'Not sure if the auth method being 'smbserver' is accurate or not. Any help, pointers etc. is greatly appreciated.
Robert Mattson wrote:
Gentlemen, The following links may or may not be of help. http://bugs.gentoo.org/show_bug.cgi?id=224201 http://lists.samba.org/archive/samba/2008-June/141041.html
..... clipped .....
net-fs/samba-3.0.30 but not the PDC. No problems so far with that. John
-- Jas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Linux] [Info Cyrus] [LARTC] [Christmas Music] [Bugtraq] [Netfilter] [Internet Dating Forums] [RAID] [Yosemite News] [Photography]
|
|