Andrzej Gryko
2018-Jul-26 19:22 UTC
[Samba] Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
---------- Forwarded message --------- From: Rowland Penny via samba <samba at lists.samba.org> Date: śr., 25 lip 2018 o 18:36 Subject: Re: [Samba] Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ... To: <samba at lists.samba.org> On Wed, 25 Jul 2018 08:55:01 +0200 Andrzej Gryko via samba <samba at lists.samba.org> wrote:> Avahi is not running. > My smb.conf: > # Global parameters > [global] > netbios name = SAMBA > realm = GRYKO.LOCAL > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > drepl, winbindd, ntp_signd, kcc, dnsupdate > workgroup = GRYKO > server role = active directory domain controller > > [netlogon] > path = /var/lib/samba/sysvol/gryko.local/scripts > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > > I didn't tell that I ran debian on Microsoft Hyper-V machine, I try to > connect to DC typing "gryko.local" as a domain in win 10 system > properties, and next typing username and password (also I type > domainname\username and password). > > I installed two virtual machines and on both there is the same error > in log.samba. > I installed samba by: " *apt-get install samba smbclient bind9 > krb5-user" and next I installed winbind by apt-get too.* >>So you are trying to log into the DC as a user, then you need some more >packages installed. > >attr libpam-winbind libpam-krb5 libnss-winbind krb5-config ntp bind9utils >Note: some of these may already be installed. > >By default, you cannot log into a DC > >RowlandI installed new debian, configured domain gryko.org. installed every mentioned package and it is exacly the same if username and password are correct: [2018/07/26 21:09:49.736794, 0] ../source4/dsdb/common/util_samr.c:192(dsdb_add_user) Failed to create user record CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org: acl: unable to get access to CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org I found in google same examples and I'm follow them. Any more ideas? regards Andrzej
Rowland Penny
2018-Jul-26 19:56 UTC
[Samba] Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
On Thu, 26 Jul 2018 21:22:23 +0200 Andrzej Gryko via samba <samba at lists.samba.org> wrote:> ---------- Forwarded message --------- > From: Rowland Penny via samba <samba at lists.samba.org> > Date: śr., 25 lip 2018 o 18:36 > Subject: Re: [Samba] Fwd: Problem connecting to DC from windows 10. > Failed to create user record ... acl: unable to get access to ... > To: <samba at lists.samba.org> > > > On Wed, 25 Jul 2018 08:55:01 +0200 > Andrzej Gryko via samba <samba at lists.samba.org> wrote: > > > Avahi is not running. > > My smb.conf: > > # Global parameters > > [global] > > netbios name = SAMBA > > realm = GRYKO.LOCAL > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > > drepl, winbindd, ntp_signd, kcc, dnsupdate > > workgroup = GRYKO > > server role = active directory domain controller > > > > [netlogon] > > path = /var/lib/samba/sysvol/gryko.local/scripts > > read only = No > > > > [sysvol] > > path = /var/lib/samba/sysvol > > read only = No > > > > I didn't tell that I ran debian on Microsoft Hyper-V machine, I try > > to connect to DC typing "gryko.local" as a domain in win 10 system > > properties, and next typing username and password (also I type > > domainname\username and password). > > > > I installed two virtual machines and on both there is the same error > > in log.samba. > > I installed samba by: " *apt-get install samba smbclient bind9 > > krb5-user" and next I installed winbind by apt-get too.* > > > > >So you are trying to log into the DC as a user, then you need some > >more packages installed. > > > >attr libpam-winbind libpam-krb5 libnss-winbind krb5-config ntp > >bind9utils Note: some of these may already be installed. > > > >By default, you cannot log into a DC > > > >Rowland > > I installed new debian, configured domain gryko.org.How are you configuring the domain ? I hope you mean you are provisioning the domain.> installed every > mentioned package and it is exacly the same if username and password > are correct: > [2018/07/26 21:09:49.736794, 0] > ../source4/dsdb/common/util_samr.c:192(dsdb_add_user) > Failed to create user record > CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org: acl: unable to get > access to CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=orgHow are you trying to create the above record, it is undoubtedly a computer record and should be created by the join.> > I found in google same examples and I'm follow them.Most of the examples you find on the internet are like the curates egg, good in parts, bad in others. Can I suggest you read the Samba wiki: https://wiki.samba.org/index.php/Main_Page Rowland> > Any more ideas? > > regards > Andrzej
Andrzej Gryko
2018-Jul-26 21:03 UTC
[Samba] Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
I found the problem. I can login as administrator, but not as different user - I add different users by "samba-tool user add" or smapasswd and it's the same. Regards czw., 26 lip 2018 o 21:56 Rowland Penny <rpenny at samba.org> napisał(a):> On Thu, 26 Jul 2018 21:22:23 +0200 > Andrzej Gryko via samba <samba at lists.samba.org> wrote: > > > ---------- Forwarded message --------- > > From: Rowland Penny via samba <samba at lists.samba.org> > > Date: śr., 25 lip 2018 o 18:36 > > Subject: Re: [Samba] Fwd: Problem connecting to DC from windows 10. > > Failed to create user record ... acl: unable to get access to ... > > To: <samba at lists.samba.org> > > > > > > On Wed, 25 Jul 2018 08:55:01 +0200 > > Andrzej Gryko via samba <samba at lists.samba.org> wrote: > > > > > Avahi is not running. > > > My smb.conf: > > > # Global parameters > > > [global] > > > netbios name = SAMBA > > > realm = GRYKO.LOCAL > > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > > > drepl, winbindd, ntp_signd, kcc, dnsupdate > > > workgroup = GRYKO > > > server role = active directory domain controller > > > > > > [netlogon] > > > path = /var/lib/samba/sysvol/gryko.local/scripts > > > read only = No > > > > > > [sysvol] > > > path = /var/lib/samba/sysvol > > > read only = No > > > > > > I didn't tell that I ran debian on Microsoft Hyper-V machine, I try > > > to connect to DC typing "gryko.local" as a domain in win 10 system > > > properties, and next typing username and password (also I type > > > domainname\username and password). > > > > > > I installed two virtual machines and on both there is the same error > > > in log.samba. > > > I installed samba by: " *apt-get install samba smbclient bind9 > > > krb5-user" and next I installed winbind by apt-get too.* > > > > > > > >So you are trying to log into the DC as a user, then you need some > > >more packages installed. > > > > > >attr libpam-winbind libpam-krb5 libnss-winbind krb5-config ntp > > >bind9utils Note: some of these may already be installed. > > > > > >By default, you cannot log into a DC > > > > > >Rowland > > > > I installed new debian, configured domain gryko.org. > > How are you configuring the domain ? > I hope you mean you are provisioning the domain. > > > installed every > > mentioned package and it is exacly the same if username and password > > are correct: > > [2018/07/26 21:09:49.736794, 0] > > ../source4/dsdb/common/util_samr.c:192(dsdb_add_user) > > Failed to create user record > > CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org: acl: unable to get > > access to CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org > > How are you trying to create the above record, it is undoubtedly a > computer record and should be created by the join. > > > > > I found in google same examples and I'm follow them. > > Most of the examples you find on the internet are like the curates egg, > good in parts, bad in others. Can I suggest you read the Samba wiki: > > https://wiki.samba.org/index.php/Main_Page > > Rowland > > > > > Any more ideas? > > > > regards > > Andrzej > >
Maybe Matching Threads
- Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
- Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
- Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
- Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...
- Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...