ankush grover
2005-May-06 07:29 UTC
[Samba] how to check whether samba server with security =ads is working fine or not
Hey friends, I have configure samba with security =ads but I am not able to make sure whether it is working properly or not.How can I test whether samba server is working properly or not. I am getting these errors in samba log files. Logs of the machine from where i accessed the samba shares. 192.168.1.14 (192.168.1.14) closed connection to service win [2005/05/06 12:36:57, 1] smbd/service.c:make_connection_snum(648) 192.168.1.14 (192.168.1.14) connect to service ankush initially as user ankush (uid=500, gid=500) (pid 3664) [2005/05/06 12:37:06, 1] smbd/service.c:close_cnum(836) 192.168.1.14 (192.168.1.14) closed connection to service ankush [2005/05/06 12:40:55, 1] smbd/service.c:make_connection_snum(648) 192.168.1.14 (192.168.1.14) connect to service ankush initially as user ankush (uid=500, gid=500) (pid 3696) [2005/05/06 12:40:57, 1] smbd/sesssetup.c:reply_spnego_kerberos(250) Username SUNUPDELHI/manoj$ is invalid on this system [2005/05/06 12:40:57, 1] smbd/sesssetup.c:reply_spnego_kerberos(250) Username SUNUPDELHI/manoj$ is invalid on this system Logs of smbd.log file [2005/05/06 12:36:55, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323) krb5_cc_get_principal failed (No credentials cache found) the result of klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator@SUNUPDELHI.NET Valid starting Expires Service principal 05/06/05 12:21:43 05/06/05 22:20:57 krbtgt/SUNUPDELHI.NET@SUNUPDELHI.NET renew until 05/07/05 12:21:43 Addresses: (none) Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached the 0.0.0.0.log file logs [2005/05/06 12:29:44, 0] lib/access.c:check_access(328) [2005/05/06 12:29:44, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2005/05/06 12:29:44, 1] smbd/process.c:process_smb(1085) [2005/05/06 12:29:44, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2005/05/06 12:29:44, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2005/05/06 12:29:44, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 5 bytes to socket 23: ERRNO = Connection reset by peer [2005/05/06 12:29:44, 0] lib/util_sock.c:send_smb(647) Error writing 5 bytes to client. -1. (Connection reset by peer) The krb5.conf file [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = SUNUPDELHI.NET dns_lookup_realm = false dns_lookup_kdc = true [realms] SUNUPDELHI.NET = { kdc = server1.sunupdelhi.net:88 admin_server = server1.sunupdelhi.net:749 default_domain = sunupdelhi.net } [domain_realm] .example.com = SUNUPDELHI.NET example.com = SUNUPDELHI.NET [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } the samba configuration file is workgroup = sunupdelhi netbios name = work password server = server1.sunupdelhi.net winbind separator = / realm = SUNUPDELHI.NET security = ads encrypt passwords = yes idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = yes winbind enum users = yes winbind enum groups = yes Can anybody tell me whether the samba server with security =ads is working properly.I am able to access the shares from the samba server. Thanks & Regards Ankush Grover