ankush grover
2005-May-06 07:29 UTC
[Samba] how to check whether samba server with security =ads is working fine or not
Hey friends,
I have configure samba with security =ads but I am not able to make
sure whether it is working properly or not.How can I test whether
samba server is working properly or not.
I am getting these errors in samba log files.
Logs of the machine from where i accessed the samba shares.
192.168.1.14 (192.168.1.14) closed connection to service win
[2005/05/06 12:36:57, 1] smbd/service.c:make_connection_snum(648)
192.168.1.14 (192.168.1.14) connect to service ankush initially as
user ankush (uid=500, gid=500) (pid 3664)
[2005/05/06 12:37:06, 1] smbd/service.c:close_cnum(836)
192.168.1.14 (192.168.1.14) closed connection to service ankush
[2005/05/06 12:40:55, 1] smbd/service.c:make_connection_snum(648)
192.168.1.14 (192.168.1.14) connect to service ankush initially as
user ankush (uid=500, gid=500) (pid 3696)
[2005/05/06 12:40:57, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username SUNUPDELHI/manoj$ is invalid on this system
[2005/05/06 12:40:57, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
Username SUNUPDELHI/manoj$ is invalid on this system
Logs of smbd.log file
[2005/05/06 12:36:55, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
krb5_cc_get_principal failed (No credentials cache found)
the result of klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator@SUNUPDELHI.NET
Valid starting Expires Service principal
05/06/05 12:21:43 05/06/05 22:20:57 krbtgt/SUNUPDELHI.NET@SUNUPDELHI.NET
renew until 05/07/05 12:21:43
Addresses: (none)
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
the 0.0.0.0.log file logs
[2005/05/06 12:29:44, 0] lib/access.c:check_access(328)
[2005/05/06 12:29:44, 0] lib/util_sock.c:get_peer_addr(1000)
getpeername failed. Error was Transport endpoint is not connected
Denied connection from (0.0.0.0)
[2005/05/06 12:29:44, 1] smbd/process.c:process_smb(1085)
[2005/05/06 12:29:44, 0] lib/util_sock.c:get_peer_addr(1000)
getpeername failed. Error was Transport endpoint is not connected
Connection denied from 0.0.0.0
[2005/05/06 12:29:44, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2005/05/06 12:29:44, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 5 bytes to socket 23: ERRNO = Connection
reset by peer
[2005/05/06 12:29:44, 0] lib/util_sock.c:send_smb(647)
Error writing 5 bytes to client. -1. (Connection reset by peer)
The krb5.conf file
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = SUNUPDELHI.NET
dns_lookup_realm = false
dns_lookup_kdc = true
[realms]
SUNUPDELHI.NET = {
kdc = server1.sunupdelhi.net:88
admin_server = server1.sunupdelhi.net:749
default_domain = sunupdelhi.net
}
[domain_realm]
.example.com = SUNUPDELHI.NET
example.com = SUNUPDELHI.NET
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
the samba configuration file is
workgroup = sunupdelhi
netbios name = work
password server = server1.sunupdelhi.net
winbind separator = /
realm = SUNUPDELHI.NET
security = ads
encrypt passwords = yes
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
Can anybody tell me whether the samba server with security =ads is
working properly.I am able to access the shares from the samba server.
Thanks & Regards
Ankush Grover