thomas62186218@aol.com
2008-Apr-04 17:04 UTC
[Samba] Issue with Samba 3.0.28a and Active Directory
Hi all,
1. We are using Linux kernel 2.6.20.11 64-bit and Samba 3.0.28a
2. We are trying to connect from this linux machine to a Windows ADS
running on a separate Windows 2003 system (WINADS machine).
3. Though we are able to retrieve the name of the WINADS machine from
linux (We see the name of the machine in samba log file), we are
unable to access any of the users in the WINADS machine.
4. The following is our smb.conf file
[global]
preservecase = yes
log file = /var/log/samba/%m
read raw = yes
write raw = yes
idmap gid = 600-20000
socket options = TCP_NODELAY IPTOS_LOWDELAY
wins server = 192.168.0.30
encrypt passwords = yes
hosts allow = 192.168.0.65
realm = TESTADS.NET
winbind use default domain = Yes
level2 oplocks = true
max xmit = 65535
template shell = /bin/bash
casesensitive = yes
Security = ads
netbios name = TESTNETBIOS
oplocks = yes
write cache size = 262144
server string = tom
idmap uid = 600-20000
winbind enum users = Yes
winbind nested groups = Yes
defaultcase = lower
shortpreservecase = yes
workgroup = TESTWORKGROUP
winbind enum groups = Yes
security = ads
preferred master = no
max log size = 50
log level = 3
password server = 192.168.0.30
5. The following is our lmhosts file
127.0.0.1 localhost
192.18.0.30 sridharg.TESTADS.NET
6. The following is our KRB5.conf file
[libdefaults]
ticket_lifetime = 24h
forwardable = yes
default_realm = TESTADS.NET
dns_lookup_kdc = false
dns_lookup_realm = false
[logging]
admin_server = FILE:/var/log/kadmind.log
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
[realms]
TESTADS.NET = {
kdc = sridharg.TESTADS.NET
admin_server =sridharg.TESTADS.NET
default_domain = TESTADS.NET
}
[domain_realm]
TESTADS.NET =TESTADS.NET
.TESTADS.NET =TESTADS.NET
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
7. We started smbd and nmbd service
8. When we enter "net ads join -U sridharg@TESTADS.NET ", we are
prompted to enter the password.
"sridharg@TESTADS.NET's password: "
9. After entering the password of sridharg (available on TESTADS.NET),
we are getting the following error .
"Failed to join domain: Operations error" .
Your assistance is greatly appreciated. thanks!
-Thomas
thomas62186218@aol.com
2008-Apr-27 01:45 UTC
[Samba] Issue with Samba 3.0.28a and Active Directory
Hi all,
1. We are using Linux kernel 2.6.20.11 64-bit and Samba 3.0.28a
2. We are trying to connect from this linux machine to a Windows ADS
running on a separate Windows 2003 system (WINADS machine).
3. Though we are able to retrieve the name of the WINADS machine from
linux (We see the name of the machine in samba log file), we are
unable to access any of the users in the WINADS machine.
4. The following is our smb.conf file
[global]
preservecase = yes
log file = /var/log/samba/%m
read raw = yes
write raw = yes
idmap gid = 600-20000
socket options = TCP_NODELAY IPTOS_LOWDELAY
wins server = 192.168.0.30
encrypt passwords = yes
hosts allow = 192.168.0.65
realm = TESTADS.NET
winbind use default domain = Yes
level2 oplocks = true
max xmit = 65535
template shell = /bin/bash
casesensitive = yes
Security = ads
netbios name = TESTNETBIOS
oplocks = yes
write cache size = 262144
server string = tom
idmap uid = 600-20000
winbind enum users = Yes
winbind nested groups = Yes
defaultcase = lower
shortpreservecase = yes
workgroup = TESTWORKGROUP
winbind enum groups = Yes
security = ads
preferred master = no
max log size = 50
log level = 3
password server = 192.168.0.30
5. The following is our lmhosts file
127.0.0.1 localhost
192.18.0.30 sridharg.TESTADS.NET
6. The following is our KRB5.conf file
[libdefaults]
ticket_lifetime = 24h
forwardable = yes
default_realm = TESTADS.NET
dns_lookup_kdc = false
dns_lookup_realm = false
[logging]
admin_server = FILE:/var/log/kadmind.log
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
[realms]
TESTADS.NET = {
kdc = sridharg.TESTADS.NET
admin_server =sridharg.TESTADS.NET
default_domain = TESTADS.NET
}
[domain_realm]
TESTADS.NET =TESTADS.NET
.TESTADS.NET =TESTADS.NET
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
7. We started smbd and nmbd service
8. When we enter "net ads join -U sridharg@TESTADS.NET ", we are
prompted to enter the password.
"sridharg@TESTADS.NET's password: "
9. After entering the password of sridharg (available on TESTADS.NET),
we are getting the following error .
"Failed to join domain: Operations error" .
Your assistance is greatly appreciated. thanks!
-Thomas
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Possibly Parallel Threads
- winbind does not work+sernet package+samba 4.2
- Build error due to Waf task dependency cycle in run_after
- Build error due to Waf task dependency cycle in run_after
- Failed to join domain: failed to find DC for administrator@XYZ
- wbinfo -i returns the same id for all users, authentication doesn't seem to go through winbind at all