Sharik M
2011-Mar-10 02:07 UTC
[Samba] Squid with AD Authendication problem (windows 2003)- please help
?I have configured squid with AD authentication its working fine but I am
getting lots of error for authentication failed.
?
?
squid-2.5.STABLE14-1.4E
samba-3.0.10-1.4E.11
?
?
?
Windows 2003 Domain Audit log failure.
?
?
Pre-authentication failed:
??????????????? User Name:??????????? proxy$
??????????????? User ID:????????????????? DOMAIN\proxy$
??????????????? Service Name:??????? krbtgt/DOMAIN.HOME
??????????????? Pre-Authentication Type:?????? 0x0
??????????????? Failure Code:????????? 0x19
??????????????? Client Address:?????? 10.1.5.12
?
?
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
?
?
?
?
?
?
?
/etc/samba/smb.conf
?
?
[global]
??????? workgroup = DOMAIN
??????? netbios name = PROXY
??????? realm = DOMAIN.HOME
??????? server string = Linux Samba Server
??????? security = ads
??????? encrypt passwords = Yes
??????? password server = 10.1.5.11
??????? log file = /var/log/samba/%m.log
??????? max log size = 0
??????? socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
??????? preferred master = False
??????? local master = No
??????? domain master = False
??????? dns proxy = No
??????? wins server = 10.1.5.11
?????? # winbind separator = /
??????? winbind enum users = yes
??????? winbind enum groups = yes
??????? winbind use default domain = yes
??????? idmap uid = 10000-20000
??????? idmap gid = 10000-20000
??????? client schannel = no
?
log file = /var/log/samba/%m.log
max log size = 50
[homes]
?? comment = Home Directories
?? browseable = no
?? writable = yes
[printers]
?? comment = All Printers
?? path = /var/spool/samba
?? browseable = no
?? guest ok = no
?? writable = no
?? printable = yes
?
?
/etc/krb5.conf
?
[logging]
?default = FILE:/var/log/krb5libs.log
?kdc = FILE:/var/log/krb5kdc.log
?admin_server = FILE:/var/log/kadmind.log
?
[libdefaults]
?#ticket_lifetime = 24000
?default_realm = DOMAIN.HOME
?dns_lookup_realm = false
?dns_lookup_kdc = false
?
[realms]
?DOMAIN.HOME = {
? kdc = 10.1.5.11
? admin_server = 10.1.5.11
? default_domain = DOMAIN.HOME
?}
?
[domain_realm]
?.DOMAIN.home = DOMAIN.HOME
?DOMAIN.home = DOMAIN.HOME
?
[kdc]
?profile = /var/kerberos/krb5kdc/kdc.conf
?
[appdefaults]
?pam = {
?? debug = false
?? ticket_lifetime = 36000
?? renew_lifetime = 36000
?? forwardable = true
?? krb4_convert = false
?}
Sharik M
2011-Mar-10 17:33 UTC
[Samba] Squid with AD Authendication problem (windows 2003)- please help
Dear alex,
Thanks for your support,
my output is?
[root at PROXY ~]# wbinfo -t
checking the trust secret via RPC calls succeeded
[root at PROXY ~]#
Please help me to solve the error.
?
----- Original Message ----
From: ????????? ??????????? <alex_mgsm at mail.ru>
To: Sharik M <sharikonline at yahoo.com>
Sent: Thu, March 10, 2011 1:23:20 PM
Subject: Re: [Samba] Squid with AD Authendication problem (windows 2003)- please
help
Please show output of this command:
wbinfo -t
----- Original Message ----
From: Sharik M <sharikonline at yahoo.com>
To: samba at lists.samba.org
Sent: Thu, March 10, 2011 6:07:43 AM
Subject: Squid with AD Authendication problem (windows 2003)- please help
?I have configured squid with AD authentication its working fine but I am
getting lots of error for authentication failed.
?
?
squid-2.5.STABLE14-1.4E
samba-3.0.10-1.4E.11
?
?
?
Windows 2003 Domain Audit log failure.
?
?
Pre-authentication failed:
??????????????? User Name:??????????? proxy$
??????????????? User ID:????????????????? DOMAIN\proxy$
??????????????? Service Name:??????? krbtgt/DOMAIN.HOME
??????????????? Pre-Authentication Type:?????? 0x0
??????????????? Failure Code:????????? 0x19
??????????????? Client Address:?????? 10.1.5.12
?
?
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
?
?
?
?
?
?
?
/etc/samba/smb.conf
?
?
[global]
??????? workgroup = DOMAIN
??????? netbios name = PROXY
??????? realm = DOMAIN.HOME
??????? server string = Linux Samba Server
??????? security = ads
??????? encrypt passwords = Yes
??????? password server = 10.1.5.11
??????? log file = /var/log/samba/%m.log
??????? max log size = 0
??????? socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
??????? preferred master = False
??????? local master = No
??????? domain master = False
??????? dns proxy = No
??????? wins server = 10.1.5.11
?????? # winbind separator = /
??????? winbind enum users = yes
??????? winbind enum groups = yes
??????? winbind use default domain = yes
??????? idmap uid = 10000-20000
??????? idmap gid = 10000-20000
??????? client schannel = no
?
log file = /var/log/samba/%m.log
max log size = 50
[homes]
?? comment = Home Directories
?? browseable = no
?? writable = yes
[printers]
?? comment = All Printers
?? path = /var/spool/samba
?? browseable = no
?? guest ok = no
?? writable = no
?? printable = yes
?
?
/etc/krb5.conf
?
[logging]
?default = FILE:/var/log/krb5libs.log
?kdc = FILE:/var/log/krb5kdc.log
?admin_server = FILE:/var/log/kadmind.log
?
[libdefaults]
?#ticket_lifetime = 24000
?default_realm = DOMAIN.HOME
?dns_lookup_realm = false
?dns_lookup_kdc = false
?
[realms]
?DOMAIN.HOME = {
? kdc = 10.1.5.11
? admin_server = 10.1.5.11
? default_domain = DOMAIN.HOME
?}
?
[domain_realm]
?.DOMAIN.home = DOMAIN.HOME
?DOMAIN.home = DOMAIN.HOME
?
[kdc]
?profile = /var/kerberos/krb5kdc/kdc.conf
?
[appdefaults]
?pam = {
?? debug = false
?? ticket_lifetime = 36000
?? renew_lifetime = 36000
?? forwardable = true
?? krb4_convert = false
?}