I joined a samba 3.5.10 server to a samba4 active directory domain. Windows
clients can't browse the root of the servers shares (\\192.168.10.10 ) but
they can access the shares if I manually mount them.
The following command works on the server that samba 3.5 is running on.
smbclient -U administrator -L 127.0.0.1
The following command gives a NT_STATUS_LOGON_FAILURE on a client
smbclient -U administrator -L 192.168.10.10
I can get the smbclient command to work on the client using
smbclient -U DOMAIN\administrator -L 192.168.10.10
The same command fails on the server.
Windows computers can get to shares mapped directly (very slow, however)
But they cannot browse the services, as in go to \\192.168.10.10 and see the
shares and printers.
the following in my smb.conf I'm using.
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
security = ADS
server string = Samba %v
idmap domains = IAPP
idmap config IAPP:backend = rid
idmap config IAPP:schema_mode = rfc2307
idmap config IAPP:range = 500-1000000
template homedir = /home/%D/%U
template shell = /bin/bash
load printers = yes
dns proxy = no
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
wins support = yes
netbios name = DOMAIN-SERVER
max protocol = SMB2
printing = cups
winbind expand groups = 2
winbind nss info = rfc2307
winbind offline logon = true
winbind use default domain = true
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = Yes
enhanced browsing = no
unix extensions = no
debug level = 3
printcap name = cups
domain master = no
local master = no
preferred master = no
Basically I can't really use this server and can't get to users home
shares.
Any suggestions would be greatly appreciated.
Thanks.
It seems password must be replicated
You can send mail to 25dollartechhelp at gmail.com
________________________________________
From: Caleb O'Connell [caleb at privacyassociation.org]
Sent: Monday, September 24, 2012 11:21 PM
To: samba at lists.samba.org
Subject: [Samba] smbclient username not working
I joined a samba 3.5.10 server to a samba4 active directory domain. Windows
clients can't browse the root of the servers shares (\\192.168.10.10 ) but
they can access the shares if I manually mount them.
The following command works on the server that samba 3.5 is running on.
smbclient -U administrator -L 127.0.0.1
The following command gives a NT_STATUS_LOGON_FAILURE on a client
smbclient -U administrator -L 192.168.10.10
I can get the smbclient command to work on the client using
smbclient -U DOMAIN\administrator -L 192.168.10.10
The same command fails on the server.
Windows computers can get to shares mapped directly (very slow, however)
But they cannot browse the services, as in go to \\192.168.10.10 and see the
shares and printers.
the following in my smb.conf I'm using.
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
security = ADS
server string = Samba %v
idmap domains = IAPP
idmap config IAPP:backend = rid
idmap config IAPP:schema_mode = rfc2307
idmap config IAPP:range = 500-1000000
template homedir = /home/%D/%U
template shell = /bin/bash
load printers = yes
dns proxy = no
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
wins support = yes
netbios name = DOMAIN-SERVER
max protocol = SMB2
printing = cups
winbind expand groups = 2
winbind nss info = rfc2307
winbind offline logon = true
winbind use default domain = true
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = Yes
enhanced browsing = no
unix extensions = no
debug level = 3
printcap name = cups
domain master = no
local master = no
preferred master = no
Basically I can't really use this server and can't get to users home
shares.
Any suggestions would be greatly appreciated.
Thanks.
The information contained in this electronic message and any attachments to this
message are intended for the exclusive use of the addressee(s) and may contain
proprietary, confidential or privileged information. If you are not the intended
recipient, you should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately and destroy all copies of this message and any
attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The company
accepts no liability for any damage caused by any virus transmitted by this
email.
www.wipro.com
I was able to solve my problem, so to follow up I'll post what I did. I was on a RHEL 5 server using samba3x (3.5.10) and when I tested prior to this implementation, it was on Ubuntu 12.04 with samba 3.6.8(?), whatever the version in their repos is. The test system worked great, as expected, which is why I went ahead with the implementation. I know, shame on me for taking what worked in test and assuming a different dist. and different version would work the same. I thought I had generically setup samba enough that it should just work similarly. My solution was to install some samba3 3.6.8 packages that were listed on enterprisesamba.org. Once I installed those packages, I went through the same process and it just worked, like it did on Ubuntu. One thing I had noticed, I forgot about the "max protocol = smb2" that I was testing on Ubuntu, which got brought over to the failed implementation with samba3x 3.5.10. I know that smb2 is not fully supported on that version. After doing the join, if I commented out the max protocol, the shares would be totally unavailable. I had to keep it in there after initially having it added. I think that may have been my problem all along? For now, it's working and working great. I'm very happy with the samba4 beta and samba 3.6 participation. Caleb O'Connell wrote:> I joined a samba 3.5.10 server to a samba4 active directory domain. > Windows > clients can't browse the root of the servers shares (\\192.168.10.10 ) > but they can access the shares if I manually mount them. > > The following command works on the server that samba 3.5 is running on. > > smbclient -U administrator -L 127.0.0.1 > > The following command gives a NT_STATUS_LOGON_FAILURE on a client > > smbclient -U administrator -L 192.168.10.10 > > I can get the smbclient command to work on the client using > > smbclient -U DOMAIN\administrator -L 192.168.10.10 > > The same command fails on the server. > > Windows computers can get to shares mapped directly (very slow, however) > But they cannot browse the services, as in go to \\192.168.10.10 and see > the shares and printers. > > the following in my smb.conf I'm using. > > [global] > workgroup = DOMAIN > realm = DOMAIN.LOCAL > security = ADS > server string = Samba %v > idmap domains = IAPP > idmap config IAPP:backend = rid > idmap config IAPP:schema_mode = rfc2307 > idmap config IAPP:range = 500-1000000 > template homedir = /home/%D/%U > template shell = /bin/bash > load printers = yes > dns proxy = no > client use spnego = yes > client ntlmv2 auth = yes > encrypt passwords = yes > wins support = yes > netbios name = DOMAIN-SERVER > max protocol = SMB2 > printing = cups > winbind expand groups = 2 > winbind nss info = rfc2307 > winbind offline logon = true > winbind use default domain = true > winbind enum users = yes > winbind enum groups = yes > winbind nested groups = Yes > enhanced browsing = no > unix extensions = no > debug level = 3 > printcap name = cups > domain master = no > local master = no > preferred master = no > > Basically I can't really use this server and can't get to users home > shares. Any suggestions would be greatly appreciated. > > Thanks. >-- Caleb O'Connell CIPP/US, CIPP/IT | IT Coordinator IAPP | International Association of Privacy Professionals Pease International Tradeport 75 Rochester Ave., Suite 4 | Portsmouth, NH 03801 USA +1 603.427.9200 Ext. 256 | Fax: +1 603.427.9249 caleb at privacyassociation.org | www.privacyassociation.org