Arjit Gupta
2016-Dec-20 14:43 UTC
[Samba] samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
Hi , Below is the content of smb.conf file for ADS member. [global] password server = WIN2008.CIFSDOM.COM client ldap sasl wrapping = plain security = ADS workgroup = CIFSDOM realm = CIFSDOM.COM guest account = smbnull log file = /var/log/samba/%m.log log level = 10 # Default idmap config used for BUILTIN and local accounts/groups idmap config *:backend = tdb idmap config *:range = 2000-9999 # Use template settings for login shell and home directory winbind nss info = template template shell = /sbin/false template homedir = /home/%U winbind enum users = yes winbind enum groups = yes username map = /etc/opt/samba/users.map [tmp] comment = Temporary file space path = /tmp read only = no Arjit Kumar On Tue, Dec 20, 2016 at 2:33 PM, Rowland Penny via samba < samba at lists.samba.org> wrote:> On Tue, 20 Dec 2016 14:23:14 +0530 > Arjit Gupta via samba <samba at lists.samba.org> wrote: > > > Hi, > > > > Issue Background:- > > > > 1. Configure samba as member to ADS/NT4 server > > 2. Share a folder from samba member server > > > > Issue:- > > > > - Try to access share folder from domain user(other non admin user > > which exists in ADS/NT4 server). > > - It fails with with error NT_STATUS_NO_SUCH_USER. > > > > From the log it seems that winbind is able to find and authenticate > > the user. but smbd fails to get user logs NT_STATUS_NO_SUCH_USER > > error. > > > > Please let me know if any more information is required at my end. > > > > Arjit Kumar > > ADS == Active Directory > NT4 != Active Directory > > Which is it ??? > > Can you post your smb.conf > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Rowland Penny
2016-Dec-20 15:00 UTC
[Samba] samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
On Tue, 20 Dec 2016 20:13:28 +0530 Arjit Gupta <arjitk.gupta at gmail.com> wrote:> Hi , > > Below is the content of smb.conf file for ADS member. > > [global] > password server = WIN2008.CIFSDOM.COM > > client ldap sasl wrapping = plain > security = ADS > workgroup = CIFSDOM > realm = CIFSDOM.COM > > guest account = smbnull > > log file = /var/log/samba/%m.log > log level = 10 > > # Default idmap config used for BUILTIN and local accounts/groups > idmap config *:backend = tdb > idmap config *:range = 2000-9999 > > > > # Use template settings for login shell and home directory > winbind nss info = template > template shell = /sbin/false > template homedir = /home/%U > > winbind enum users = yes > winbind enum groups = yes > > username map = /etc/opt/samba/users.map > [tmp] > comment = Temporary file space > path = /tmp > read only = no > > > Arjit Kumar > >You don't seem to have set up the domain 'idmap config' lines, Have a look here: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member Rowland
Arjit Gupta
2016-Dec-20 17:03 UTC
[Samba] samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
Hi, I have added below lines in smb.conf idmap config CIFSDOM:backend = rid idmap config CIFSDOM:range = 10000-999999 But still i am getting same error. *I am also attaching logs * *winbind logs:-* userinfos: struct wbint_userinfo acct_name : * acct_name : 'gold' full_name : * full_name : 'gold' homedir : * homedir : '/home/%U' shell : * shell : '/sbin/false' primary_gid : 0xffffffffffffffff (-1) user_sid : S-1-5-21-3309633207-894445730-3307837412-1122 group_sid : S-1-5-21-3309633207-894445730-3307837412-513 result : NT_STATUS_OK [ 6958]: pam auth crap domain: [CIFSDOM] user: gold [2016/12/20 21:50:11.811213, 10, pid=6857, effective(0, 3), real(0, 3), class=winbind] ../source3/winbindd/winbindd.c:800(wb_request_done) wb_request_done[6958:PAM_AUTH_CRAP]: NT_STATUS_OK [ 6959]: pam auth crap domain: [CIFSDOM] user: gold [2016/12/20 21:50:14.166504, 10, pid=6857, effective(0, 3), real(0, 3), class=winbind] ../source3/winbindd/winbindd.c:800(wb_request_done) wb_request_done[6959:PAM_AUTH_CRAP]: NT_STATUS_OK *logs for client machine:-* DomainName : 'CIFSDOM' UserNameLen : 0x0008 (8) UserNameMaxLen : 0x0008 (8) UserName : * UserName : 'gold' WorkstationLen : 0x0012 (18) WorkstationMaxLen : 0x0012 (18) Workstation : * Workstation : 'windowsclient' EncryptedRandomSessionKeyLen: 0x0010 (16) EncryptedRandomSessionKeyMaxLen: 0x0010 (16) EncryptedRandomSessionKey: * EncryptedRandomSessionKey: DATA_BLOB length=16 Got user=[gold] domain=[CIFSDOM] workstation=[windowsclient] len1=24 len2=298 [2016/12/20 21:50:11.769896, 10, pid=6958, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:483(ntlmssp_server_preauth) [2016/12/20 21:50:11.769939, 1, pid=6958, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:413(ndr_print_debug) Scanning username map /etc/opt/samba/users.map [2016/12/20 21:50:11.775246, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:219(user_in_list) user_in_list: checking user gold in list [2016/12/20 21:50:11.775297, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |gold| against |CDOM\Administrator| [2016/12/20 21:50:11.775352, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |gold| against |CDOM\administrator| [2016/12/20 21:50:11.775406, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |gold| against |CIFSDOM\Administrator| [2016/12/20 21:50:11.775468, 8, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:464(map_username) The user 'gold' has no mapping. Skip it next time. [2016/12/20 21:50:11.775519, 5, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:117(make_user_info_map) Mapping user [CIFSDOM]\[gold] from workstation [windowsclient] [2016/12/20 21:50:11.777640, 5, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:62(make_user_info) attempting to make a user_info for gold (gold) [2016/12/20 21:50:11.777709, 5, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:70(make_user_info) making strings for gold's user_info struct [2016/12/20 21:50:11.777788, 5, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:108(make_user_info) making blobs for gold's user_info struct [2016/12/20 21:50:11.777843, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:159(make_user_info) made a user_info for gold (gold) [2016/12/20 21:50:11.777905, 3, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:178(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [CIFSDOM]\[gold]@[windowsclient] with the new password interface [2016/12/20 21:50:11.777966, 3, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:181(auth_check_ntlm_password) check_ntlm_password: mapped user is: [CIFSDOM]\[gold]@[windowsclient] 2016/12/20 21:50:11.778026, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:190(auth_check_ntlm_password) check_ntlm_password: auth_context challenge created by random [2016/12/20 21:50:11.778078, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:192(auth_check_ntlm_password) challenge is: [2016/12/20 21:50:11.778132, 5, pid=6958, effective(0, 0), real(0, 0)] ../lib/util/util.c:555(dump_data) [0000] 39 C2 DB B9 7C B4 83 03 9...|... [2016/12/20 21:50:11.778297, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_builtin.c:41(check_guest_security) Check auth for: [gold] [2016/12/20 21:50:11.778351, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password) check_ntlm_password: guest had nothing to say [2016/12/20 21:50:11.778411, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_sam.c:75(auth_samstrict_auth) Check auth for: [gold] [2016/12/20 21:50:11.778485, 8, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/util.c:1239(is_myname) is_myname("CIFSDOM") returns 0 [2016/12/20 21:50:11.778548, 6, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_sam.c:88(auth_samstrict_auth) check_samstrict_security: CIFSDOM is not one of my local names (ROLE_DOMAIN_MEMBER) [2016/12/20 21:50:11.778605, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password) check_ntlm_password: sam had nothing to say [2016/12/20 21:50:11.778666, 10, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_winbind.c:50(check_winbind_security) Check auth for: [gold] Scanning username map /etc/opt/samba/users.map [2016/12/20 21:50:11.811948, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:219(user_in_list) user_in_list: checking user CIFSDOM\gold in list [2016/12/20 21:50:11.811999, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CDOM\Administrator| [2016/12/20 21:50:11.812070, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CDOM\administrator| [2016/12/20 21:50:11.812125, 10, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CIFSDOM\Administrator| [2016/12/20 21:50:11.812188, 8, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:464(map_username) The user 'CIFSDOM\gold' has no mapping. Skip it next time. [2016/12/20 21:50:11.812266, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user CIFSDOM\gold [2016/12/20 21:50:11.812320, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is CIFSDOM\gold [2016/12/20 21:50:11.812882, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:128(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is CIFSDOM\gold [2016/12/20 21:50:11.813082, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is CIFSDOM\GOLD [2016/12/20 21:50:11.813266, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in CIFSDOM\gold [2016/12/20 21:50:11.813327, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [CIFSDOM\gold]! [2016/12/20 21:50:11.813382, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user gold [2016/12/20 21:50:11.813432, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is gold [2016/12/20 21:50:11.813605, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is GOLD [2016/12/20 21:50:11.813878, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in gold [2016/12/20 21:50:11.813942, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [gold]! [2016/12/20 21:50:11.814279, 3, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:1229(check_account) Failed to find authenticated user CIFSDOM\gold via getpwnam(), denying access. [2016/12/20 21:50:11.814360, 5, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password) check_ntlm_password: winbind authentication for user [gold] FAILED with error NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:11.814442, 2, pid=6958, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password) check_ntlm_password: Authentication for user [gold] -> [gold] FAILED with error NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:11.814503, 5, pid=6958, effective(0, 0), real(0, 0)] ../source3/auth/auth_ntlmssp.c:188(auth3_check_password) Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:11.814571, 5, pid=6958, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:737(ntlmssp_server_check_password) ../auth/ntlmssp/ntlmssp_server.c:737: Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:11.814643, 2, pid=6958, effective(0, 0), real(0, 0)] ../auth/gensec/spnego.c:720(gensec_spnego_server_negTokenTarg) SPNEGO login failed: NT_STATUS_NO_SUCH_USER DomainNameLen : 0x0010 (16) DomainNameMaxLen : 0x0010 (16) DomainName : * DomainName : 'CIFSDOM' UserNameLen : 0x0008 (8) UserNameMaxLen : 0x0008 (8) UserName : * UserName : 'gold' WorkstationLen : 0x0012 (18) WorkstationMaxLen : 0x0012 (18) Workstation : * Workstation : 'windowsclient' [2016/12/20 21:50:14.125243, 3, pid=6959, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth) Got user=[gold] domain=[CIFSDOM] workstation=[windowsclient] len1=24 len2=298 Scanning username map /etc/opt/samba/users.map [2016/12/20 21:50:14.130606, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:219(user_in_list) user_in_list: checking user gold in list [2016/12/20 21:50:14.130657, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |gold| against |CDOM\Administrator| [2016/12/20 21:50:14.130711, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |gold| against |CDOM\administrator| [2016/12/20 21:50:14.130766, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |gold| against |CIFSDOM\Administrator| [2016/12/20 21:50:14.130828, 8, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:464(map_username) The user 'gold' has no mapping. Skip it next time. [2016/12/20 21:50:14.130880, 5, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:117(make_user_info_map) Mapping user [CIFSDOM]\[gold] from workstation [windowsclient] [2016/12/20 21:50:14.133060, 5, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:62(make_user_info) attempting to make a user_info for gold (gold) [2016/12/20 21:50:14.133126, 5, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:70(make_user_info) making strings for gold's user_info struct [2016/12/20 21:50:14.133197, 5, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:108(make_user_info) making blobs for gold's user_info struct [2016/12/20 21:50:14.133251, 10, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:159(make_user_info) made a user_info for gold (gold) [2016/12/20 21:50:14.133313, 3, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:178(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [CIFSDOM]\[gold]@[windowsclient] with the new password interface [2016/12/20 21:50:14.133374, 3, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:181(auth_check_ntlm_password) check_ntlm_password: mapped user is: [CIFSDOM]\[gold]@[windowsclient] 2016/12/20 21:50:14.133799, 10, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_builtin.c:41(check_guest_security) Check auth for: [gold] [2016/12/20 21:50:14.133852, 10, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password) check_ntlm_password: guest had nothing to say [2016/12/20 21:50:14.133911, 10, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_sam.c:75(auth_samstrict_auth) Check auth for: [gold] [2016/12/20 21:50:14.134002, 8, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/util.c:1239(is_myname) is_myname("CIFSDOM") returns 0 [2016/12/20 21:50:14.134068, 6, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_sam.c:88(auth_samstrict_auth) check_samstrict_security: CIFSDOM is not one of my local names (ROLE_DOMAIN_MEMBER) [2016/12/20 21:50:14.134125, 10, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password) check_ntlm_password: sam had nothing to say [2016/12/20 21:50:14.134189, 10, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_winbind.c:50(check_winbind_security) Check auth for: [gold] Scanning username map /etc/opt/samba/users.map [2016/12/20 21:50:14.167189, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:219(user_in_list) user_in_list: checking user CIFSDOM\gold in list [2016/12/20 21:50:14.167240, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CDOM\Administrator| [2016/12/20 21:50:14.167295, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CDOM\administrator| [2016/12/20 21:50:14.167351, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CIFSDOM\Administrator| [2016/12/20 21:50:14.167413, 8, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:464(map_username) The user 'CIFSDOM\gold' has no mapping. Skip it next time. [2016/12/20 21:50:14.167488, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user CIFSDOM\gold [2016/12/20 21:50:14.167542, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is CIFSDOM\gold [2016/12/20 21:50:14.167991, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:128(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is CIFSDOM\gold [2016/12/20 21:50:14.168158, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is CIFSDOM\GOLD [2016/12/20 21:50:14.168312, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in CIFSDOM\gold [2016/12/20 21:50:14.168371, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [CIFSDOM\gold]! [2016/12/20 21:50:14.168432, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user gold [2016/12/20 21:50:14.168482, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is gold [2016/12/20 21:50:14.168648, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is GOLD [2016/12/20 21:50:14.168800, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in gold [2016/12/20 21:50:14.168858, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [gold]! [2016/12/20 21:50:14.169184, 3, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:1229(check_account) Failed to find authenticated user CIFSDOM\gold via getpwnam(), denying access. [2016/12/20 21:50:14.169262, 5, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password) check_ntlm_password: winbind authentication for user [gold] FAILED with error NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:14.169348, 2, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password) check_ntlm_password: Authentication for user [gold] -> [gold] FAILED with error NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:14.169410, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/auth_ntlmssp.c:188(auth3_check_password) Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:14.169479, 5, pid=6959, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:737(ntlmssp_server_check_password) ../auth/ntlmssp/ntlmssp_server.c:737: Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER Scanning username map /etc/opt/samba/users.map [2016/12/20 21:50:14.167189, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:219(user_in_list) user_in_list: checking user CIFSDOM\gold in list [2016/12/20 21:50:14.167240, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CDOM\Administrator| [2016/12/20 21:50:14.167295, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CDOM\administrator| [2016/12/20 21:50:14.167351, 10, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:224(user_in_list) user_in_list: checking user |CIFSDOM\gold| against |CIFSDOM\Administrator| [2016/12/20 21:50:14.167413, 8, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/user_util.c:464(map_username) The user 'CIFSDOM\gold' has no mapping. Skip it next time. [2016/12/20 21:50:14.167488, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user CIFSDOM\gold [2016/12/20 21:50:14.167542, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is CIFSDOM\gold [2016/12/20 21:50:14.167991, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:128(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is CIFSDOM\gold [2016/12/20 21:50:14.168158, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is CIFSDOM\GOLD [2016/12/20 21:50:14.168312, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in CIFSDOM\gold [2016/12/20 21:50:14.168371, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [CIFSDOM\gold]! [2016/12/20 21:50:14.168432, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user gold [2016/12/20 21:50:14.168482, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is gold [2016/12/20 21:50:14.168648, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is GOLD [2016/12/20 21:50:14.168800, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in gold [2016/12/20 21:50:14.168858, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [gold]! [2016/12/20 21:50:14.169184, 3, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:1229(check_account) Failed to find authenticated user CIFSDOM\gold via getpwnam(), denying access. [2016/12/20 21:50:14.169262, 5, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password) check_ntlm_password: winbind authentication for user [gold] FAILED with error NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:14.169348, 2, pid=6959, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password) check_ntlm_password: Authentication for user [gold] -> [gold] FAILED with error NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:14.169410, 5, pid=6959, effective(0, 0), real(0, 0)] ../source3/auth/auth_ntlmssp.c:188(auth3_check_password) Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER [2016/12/20 21:50:14.169479, 5, pid=6959, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:737(ntlmssp_server_check_password) ../auth/ntlmssp/ntlmssp_server.c:737: Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER Arjit Kumar On Tue, Dec 20, 2016 at 8:30 PM, Rowland Penny via samba < samba at lists.samba.org> wrote:> On Tue, 20 Dec 2016 20:13:28 +0530 > Arjit Gupta <arjitk.gupta at gmail.com> wrote: > > > Hi , > > > > Below is the content of smb.conf file for ADS member. > > > > [global] > > password server = WIN2008.CIFSDOM.COM > > > > client ldap sasl wrapping = plain > > security = ADS > > workgroup = CIFSDOM > > realm = CIFSDOM.COM > > > > guest account = smbnull > > > > log file = /var/log/samba/%m.log > > log level = 10 > > > > # Default idmap config used for BUILTIN and local accounts/groups > > idmap config *:backend = tdb > > idmap config *:range = 2000-9999 > > > > > > > > # Use template settings for login shell and home directory > > winbind nss info = template > > template shell = /sbin/false > > template homedir = /home/%U > > > > winbind enum users = yes > > winbind enum groups = yes > > > > username map = /etc/opt/samba/users.map > > [tmp] > > comment = Temporary file space > > path = /tmp > > read only = no > > > > > > Arjit Kumar > > > > > > You don't seem to have set up the domain 'idmap config' lines, Have a > look here: > > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Maybe Matching Threads
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing