Stefan G. Weichinger
2017-Jul-10 11:08 UTC
[Samba] Samba ADS-member-server: FQDNs in /etc/hosts
Am 2017-07-10 um 12:08 schrieb Rowland Penny via samba:> I would change /etc/hosts to this: > > 127.0.0.1 localhost > 127.0.1.1 pre01svdeb01.my.tld pre01svdeb01 > > ::1 localhost ip6-localhost ip6-loopback > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > > But replace '127.0.0.1' with the real ipaddress of pre01svdeb01.my.tld > if it has a fixed IP, if it hasn't, you can remove the entire line. > You don't need anything else, the DNS provided by your AD DC should > provide everything else.Thanks, I consider doing so after work hours ... right now I am quite happy that they all can work so far.> Probably not, /etc/krb5.conf should only contain something like this: > > [libdefaults] > default_realm = MY.TLD > dns_lookup_realm = false > dns_lookup_kdc = trueYes, sure, understand. Seems that the [realms] clause slipped in as I installed some krb5 package. btw: the list of packages to be installed on debian might be worth documenting. It was a bit of trial and error for me to get all the needed krb5-stuff onto that machine. ( krb5-config krb5-locales libkrb5-3 libpam-krb5 krb5-user ... ) And what does this tell me, please: [2017/07/10 13:07:48.593400, 1] ../source3/auth/token_util.c:430(add_local_groups) SID S-1-5-21-2940660672-4062535256-4144655499-1008 -> getpwuid(11008) failed [2017/07/10 13:07:48.593415, 1] ../source3/auth/auth_generic.c:172(auth3_generate_session_info_pac) Failed to map kerberos pac to server info (NT_STATUS_UNSUCCESSFUL) ?
Stefan G. Weichinger
2017-Jul-11 07:04 UTC
[Samba] Samba ADS-member-server: FQDNs in /etc/hosts
Am 2017-07-10 um 13:08 schrieb Stefan G. Weichinger via samba:> And what does this tell me, please: > > [2017/07/10 13:07:48.593400, 1] > ../source3/auth/token_util.c:430(add_local_groups) > SID S-1-5-21-2940660672-4062535256-4144655499-1008 -> getpwuid(11008) > failed > [2017/07/10 13:07:48.593415, 1] > ../source3/auth/auth_generic.c:172(auth3_generate_session_info_pac) > Failed to map kerberos pac to server info (NT_STATUS_UNSUCCESSFUL)I get this all over and can't connect from systems that worked yesterday. pls advise
Stefan G. Weichinger
2017-Jul-11 07:12 UTC
[Samba] Samba ADS-member-server: FQDNs in /etc/hosts
Am 2017-07-11 um 09:04 schrieb Stefan G. Weichinger via samba:> Am 2017-07-10 um 13:08 schrieb Stefan G. Weichinger via samba: > >> And what does this tell me, please: >> >> [2017/07/10 13:07:48.593400, 1] >> ../source3/auth/token_util.c:430(add_local_groups) >> SID S-1-5-21-2940660672-4062535256-4144655499-1008 -> getpwuid(11008) >> failed >> [2017/07/10 13:07:48.593415, 1] >> ../source3/auth/auth_generic.c:172(auth3_generate_session_info_pac) >> Failed to map kerberos pac to server info (NT_STATUS_UNSUCCESSFUL) > > I get this all over and can't connect from systems that worked yesterday. > > pls advisemore logs: [2017/07/11 09:11:00.926522, 1] ../source3/lib/util.c:1960(name_to_fqdn) getaddrinfo: Zu diesem Hostnamen gehört keine Adresse [2017/07/11 09:11:01.012504, 1] ../source3/lib/util.c:1960(name_to_fqdn) getaddrinfo: Zu diesem Hostnamen gehört keine Adresse [2017/07/11 09:11:01.061100, 1] ../source3/lib/util.c:1960(name_to_fqdn) getaddrinfo: Zu diesem Hostnamen gehört keine Adresse [2017/07/11 09:11:01.102653, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[homes]" [2017/07/11 09:11:01.102711, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[daten]" [2017/07/11 09:11:01.102784, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[scan_og]" [2017/07/11 09:11:01.102870, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[daten_archiv]" [2017/07/11 09:11:01.102917, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[software]" [2017/07/11 09:11:01.102953, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[teamviewer]" [2017/07/11 09:11:01.102994, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[Klinger]" [2017/07/11 09:11:01.103320, 1] ../source3/auth/token_util.c:430(add_local_groups) SID S-1-5-21-2940660672-4062535256-4144655499-1041 -> getpwuid(11041) failed [2017/07/11 09:11:01.103335, 1] ../source3/auth/auth_generic.c:172(auth3_generate_session_info_pac) Failed to map kerberos pac to server info (NT_STATUS_UNSUCCESSFUL) [2017/07/11 09:11:01.178731, 1] ../source3/lib/util.c:1960(name_to_fqdn) getaddrinfo: Zu diesem Hostnamen gehört keine Adresse [2017/07/11 09:11:01.220711, 1] ../source3/lib/util.c:1960(name_to_fqdn) getaddrinfo: Zu diesem Hostnamen gehört keine Adresse [2017/07/11 09:11:01.257794, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[homes]" [2017/07/11 09:11:01.257855, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[daten]" [2017/07/11 09:11:01.257947, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[scan_og]" [2017/07/11 09:11:01.258046, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[daten_archiv]" [2017/07/11 09:11:01.258095, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[software]" [2017/07/11 09:11:01.258144, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[teamviewer]" [2017/07/11 09:11:01.258172, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[Klinger]" [2017/07/11 09:11:01.258524, 1] ../source3/auth/token_util.c:430(add_local_groups) SID S-1-5-21-2940660672-4062535256-4144655499-1041 -> getpwuid(11041) failed [2017/07/11 09:11:01.258539, 1] ../source3/auth/auth_generic.c:172(auth3_generate_session_info_pac) Failed to map kerberos pac to server info (NT_STATUS_UNSUCCESSFUL) [2017/07/11 09:11:01.301422, 1] ../source3/lib/util.c:1960(name_to_fqdn) getaddrinfo: Zu diesem Hostnamen gehört keine Adresse if I run "net use" on a client, I am asked for user/pw and that fails as well. Some kerberos issue?