VigneshDhanraj G
2018-Jun-27 19:08 UTC
[Samba] Not Able to access cifs when AD connected to different network
Hi Team, Recently upgraded samba to 4.7.8 from 4.7.15 My PC and was connected under router 192.168.1.x in which i have AD server. now i moved the PC to another network 192.168.4.x. When i am trying to access the cifs it shows ERROR:Currently no logon servers available. When i downgraded samba to 4.5.15 it works properly. [Global] available= yes restrict anonymous= 0 server string= LenovoEMC~D� px4-400d Workgroup= GNANA netbios name= px4-400d realm= GNANA.COM <http://VIGNESH.COM> password server= 192.168.1.14, * idmap backend= tdb idmap uid= 5000-9999999 idmap gid= 5000-9999999 idmap config GNANA : backend= rid idmap config GNANA : range= 10000000-19999999 security= ADS name resolve order= wins host bcast lmhosts client use spnego= yes dns proxy= no winbind use default domain= no winbind nested groups= yes inherit acls= yes winbind enum users= yes winbind enum groups= yes winbind separator= \\ winbind cache time= 300 winbind offline logon= true template shell= /bin/sh kerberos method= secrets and keytab map to guest= Bad User host msdfs= yes strict allocate= no encrypt passwords= yes passdb backend= smbpasswd printcap name= lpstat printable= no load printers= yes ntlm auth= Yes logs: check_ntlm_password: Authentication for user [vigneshdhanraj.g] -> [vigneshdhanraj.g] FAILED with error NT_STATUS_NO_LOGON_SERVERS, authoritative=1 [2018/06/28 14:00:56.780890, 2, pid=10273, effective(0, 0), real(0, 0)] ../auth/auth_log.c:760(log_authentication_event_human_readable) Auth: [SMB2,(null)] user [DS-7071BC9E7857]\[vigneshdhanraj.g] at [Thu, 28 Jun 2018 14:00:56.780833 IST] with [NTLMv1] status [NT_STATUS_NO_LOGON_SERVERS] workstation [DS-7071BC9E7857] remote host [ipv4:10.132.240.57:57088] mapped to [DS-7071BC9E7857]\[vigneshdhanraj.g]. local host [ipv4:10.132.243.69:445] [2018/06/28 14:00:56.780975, 3, pid=10273, effective(0, 0), real(0, 0)] ../auth/auth_log.c:591(log_no_json) log_no_json: JSON auth logs not available unless compiled with jansson [2018/06/28 14:00:56.781028, 5, pid=10273, effective(0, 0), real(0, 0)] ../source3/auth/auth_ntlmssp.c:196(auth3_check_password) Checking NTLMSSP password for DS-7071BC9E7857\vigneshdhanraj.g failed: NT_STATUS_NO_LOGON_SERVERS, authoritative=1 [2018/06/28 14:00:56.781093, 5, pid=10273, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:751(ntlmssp_server_check_password) ../auth/ntlmssp/ntlmssp_server.c:751: Checking NTLMSSP password for DS-7071BC9E7857\vigneshdhanraj.g failed: NT_STATUS_NO_LOGON_SERVERS [2018/06/28 14:00:56.781163, 2, pid=10273, effective(0, 0), real(0, 0)] ../auth/gensec/spnego.c:605(gensec_spnego_server_negTokenTarg) SPNEGO login failed: NT_STATUS_NO_LOGON_SERVERS [2018/06/28 14:00:56.781247, 4, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 smbd_smb2_request_pending_queue: req->current_idx = 1 req->in.vector[0].iov_len = 0 req->in.vector[1].iov_len = 0 req->in.vector[2].iov_len = 64 req->in.vector[3].iov_len = 24 req->in.vector[4].iov_len = 283 req->out.vector[0].iov_len = 4 req->out.vector[1].iov_len = 0 req->out.vector[2].iov_len = 64 req->out.vector[3].iov_len = 8 req->out.vector[4].iov_len = 0 [2018/06/28 14:00:56.781396, 4, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2018/06/28 14:00:56.781451, 4, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2018/06/28 14:00:56.781499, 4, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2018/06/28 14:00:56.781547, 5, pid=10273, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) [2018/06/28 14:00:56.783085, 5, pid=10273, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2018/06/28 14:00:56.783131, 5, pid=10273, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:810(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2018/06/28 14:00:56.783187, 5, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2018/06/28 14:00:56.783237, 4, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2018/06/28 14:00:56.783285, 5, pid=10273, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2018/06/28 14:00:56.783331, 5, pid=10273, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:810(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2018/06/28 14:00:56.783393, 5, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2018/06/28 14:00:56.783447, 4, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) Primary group is 0 and contains 0 supplementary groups [2018/06/28 14:00:56.783598, 5, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2018/06/28 14:00:56.783705, 10, pid=10273, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm_ref.c:157(msg_dgm_ref_destructor) msg_dgm_ref_destructor: refs=(nil) [2018/06/28 14:00:56.795996, 3, pid=10273, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:244(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) Please do the needful. i want to change smb.conf for workgroup users alone to make it work. if i move to that network again i want to write conf for AD. Regards, VigneshDhanraj G
Rowland Penny
2018-Jun-27 19:47 UTC
[Samba] Not Able to access cifs when AD connected to different network
On Thu, 28 Jun 2018 00:38:23 +0530 VigneshDhanraj G via samba <samba at lists.samba.org> wrote:> Hi Team, > > Recently upgraded samba to 4.7.8 from 4.7.15 > > My PC and was connected under router 192.168.1.x in which i have AD > server. now i moved the PC to another network 192.168.4.x. > > When i am trying to access the cifs it shows ERROR:Currently no logon > servers available.Is your 'new' subnet in AD ? Can I suggest you try this smb.conf: [Global] Workgroup = GNANA realm = GNANA.COM security = ADS server string= LenovoEMC~D px4-400d kerberos method= secrets and keytab idmap config * : backend = tdb idmap config * : range = 5000-9999 idmap config GNANA : backend = rid idmap config GNANA : range = 10000000-19999999 name resolve order= wins host bcast lmhosts dns proxy= no inherit acls= yes winbind offline logon= true template shell= /bin/sh map to guest= Bad User printcap name= lpstat ntlm auth= Yes It is basically yours, but without all the default lines and 'idmap config' set up correctly. Rowland
VigneshDhanraj G
2018-Jun-27 20:33 UTC
[Samba] Not Able to access cifs when AD connected to different network
the problem is actually, i have two networks one is 192.168.1.* and 192.168.4.* , I have my linux pc in which samba server is running and it is in 192.168.1.12 and i have a AD server GNANA.COM in 192.168.1.14. i have shares which is having permission for only local linux users. i moved my linux pc from 192.168.1.12 to 192.168.4.12, samba server is running with the same config when it was running in 192.168.1.12 network. now i accessing cifs it shows no logon servers directly. Before in samba 4.5.15 i usually do this i will not get any errors it will list the shares available. On Thu, Jun 28, 2018 at 1:18 AM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Thu, 28 Jun 2018 00:38:23 +0530 > VigneshDhanraj G via samba <samba at lists.samba.org> wrote: > > > Hi Team, > > > > Recently upgraded samba to 4.7.8 from 4.7.15 > > > > My PC and was connected under router 192.168.1.x in which i have AD > > server. now i moved the PC to another network 192.168.4.x. > > > > When i am trying to access the cifs it shows ERROR:Currently no logon > > servers available. > > Is your 'new' subnet in AD ? > > Can I suggest you try this smb.conf: > > [Global] > Workgroup = GNANA > realm = GNANA.COM > security = ADS > server string= LenovoEMC~D px4-400d > > kerberos method= secrets and keytab > > idmap config * : backend = tdb > idmap config * : range = 5000-9999 > idmap config GNANA : backend = rid > idmap config GNANA : range = 10000000-19999999 > > name resolve order= wins host bcast lmhosts > dns proxy= no > inherit acls= yes > winbind offline logon= true > template shell= /bin/sh > map to guest= Bad User > printcap name= lpstat > ntlm auth= Yes > > It is basically yours, but without all the default lines and 'idmap > config' set up correctly. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Apparently Analagous Threads
- Not Able to access cifs when AD connected to different network
- Not Able to access cifs when AD connected to different network
- In mac guest user is not working when AD connected - samba 4.9.3
- In mac guest user is not working when AD connected - samba 4.9.3
- In mac guest user is not working when AD connected - samba 4.9.3