jacek burghardt
2023-Dec-13 17:23 UTC
[Samba] samba fails to connect to windows file share joined to domain
1. Do you want to setup a domaincontroller, fileserver or a client The usage case is for client connecting to windows shares. 2. If you want to setup a fileserver or client tell us if you joined to the domain "net ads testjoin" is showing this. Join to domain is not valid: LDAP_INVALID_CREDENTIALS 3. Did you change your smb.conf to define your role DC or filserver or client. At the moment it's a little bit from everything. What is proper config for a client ? On Wed, Dec 13, 2023 at 9:39?AM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Wed, 13 Dec 2023 08:44:48 -0700 > jacek burghardt via samba <samba at lists.samba.org> wrote: > > > I see this in logs what is causing it ? > > > > [2023/12/13 07:38:25.104382, 1] > > ../../source3/winbindd/winbindd_util.c:772(wbd_ping_dc_done) > > > > wbd_ping_dc_done: dcerpc_wbint_PingDc_recv failed for domain: HEBE - > > NT_STATUS_LOGON_FAILURE > > > > [2023/12/13 07:38:55.142864, 1] > > ../../source3/winbindd/winbindd_util.c:772(wbd_ping_dc_done) > > > > wbd_ping_dc_done: dcerpc_wbint_PingDc_recv failed for domain: HEBE - > > NT_STATUS_LOGON_FAILURE > > > > [2023/12/13 07:39:25.152964, 1] > > ../../source3/winbindd/winbindd_util.c:772(wbd_ping_dc_done) > > > > wbd_ping_dc_done: dcerpc_wbint_PingDc_recv failed for domain: HEBE - > > NT_STATUS_LOGON_FAILURE > > > > [2023/12/13 07:39:55.130647, 1] > > ../../source3/winbindd/winbindd_util.c:772(wbd_ping_dc_done) > > > > wbd_ping_dc_done: dcerpc_wbint_PingDc_recv failed for domain: HEBE - > > NT_STATUS_LOGON_FAILURE > > > > [2023/12/13 07:40:25.150802, 1] > > ../../source3/winbindd/winbindd_util.c:772(wbd_ping_dc_done) > > > > wbd_ping_dc_done: dcerpc_wbint_PingDc_recv failed for domain: HEBE - > > NT_STATUS_LOGON_FAILURE > > > > [2023/12/13 07:40:55.162914, 1] > > ../../source3/winbindd/winbindd_util.c:772(wbd_ping_dc_done) > > > > On Tue, Dec 12, 2023 at 11:51?AM Rowland Penny via samba < > > samba at lists.samba.org> wrote: > > > > Excuse me, but would you mind answering the questions that have been > asked of you. At the moment, I haven't a clue just what you are > running, or how you are running it. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Rowland Penny
2023-Dec-13 18:07 UTC
[Samba] samba fails to connect to windows file share joined to domain
On Wed, 13 Dec 2023 10:23:27 -0700 jacek burghardt via samba <samba at lists.samba.org> wrote:> 1. Do you want to setup a domaincontroller, fileserver or a client > The usage case is for client connecting to windows shares.OK, in which case your existing smb.conf requires a total re-write.> 2. If you want to setup a fileserver or client tell us if you joined > to the domain "net ads testjoin" is showing this. > Join to domain is not valid: LDAP_INVALID_CREDENTIALSThis could be for several reasons, your existing smb.conf isn't allowing the join, or you just haven't joined the domain, for instance.> 3. Did you change your smb.conf to define your role DC or filserver or > client. At the moment it's a little bit from everything. > What is proper config for a client ?Based on what you posted, try this one: [global] workgroup = HEBE security = ADS realm = HEBE.US winbind use default domain = Yes winbind refresh tickets = yes winbind offline logon = yes dns proxy = no idmap config * : backend = tdb idmap config * : range = 3000-7999 idmap config HEBE : backend = rid idmap config HEBE : range = 10000-20000 template shell = /bin/bash vfs objects = acl_xattr shadow_copy2 map acl inherit = Yes printcap name = /dev/null load printers = no disable spoolss = yes printing = bsd log level = 3 max log size = 50 log file = /var/log/samba/log.%m ntlm auth = mschapv2-and-ntlmv2-only There are no shares shown, because the only shares you did show 'sysvol' & 'netlogon' shouldn't be on a fileserver. Stop any Samba daemons, then run: sudo net ads join -UAdministrator Enter the Administrator password when prompted. Once the join has succeeded, start the Samba daemons. Rowland