Displaying 11 results from an estimated 11 matches for "mwllc".
2015 Apr 22
7
Cannot authenticate the administrator account
...ost/netlogon -U Administrator -c 'ls'
echo "Kerberos Authentication"
echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
kdestroy
[root at a10 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search conpago.mwllc.info
nameserver 75.75.76.76
nameserver 75.75.75.75
[root at a10 etc]# cat krb5.conf
[libdefaults]
??? default_realm = MWLLC.INFO
??? dns_lookup_realm = false
??? dns_lookup_kdc = true
[root at a10 etc]# SETFQDN=`hostname -f`
[root at a10 etc]# echo "NT Authentication test"
NT Authentica...
2015 Apr 22
1
Cannot authenticate the administrator account
...hentication"
>> echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
>> smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
>> kdestroy
>>
>>
>> [root at a10 ~]# cat /etc/resolv.conf
>> # Generated by NetworkManager
>> search conpago.mwllc.info
>> nameserver 75.75.76.76
>> nameserver 75.75.75.75
>> [root at a10 etc]# cat krb5.conf
>> [libdefaults]
>> default_realm = MWLLC.INFO
>> dns_lookup_realm = false
>> dns_lookup_kdc = true
>>
>>
>> [root at a10 etc]# SET...
2015 Apr 22
0
Cannot authenticate the administrator account
...gt;
> echo "Kerberos Authentication"
> echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
> smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
> kdestroy
>
>
> [root at a10 ~]# cat /etc/resolv.conf
> # Generated by NetworkManager
> search conpago.mwllc.info
> nameserver 75.75.76.76
> nameserver 75.75.75.75
> [root at a10 etc]# cat krb5.conf
> [libdefaults]
> default_realm = MWLLC.INFO
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
> [root at a10 etc]# SETFQDN=`hostname -f`
> [root at a10 etc...
2015 Apr 22
0
Cannot authenticate the administrator account
...hentication"
>> echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
>> smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
>> kdestroy
>>
>>
>> [root at a10 ~]# cat /etc/resolv.conf
>> # Generated by NetworkManager
>> search conpago.mwllc.info
>> nameserver 75.75.76.76
>> nameserver 75.75.75.75
>> [root at a10 etc]# cat krb5.conf
>> [libdefaults]
>> default_realm = MWLLC.INFO
>> dns_lookup_realm = false
>> dns_lookup_kdc = true
>>
>>
>> [root at a10 etc]# SET...
2015 Apr 22
4
Cannot authenticate the administrator account
...9;s password:
session setup failed: NT_STATUS_LOGON_FAILURE
- - - - - - - - - - - - - - - - - -
I turned up the log level to 3 and found the following:
[2015/04/22 06:17:54.074716, 0]
../lib/util/util_runcmd.c:317(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: RuntimeError: kinit for A10$@MWLLC.INFO failed
(Cannot contact any KDC for requested realm)
A10 is the server hostname, CONPAGO is the domain, and MWLLC.INFO is the
realm.
-----------------------------------------
ps axf | egrep "samba|smbd|nmbd|winbindd"
886 pts/5 S+ 0:00 \_ grep -E --color=auto
samba...
2015 Apr 22
0
Cannot authenticate the administrator account
...d: NT_STATUS_LOGON_FAILURE
>
>- - - - - - - - - - - - - - - - - -
>I turned up the log level to 3 and found the following:
>
>[2015/04/22 06:17:54.074716, 0]
>../lib/util/util_runcmd.c:317(samba_runcmd_io_handler)
> /usr/sbin/samba_dnsupdate: RuntimeError: kinit for
>A10$@MWLLC.INFO failed
>(Cannot contact any KDC for requested realm)
>
>A10 is the server hostname, CONPAGO is the domain, and
>MWLLC.INFO is the
>realm.
>
>-----------------------------------------
> ps axf | egrep "samba|smbd|nmbd|winbindd"
> 886 pts/5 S+ 0:00...
2015 Apr 29
4
Cannot authenticate the administrator account
...samba.internal.example.com not found: 3(NXDOMAIN)
~]# host -t SRV _ldap._tcp.samba.example.com
Host _ldap._tcp.samba.example.com not found: 3(NXDOMAIN)
- - - - - - - - - - - - - - - - - - - - - - - -
The same results as above when tesing:
~]# host -t SRV _kerberos._udp.example.com
_kerberos._udp.mwllc.info has SRV record 0 100 88 samba.example.com.
and the other combinations report "not found: 3 (NXDOMAIN)
Did I simply provision the REALM or domain incorrectly from the start?
testparm -v output shows I provided the following:
workgroup = INTERNAL
realm = EXAMPLE.COM
netbios name = SAMBA
2015 Apr 29
0
Cannot authenticate the administrator account
...ldap._tcp.samba.example.com <http://tcp.samba.example.com> not
> found: 3(NXDOMAIN)
>
> - - - - - - - - - - - - - - - - - - - - - - - -
> The same results as above when tesing:
>
> ~]# host -t SRV _kerberos._udp.example.com <http://udp.example.com>
> _kerberos._udp.mwllc.info <http://udp.mwllc.info> has SRV record 0 100
> 88 samba.example.com <http://samba.example.com>.
>
> and the other combinations report "not found: 3 (NXDOMAIN)
>
>
> Did I simply provision the REALM or domain incorrectly from the start?
> testparm -v outpu...
2015 Apr 29
3
Cannot authenticate the administrator account
Greetings, Sketch!
>>>> workgroup = INTERNAL
>>>> realm = EXAMPLE.COM
>>>> netbios name = SAMBA
>>
>>> Looks that way to me. Your realm should include the workgroup name:
>>> INTERNAL.EXAMPLE.COM.
>>
>> Nothing is "SHOULD" as long as the settings follow basic requirements
>> (single-label NETBIOS domain name,
2015 Apr 22
2
Cannot authenticate the administrator account
On 22/04/15 17:25, Sketch wrote:
> On Wed, 22 Apr 2015, Mike wrote:
>
>> Something almost worked ----
>>
>> [root at a10 ~]# echo ${SAMBA_NT_ADMIN_PASS}| smbclient
>> //localhost/netlogon
>> -U Administrator -c 'ls'
>> Enter Administrator's password:
>> Anonymous login successful
>> Domain=[CONPAGO] OS=[Unix] Server=[Samba
2015 Apr 28
2
Cannot authenticate the administrator account
I wanted to follow up to the list in hopes it will help others with similar
configuration.
Per previous posts --
OS: CentOS 7.153
Samba: Version 4.1.17-SerNet-RedHat-11.el7
Samba provisioned to act as: AD DC following Samba Wiki: Samba AD DC HOWTO
Samba Internal DNS daemon deployed.
1. Disable selinux. Unless you have a solid understanding of how to
configure it for your environment, please