Displaying 4 results from an estimated 4 matches for "qwertz12345".
2020 Oct 14
2
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
...name) works and refers to
the sAMAccountName.
"uid=3000(tim-sam) gid=3000(domain users) groups=3000(domain
users),3001(storage-users),1000001(BUILTIN\users).
"login tim-upn" works, "ssh tim-upn at localhost", too.? Also: "smbclient
-L //localhost -W ADTEST -U tim-sam%Qwertz12345" works, but "smbclient
-L //localhost -W ADTEST -U tim-upn%Qwertz12345" doesn't.
Still confused.
> This matches my direct observations. Also sssd has many options for
> tuning that get *thrown out* with any security update of the software,
> they are flushed by any run...
2020 Oct 14
0
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
...e sAMAccountName.
>
> "uid=3000(tim-sam) gid=3000(domain users) groups=3000(domain
> users),3001(storage-users),1000001(BUILTIN\users).
>
> "login tim-upn" works, "ssh tim-upn at localhost", too.? Also: "smbclient
> -L //localhost -W ADTEST -U tim-sam%Qwertz12345" works, but "smbclient
> -L //localhost -W ADTEST -U tim-upn%Qwertz12345" doesn't.
>
> Still confused.
>
So am I, '3000' for Domain Users and '1000001' for BUILTIN\users. Might
help if you post the smb.conf you are using.
Rowland
2020 Oct 13
2
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
On 13/10/2020 15:01, Markus Jansen via samba wrote:
> Thank you very much for your hints.
>
> I got rid of SSSD and managed to get a successful kerberos
> authentication via wbinfo -K and the UPN.
>
> But accessing via SMB (using MAC OS' smbutil or Finder) still fails with
> "FAILED with error NT_STATUS_NO_SUCH_USER".
>
> As I'm using CentOS 8, I used
2020 Oct 15
1
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
...t;
>> "uid=3000(tim-sam) gid=3000(domain users) groups=3000(domain
>> users),3001(storage-users),1000001(BUILTIN\users).
>>
>> "login tim-upn" works, "ssh tim-upn at localhost", too.? Also: "smbclient
>> -L //localhost -W ADTEST -U tim-sam%Qwertz12345" works, but "smbclient
>> -L //localhost -W ADTEST -U tim-upn%Qwertz12345" doesn't.
>>
>> Still confused.
>>
> So am I, '3000' for Domain Users and '1000001' for BUILTIN\users.
> Might help if you post the smb.conf you are using.
>...