Displaying 8 results from an estimated 8 matches for "sam_failtrusts".
2020 Sep 03
2
Cross-domain share access via same user+password doesn't work anymore
...t it just works):
map untrusted to domain = No
This option is no longer available in the new samba.
Another suggested solution, also not available in the new samba:
As a workaround the following option can be set on all Samba AD/DCs of
the domain:
auth methods = anonymous sam winbind_rodc sam_failtrusts
sam_ignoredomain
Is there any way I can get this work with the new version or am I forced
to compile 3.x to get this feature back?
2018 Jan 22
2
RODC and LDAP via Simple Authentication fails
Am 22.01.2018 um 21:39 schrieb Andrew Bartlett:
> On Mon, 2018-01-22 at 21:30 +0100, Johannes Engel via samba wrote:
>> [2018/01/22 21:15:50.022197, 2]
>> ../source4/auth/ntlm/auth.c:475(auth_check_password_recv)
>> auth_check_password_recv: sam_failtrusts authentication for user
>> [MYDOMAIN\ldap] FAILED with error NT_STATUS_NO_TRUST_LSA_SECRET,
>> authoritative=1
> Hmm. Are you sure the RODC's join to the domain is all OK?
Certainly to me it looks ok:
Finding a writeable DC for domain 'my.domain.com'
Found DC dc.my.doma...
2018 Jan 22
2
RODC and LDAP via Simple Authentication fails
...bcli/nbt/lmhosts.c:184(resolve_lmhosts_file_as_sockaddr)
resolve_lmhosts: Attempting lmhosts lookup for name
ef201f76-caaa-40b7-9ff2-41b4790dcf4d._msdcs.my.domain.com<0x20>
[2018/01/22 21:15:50.022197, 2]
../source4/auth/ntlm/auth.c:475(auth_check_password_recv)
auth_check_password_recv: sam_failtrusts authentication for user
[MYDOMAIN\ldap] FAILED with error NT_STATUS_NO_TRUST_LSA_SECRET,
authoritative=1
[2018/01/22 21:15:50.026733, 2]
../auth/auth_log.c:760(log_authentication_event_human_readable)
Auth: [LDAP,simple bind] user
[(null)]\[cn=LDAP,cn=Users,dc=my,dc=domain,dc=com] at [Mon, 22 Ja...
2018 Jan 23
0
RODC and LDAP via Simple Authentication fails
...rote:
> Am 22.01.2018 um 21:39 schrieb Andrew Bartlett:
> > On Mon, 2018-01-22 at 21:30 +0100, Johannes Engel via samba wrote:
> > > [2018/01/22 21:15:50.022197, 2]
> > > ../source4/auth/ntlm/auth.c:475(auth_check_password_recv)
> > > auth_check_password_recv: sam_failtrusts authentication for user
> > > [MYDOMAIN\ldap] FAILED with error NT_STATUS_NO_TRUST_LSA_SECRET,
> > > authoritative=1
> >
> > Hmm. Are you sure the RODC's join to the domain is all OK?
>
> Certainly to me it looks ok:
..
> Any thoughts?
> Best regar...
2020 Sep 03
0
Cross-domain share access via same user+password doesn't work anymore
...= No
>
> This option is no longer available in the new samba.
>
>
> Another suggested solution, also not available in the new samba:
>
> As a workaround the following option can be set on all Samba AD/DCs of
> the domain:
>
> ?auth methods = anonymous sam winbind_rodc sam_failtrusts
> sam_ignoredomain
>
>
> Is there any way I can get this work with the new version or am I
> forced to compile 3.x to get this feature back?
>
>
I don't think that is your problem, it is more likely to be the
password, try adding these lines:
lanman auth = Yes
client la...
2017 Dec 29
0
samba NT4 domain trusting samba AD domain: ephimeral
...sword_send)
auth_check_password_send: Checking password for unmapped user
[TRUSTING]\[ABNORMAL$]@[ABNORMAL]
auth_check_password_send: user is: [TRUSTING]\[ABNORMAL$]@[ABNORMAL]
[2017/12/29 12:02:33.092876, 2]
../source4/auth/ntlm/auth.c:475(auth_check_password_recv)
auth_check_password_recv: sam_failtrusts authentication for user
[TRUSTING\ABNORMAL$] FAILED with error NT_STATUS_NO_TRUST_LSA_SECRET,
authoritative=1
[2017/12/29 12:02:33.093003, 2]
../auth/auth_log.c:760(log_authentication_event_human_readable)
Auth: [SMB2,NTLMSSP] user [TRUSTING]\[ABNORMAL$] at [ven, 29 dic 2017
12:02:33.092978 CET]...
2020 Sep 05
2
Cross-domain share access via same user+password doesn't work anymore
...ger available in the new samba.
>>
>>
>> Another suggested solution, also not available in the new samba:
>>
>> As a workaround the following option can be set on all Samba AD/DCs of
>> the domain:
>>
>> ?auth methods = anonymous sam winbind_rodc sam_failtrusts
>> sam_ignoredomain
>>
>>
>> Is there any way I can get this work with the new version or am I
>> forced to compile 3.x to get this feature back?
>>
>>
> I don't think that is your problem, it is more likely to be the
> password, try adding...
2018 Jan 22
2
RODC and LDAP via Simple Authentication fails
Hi Andrew,
I am deeply impressed by your speed! :D
The RODC is actually Samba 4.7.4, the other DCs are still on 4.6.12.
Any suggestion how I can debug this w/o setting everything on level 10? ;)
Best regards
Johannes
Am 22.01.2018 um 20:45 schrieb Andrew Bartlett:
> On Mon, 2018-01-22 at 20:36 +0100, Johannes Engel via samba wrote:
>> Dear all,
>>
>> setting up a DMZ