Displaying 20 results from an estimated 10000 matches similar to: "Winbind user authentication (-a) fails, but kerberos authentication succeeds"
2019 Jun 19
2
Fwd: Re: Fwd: Re: Fwd: Re: Kerberos and NTLMv2 authentication
So I re run the test with domain users gid 14513
Still not working (sssd stopped, nsswitch.cnf with? "files winbind" for
passwd group, # net cache flush + restart winbindd smb)
On the samba server :
# wbinfo -i MYDOMAIN\usertest
MYDOMAIN\usertest:*:10430:*14513*:user TEST:/home/usertest:/bin/bash
In log, I have :
myw7worstation.log
/[2019/06/19 12:04:29.496822,? 1]
2019 Jun 19
2
Fwd: Re: Fwd: Re: Fwd: Re: Kerberos and NTLMv2 authentication
The 2 commands works :
# getent passwd MYDOMAIN\\usertest
MYDOMAIN\\usertest:*:10430:14513:user TEST:/home/usertest:/bin/bash
# getent group MYDOMAIN\\"Utilisateurs du domaine"
MYDOMAIN\utilisateurs du domaine:x:14513:
I have to put "Utilisateurs du domaine" instead of Domain\ Users because
the Windows AD is a french AD.
Le 19/06/2019 ? 12:32, Rowland penny via samba a
2009 Sep 28
1
Unix Kerberos authentication - how?
Hi,
I managed to set up a Samba server that accepts Kerberos 5 TGTs via
SPNEGO/GSSAPI for login. However, when I don't have a TGT it fails for
Unix clients. It asks for username/password for Windows clients and then
fails trying to do NTLMv2 authentication.
How can I set up a Samba server that asks for username/password and
then uses a Unix Kerberos KDC (Heimdal v. 1.2 in my case) for
2019 Jun 18
2
Fwd: Re: Fwd: Re: Fwd: Re: Kerberos and NTLMv2 authentication
Is it possible to make start DOMAIN range from 500 instead of 10000 ?
I realized that all my gid are in range 500 to 600 and not in range
10000 - 14999
I thought? DOMAIN range 10000 - 14999 was reserved for DOMAIN users
-------- Message transf?r? --------
Sujet?: Re: [Samba] Fwd: Re: Fwd: Re: Kerberos and NTLMv2 authentication
Date?: Tue, 18 Jun 2019 16:25:39 -0300
De?: Edouard Guign? via
2019 Jun 19
2
Fwd: Re: Fwd: Re: Fwd: Re: Kerberos and NTLMv2 authentication
Hello,
I performed a test in order to get access to my samba share with
winbindd (and not sssd).
For that,
1. I change the gid of domain users from 513 to 15513 (to match with the
domain range 10000 - 14999)
And verify my test user is part of 15513
2. Stop sssd and change nsswitch.conf like this :
/passwd:???? files winbind//
//shadow:???? files//
//group:????? files //winbind//
/
3.
2015 Apr 24
1
smbclient: tree connect failed, but smbclient -L succeeds
I can successfully run a list command with -L :
>
> smbclient -A ~/.smbauth -L //172.21.4.45
I get a nice list of shares including C$
But a connect command like this one fails:
> smbclient -A ~/.smbauth //172.21.4.45/C$
I get
> Domain=[MC] OS=[Windows Server 2003 3790 Service Pack 2] Server=[Windows
> Server 2003 5.2]
> tree connect failed: NT_STATUS_ACCESS_DENIED"
2005 Apr 04
4
NT_STATUS_ACCESS_DENIED with winbindd authentication
Hi,
We're running a print server having the following specifications:
Samba 3.0.11
Suse 9.1
Kernel 2.6.5-7.108 kernel
A few days back none of the users were able to log onto the print
server. The debug 10 logs show the following lines:
[2005/03/29 11:21:05, 5] auth/auth.c:check_ntlm_password(271)
check_ntlm_password: winbind authentication for user [**user-name**]
FAILED with error
2006 May 19
2
net rpc join fails the first time but succeeds the second
Hi.
I'm having some trouble when trying to join a SAMBA machine, acting as
a member server, to a NT-style domain server managed by a SAMBA PDC
using an LDAP back-end. Both machines are running samba-3.0.10-1.4E.6
on Red Hat Enterprise Linux 4.1 Update 3 for AMD64.
When trying to add the member server to the domain, it fails with an
error message. However, if I try to add it again, the
2005 Jan 14
1
NT_STATUS_ACCESS_DENIED with ADS + Kerberos
I'm trying to setup Samba in ADS security mode so I can run winbind for
NSS and Kerberos for user authentication, chiefly for shell accounts for
developers. These hosts will not provide any file or printer services,
at least in the near-term.
My hosts are CentOS 3 (a free RHEL3 clone) and my ADS servers are Windows 2000
(not 2003), in hybid mode. I am using stock RPMs for both Kerberos and
2018 Nov 06
2
Samba CIFS Mounts with Kerberos Security: Write Access denied
Hi all,
I am testing different setups for Samba home share mounts via the
CIFS protocol on Linux clients with and without Keberos security (both
krb5 and krb5i). I am experiencing some strange behaviour in case of
Kerberos authentication:
In case of mounts (by root or the user itself) without Kerberos security (only
NTLMv2 authentication), local root and the owning user on the Linux client
2019 Jun 19
0
Fwd: Re: Fwd: Re: Fwd: Re: Kerberos and NTLMv2 authentication
On 19/06/2019 16:16, Edouard Guign? via samba wrote:
> So I re run the test with domain users gid 14513
>
> Still not working (sssd stopped, nsswitch.cnf with? "files winbind"
> for passwd group, # net cache flush + restart winbindd smb)
>
> On the samba server :
> # wbinfo -i MYDOMAIN\usertest
> MYDOMAIN\usertest:*:10430:*14513*:user
2006 Mar 14
3
Daily changetrustpw breaks authentication
Samba 3.0.21b
The Samba docs indicate [0] we should be running changetrustpw [1] at some
point (cron.daily) to update a machines trust account.
However, I've seen multiple instances with 2 seperate AD environments
where this breaks our ability to enumerate/authenticate with the domain.
In both instances, we see something similar to the following in the
winbind logs:
(ntlm_auth):
2005 Apr 27
4
winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
Hello,
Specifications of the environment:
Samba 3.0.13 running on Solaris 8. This is configured as a domain member of a NT4 style PDC. The smb.conf file is provided for details.
Problem definition:
When trying to access the Samba server from a windows machine through network neighborhood, the system challenges the user for their credentials. On providing the username/password the system rejects
2014 Jun 06
2
Samba share authentication using SSSD
Hi,
Here is my desired configuration:
An external LDAP server, Samba 4.1.8 (not configured as a member server
or as a domain controller), and SSSD configured with the external LDAP
server. Authentication locally and via ssh works fine using pam_sss.so.
When attempting to authenticate a share on windows using an LDAP users
credentials, the request fails with NT_STATUS_ACCESS_DENIED. I'd like
2017 Apr 04
4
Samba file sharing with AD authentication doesn't work on some boxes
I have a few RHEL7 boxes, all of them are members in MS Win domain using
SSSD. All of these linuxes run Samba for file sharing with the same config.
Usually it works nice, but from time to time users cannot map Samba
folders, with the following message in the log:
[2017/03/07 14:58:27.050493, 0]
../source3/auth/auth_domain.c:121(connect_to_domain_password_server)
2015 Apr 17
2
user authentication issue
Hey Samba list,
First a brief comment regarding my background and situation. This is my
first time posting to this list. I've been asked to resolve a Samba
authentication issue, but I have next to no experience using Samba.
Unfortunately no one else here knows how to use it either; we're operating
with an inherited environment from a sysadmin who left minimal
documentation, and we have
2003 Feb 24
2
problem configuring smbd for domain authentication
Hello everyone, I am trying to configure a Samba 2.2 server to allow users to mount their home
directories (stored on a UNIX filesystem) from Windows after authenticating against a Windows 2000
Domain Controller.
The Samba server is 2.2.3a compiled with acl support on Solaris 8. I think I am experiencing some (hopefully)
basic configuration issues and can't seem to get it to work. I
2005 Apr 26
1
Authentication failure when accessing Samba server in a NT domain
Hello Samba Gurus,
I have configured my Samba install to be a domain member of a NT4-Style domain. The version of samba used is 3.0.13. The domain joining process worked fine (net rpc join). An excerpt of smb.conf is provided at the end for reference.
The problem is that when users access this server, they are challenged for the username password. I was of the impression that this process would
2018 Apr 02
2
Samba Domain server authentication
Hi,
We're having issues accessing shares from our Samba file server.
If we try to access the share from a domain joined Windows machine, it
prompts with enter username and password. If we supply the domain password
it fails. The error that we get is the following.
Failed to find a Unix account for peteruser 'lin\aadamson' (from session
setup) not permitted to access this share (data)
2006 Dec 27
1
cant authenticate Samba -> AD trying to map to shares on samba server
I have read through previous posts but still cant connect to samba shares - any help much appreciated.
Running Samba 3.0.10-1 on fedora Core 2. Dont know anything about AD as it's looked after by the big boys and they wont share their secrets with the linux team. I do know the server I need to authenticate with is acting as some sort of time server so I assume that is not an issue.