Displaying 20 results from an estimated 2000 matches similar to: "Samba4 Kerberos & Oracle"
2015 Mar 03
0
Oracle 11 nts authentication againts samba4 AD DC
Hi again. I apologize for my vague previous question. After some
investigation I can be much more precise in my consult. Furthermore, I
think I found a bug...
Context:
-Samba4 AD DC working fine with many user and machine accouns.
-Windows7 client trying to connect via sqlplus to an oracle database
residing in a Windows2008 server. Both machines are in the domain.
-Server database is using
2015 Mar 05
2
Oracle 11 nts authentication againts samba4 AD DC
On 03/03/15 09:56, Izan D?ez S?nchez wrote:
> Hi again. I apologize for my vague previous question. After some
> investigation I can be much more precise in my consult. Furthermore, I
> think I found a bug...
>
> Context:
> -Samba4 AD DC working fine with many user and machine accouns.
> -Windows7 client trying to connect via sqlplus to an oracle database
> residing in a
2014 Nov 10
0
User's DPAPI/backupkey protected data lost when changing domain password
After a user changes their password (CTRL-ALT-DEL) in our Samba 4 domain
(4.1.12) they lose access to any stored passwords on their Windows PC.
I've set the log level in smb.conf to 4 and enabled the GPO to record DPAPI
log entries in Windows to get the below log data.
My reading of the two is that the Windows PC believes it is failing to reset
the access to its DPAPI store (where the saved
2013 Aug 28
1
Problem with nslcd and samba
Hi,
I try to use nslcd with samba 4 for get suers and group for AD.
if I do a ldapsearch, I have a message :
Server not in kerberos database
if I do a getent passwd, nslcd display same error message.
log of samba4:
[2013/08/28 10:15:47, 3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: TGS-REQ Administrator at CORMANDOM.INT-CORMAN.BE from
2015 Jul 01
3
strange: 20 characters max in samAccountName
Hi all,
Sernet Samba 4.2.2 as Active Directory on Debian 7.8. No other DC.
I can't log in with on Windows systems (Windows 7) when samAccountName are
longer than 20 characters. This seems to be a LAN MAN or NT4 limitation
which should not happen on AD domain.
Any idea what could leads my to that limitation?
I can log in using administrator account or any other having a short
(enough)
2017 Mar 18
0
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
After reviewing logs I found that my previous assumption was wrong.
Situation: - i'm trying to start live migration from hyper-v host A
(BMSRV4-HYPERV) to hyper-v host B (BM-SRV-5) from host B (logged in as
user from DOMAIN ADMINS group).
Kerberos constrained delegation is set in accordnance to microsoft
instructions with proper SPN's set (well, proper as in with the
workaround I
2018 Apr 03
0
Renaming a joined windows workstation
Hi all.
I'm experiencing a little problem when I rename an already joined windows
machine. The rename operation is done in the traditional way "Computer
properties> advanced settings> Computer name> change" in a windows 7
Machine. The rename itself finishes successful, but when I check the
computer name in the ADUC, the old name is still displayed. Checking the
object
2012 Dec 02
1
samba / winbind user authentication problem
Hi,
I have a problem with samba / winbind PAM authentication. Domain
controller is samba4, machines users log on to via PAM are samba 3.6
(all of them ubuntu 12.04 LTS). The whole user authentication was
working already, but after a reboot it somehow broke. Additional reboots
don't help.
The funny thing is that all logs look quite OK to me (except for the
single line saying
2017 Mar 18
2
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
I made some progress with the issue, but didn't solve it completely
It's basically a kind of bug (i'm not sure if it's on kerberos side or
samba, I think samba is the culprit here (?).
Microsoft uses kind of weird SPN for Hyper-V. Weird as there are
"spaces" in the string - which is kind of unique as far as SPN's go,
usually SPN form a complete string.
So I kind
2013 Oct 18
0
Identity change between pkinit and TGS
Hi,
I'm trying to setup the following configuration but encounter a problem.
I'm not sure if it's a normal behavior for samba 4.
I have a smartcard provided with a user principal name looking like
serial_number at domain. The serial number is in the form of
0000-0000-0000-0000. The domain, let's say "upn.example.com", doesn't
match my Samba Realm, that would be
2018 Mar 04
1
Samba AD + Kerbero + NFS "Client no longer in database"
I am soo lost trying to get Samba AD 4.7.5 as a Kerberos source for
NFSv4. The NFS server is the Samba AD server running Ubuntu Server
16.0.4.3 and the client is Linux Mint 18.3
This export WORKS and mounts on client
########## /etc/exports ##########
/mnt/fileshare *(rw,no_subtree_check,async)
############################
This export DOES NOT
########## /etc/exports ##########
2016 Jun 24
0
Login not possible / machine account issues
Hi,
Did you find any solution?
I am facing exactly the same scenario.
-CentOS 6.7
-Samba Version 4.4.3
-BIND_DLZ 9.9.8
Some workstations suddenly are unable to login, unless I reboot or rejoin
the domain. The only odd event I see in the client is the one already said:
Log Name: System
Source: Microsoft-Windows-Security-Kerberos
Event ID: 4
Task Category:
2017 Mar 19
1
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
Hello,
This won't be a very helpful reply, but I can confirm I've had the exact same issue. I ran into this a few years ago and could not get HyperV migrations to work with a Samba DC. I even went so far as to install a Windows DC just to prove to myself that it is supposed to work, and it does, perfectly (with ADDC it even creates all the SPNs for you auto-magically).
Unfortunately at
2016 Aug 22
1
Upgrade 4.2.14 --> 4.3.11
Hi,
I had Samba 4.2.14 working as AD DC with shares. After upgrade to version 4.3.11 AD DC authentication, ADUC, etc, stopped working. Shares still work fine.
OS. Oracle Linux 6.x with UEK, uptodate. Samba compiled from source.
Upgrade procedure (nothing special):
./configure --enable-selftest
make
make install
Testparm output:
# Global parameters
[global]
workgroup = EXAMPLE
realm =
2017 May 17
3
Samba AD DNS problem
Hello there.
I have a setup with Samba AD and a Named backend.
Everything has been working fine, until a few days ago, I cannot start the DNS snap-in from windows. I get a dialog box saying
"Access was denied. Would you like to add it anyway?"
If I enable level 3 debugging in the samba.conf, I get the following:
[2017/05/11 07:25:30.413481, 3]
2013 Nov 04
1
Running SQL Server xp_logininfo with Samba PDC
We have setup Samba 4.1 as a PDC. We have successfully connected several
Windows 2008 Servers to the domain and created various users/groups.
During an application installation on the Windows server, it runs the
command in SQL server:
master..xp_logininfo 'MYDOMAIN\useraccount'
SQLserver is running as a service user created on the domain (here called
MYDOMAIN)
This returns:
Msg
2016 Jul 05
0
Login not possible / machine account issues
>>This can occur when the target server principal name (SPN) is registered >>on an account other than the account the target service is using.
Hmm, multiple computers with the same serial cause these things.
So first make sure this computers serial isnt used before.
Or 2 computers with the same name in the netwerk, happens with not syspreped computers.
Keep an eye on your samba
2015 May 27
1
check password script for samba 4 ad dc
I would like to bump my question
2015-05-27 10:21 GMT+03:00 Krutskikh Ivan <stein.hak at gmail.com>:
> Hmm, looks like it's not. I've just set the password for something that
> cracklib-check would argue using both ad management tools and at windows
> login. Should it work that way or I'm missing something?
>
> My dc's smb.conf:
>
> [global]
>
2016 Jul 17
1
Winbindd segfaults with bind9-dlz trying to login via libwinbind-pam
Hello,
I just found and odd behaviour here on my test environment (debian
jessie with samba 4.4.5 backported from sid).
I create and ad-dc as usual, adjust nsswitch.conf and enable
pam-auth-winbind (ruuning pam-auth-update). I also define /bin/bash as
template shell.
Now after i create an samba-user and the users home directory
(/home/DOMAIN/achim).
I can login with that account on the
2015 May 27
0
check password script for samba 4 ad dc
Hmm, looks like it's not. I've just set the password for something that
cracklib-check would argue using both ad management tools and at windows
login. Should it work that way or I'm missing something?
My dc's smb.conf:
[global]
workgroup = KURSK
realm = KURSK.MTT
netbios name = DEBIAN-DC
server role = active directory domain controller