similar to: SAMBA 4 DC and Smartcard authentication

> > Hi friends, > I need your help. > > I implemented > https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login > > https://docs.microsoft.com/en-us/troubleshoot/windows-server/windows-security/enabling-smart-card-logon-third-party-certification-authorities > enabling smart card logon on a Windows Server 2016 as a domain member of > Samba DC. > > Currently I

Hi I got some strange issues on my samba4.0.1 install yesterday. It happened a while after updating my xubuntu server 13.04 not 13.10. Everything seems to be working fine except shares. Kerberos authentication seem to function properly, also DNS works fine but shares seem semi-broken. I can't mount any shares on my Windows box, including netlogon, profiles. I have one share that is

Hi, I have a problem with samba / winbind PAM authentication. Domain controller is samba4, machines users log on to via PAM are samba 3.6 (all of them ubuntu 12.04 LTS). The whole user authentication was working already, but after a reboot it somehow broke. Additional reboots don't help. The funny thing is that all logs look quite OK to me (except for the single line saying

> I do not understand why you are doing this, for kerberos to work correctly, you need to be able to find everything easily and everything must be using the same time. So, you need kerberos, a dns server and an ntp server and if you want more than authentication, you need a fileserver. OH look, I just described Active Directory ? Not saying you cannot get this setup to work, but why are

Hi, winbind mantains a mapping to UID's and GID's in fixed ranges, but what happens if that range is fully filled? How I can depure the winbind mapping, I mean, the users deleted on the PDC (non samba maybe) must be removed from the winbind mapping, how I can do that? is that functionality implemented? if not, what do you suggest to me (without using AD)? Saludos, Nahuel Greco.

Hi, Some users can't logon to their workstation if the session is negotiating with samba domain controller, the password is requested again and again. Samba is joined as a Domain Controller in a windows domain controllers. The users' s computers are joined also to the domain. But for some users the kerberos ticket is failing. Samba version 4.1.15 - Debian 7.8 Samba debug logs, level 3:

Hi everyone After almost 2 days up-time with Samba 4, it failed again. This time it simply will not restart. The krb5.conf had got corrupted. I replaced it with this one from /usr/local/samba/private /etc/krb5.conf [libdefaults] default_realm = HH3.SITE dns_lookup_realm = false dns_lookup_kdc = true It starts up OK: samba -i -d 3 lpcfg_load: refreshing parameters from

Hello, We are trying to setup a SAMBA-Server with users that have empty passwords. We are using: Samba 4.0.8 Kernel 3.10.5 Slackware 14.0 x64 When we set a password the login successes! That's what we get when trying to login: [2013/08/07 13:31:46, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: AS-REQ media1 at BC from ipv4:10.0.99.100:62078 for

Samba 4.0.6 git both DC and fileserver with openSUSE 12.3 clients Hi I'm trying to debug why logins to Linux clients are sometimes slow. Here is a login with the user steve2 requesting his (automounted) home folder: ] Kerberos: TGS-REQ authtime: 2013-05-01T20:57:27 starttime: 2013-05-01T20:57:27 endtime: 2013-05-02T06:57:27 renew till: 2013-05-02T20:57:25 Kerberos: AS-REQ steve2 at HH3.SITE

Am Montag, 12. Februar 2007 14:43 schrieb paul: > Mag. Leonhard Landrock schrieb: > > *) Start a virtual machine with WinXP SP2 and trying to join the domain > > LEOSENDE.FUN. > > > > The last point (joining the domain) doesn't work. I try the username > > Administrator and the passwort as set with "./setup/provision" but it > > doesn't

Hello thanks again for the help ! I have analysed samba logs more closely. I'am very worried. I have three DC (fichdc, fichds01, fichds02) but here I talk just about fichdc's logs. -> Almost every times, "AS-REQ" fail for the 3 DCs with something like this : ---------------- Kerberos: AS-REQ FICHDC$@NET.LYC-GUILLAUME-FICHET.AC-GRENOBLE.FR from ipv4:172.16.0.20:59818 for

Hi, I continue setting up my FreeBSD 11.0 machine with Samba 4.4.9 built from sources. (Actually, OS type and Samba version don't matter so much, as I have the same problem with Debian Jessie and Samba 4.5.5) I followed the Wiki very close. Some details from provisioning: ... Realm [RW.LAN]: Domain [RW]: Server Role (dc, member, standalone) [dc]: DNS backend (SAMBA_INTERNAL,

cifs-utils-5.6 samba Version 4.0.0rc3 openSUSE 12.2 LAN of XP, w7 and Linux clients under Samba4 DC and s3fs fileserver Hi I am testing the possibility of migrating from nfs to cifs to serve our Linux clients. Currently we mount the samba shares, e.g. the home directory, using nfs. The test setup is that instead of: mount -t nfs hh1:/home2 /home2 -osec=rw,krb5 I changed to: mount -t cifs

Hi All, We have a mixed environment running with Windows and Linux with samba as the domain controller.  Smart card login is configured and working properly with pkinit and certs, etc (https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login) though I don't think this is related. A handful of Windows clients are regularly getting their accounts locked during what seems to be a

After a user changes their password (CTRL-ALT-DEL) in our Samba 4 domain (4.1.12) they lose access to any stored passwords on their Windows PC. I've set the log level in smb.conf to 4 and enabled the GPO to record DPAPI log entries in Windows to get the below log data. My reading of the two is that the Windows PC believes it is failing to reset the access to its DPAPI store (where the saved

Ive seen something simular here. Does this happen if you try to connect to a PC where you already are logged in. If yes, logout, test again. If no, reboot the pc and test again. What is the exact message you see. (optinal PM me the print screen) I do/did get some 0x... Message when trying to login on first attempt. The second always worked for me. And lookup the windows events. Or are

Hello I've migrated a samba 3 server to a samba 4 (.all the tests mentioned in this howto are succesfull) .But i can't open a session with a workstation on samba4 domain : approbation problem. The workstation name which can't connect is "admin-pc" Any idea ? *Here are the logs of log.samba * Kerberos: Looking for ENC-TS pa-data -- *admin-pc$@SC* [2012/12/06 12:50:59,

Hi, Did you find any solution? I am facing exactly the same scenario. -CentOS 6.7 -Samba Version 4.4.3 -BIND_DLZ 9.9.8 Some workstations suddenly are unable to login, unless I reboot or rejoin the domain. The only odd event I see in the client is the one already said: Log Name: System Source: Microsoft-Windows-Security-Kerberos Event ID: 4 Task Category:

I am soo lost trying to get Samba AD 4.7.5 as a Kerberos source for NFSv4. The NFS server is the Samba AD server running Ubuntu Server 16.0.4.3 and the client is Linux Mint 18.3 This export WORKS and mounts on client ########## /etc/exports ########## /mnt/fileshare         *(rw,no_subtree_check,async) ############################ This export DOES NOT ########## /etc/exports ##########

Hello. Samba 4.1.0pre1-GIT-aad669b, joined as a DC to an existing domain. Windows 7 machines may fail to get a ticket: [2012/10/03 09:31:54, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: AS-REQ con-11$@KLIN.KIFATO-MK.COM from ipv4:192.168.1.138:49682 for krbtgt/KLIN.KIFATO-MK.COM at KLIN.KIFATO-MK.COM [2012/10/03 09:31:54, 3]