Displaying 20 results from an estimated 10000 matches similar to: "Winbindd segfaults with bind9-dlz trying to login via libwinbind-pam"
2015 Jul 01
3
strange: 20 characters max in samAccountName
Hi all,
Sernet Samba 4.2.2 as Active Directory on Debian 7.8. No other DC.
I can't log in with on Windows systems (Windows 7) when samAccountName are
longer than 20 characters. This seems to be a LAN MAN or NT4 limitation
which should not happen on AD domain.
Any idea what could leads my to that limitation?
I can log in using administrator account or any other having a short
(enough)
2016 Jul 05
1
Login not possible / machine account issues
Well, in my option, you the have found your problem.
https://technet.microsoft.com/en-us/library/cc721940(v=ws.10).aspx
3) ..... After the unique system information is removed, ....
And
https://blogs.msdn.microsoft.com/aaron_margosis/2009/11/05/machine-sids-and-domain-sids/
Says:
Mark?s point is that SIDs must be unique within the authority in which they are used. So while DEMOSYSTEM
2013 Nov 04
1
Running SQL Server xp_logininfo with Samba PDC
We have setup Samba 4.1 as a PDC. We have successfully connected several
Windows 2008 Servers to the domain and created various users/groups.
During an application installation on the Windows server, it runs the
command in SQL server:
master..xp_logininfo 'MYDOMAIN\useraccount'
SQLserver is running as a service user created on the domain (here called
MYDOMAIN)
This returns:
Msg
2018 Mar 04
1
Samba AD + Kerbero + NFS "Client no longer in database"
I am soo lost trying to get Samba AD 4.7.5 as a Kerberos source for
NFSv4. The NFS server is the Samba AD server running Ubuntu Server
16.0.4.3 and the client is Linux Mint 18.3
This export WORKS and mounts on client
########## /etc/exports ##########
/mnt/fileshare *(rw,no_subtree_check,async)
############################
This export DOES NOT
########## /etc/exports ##########
2012 Oct 03
1
Samba4 KDC Windows 7 clients may fail to get a ticket
Hello.
Samba 4.1.0pre1-GIT-aad669b, joined as a DC to an existing domain. Windows 7 machines may fail to get a ticket:
[2012/10/03 09:31:54, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: AS-REQ con-11$@KLIN.KIFATO-MK.COM from ipv4:192.168.1.138:49682 for krbtgt/KLIN.KIFATO-MK.COM at KLIN.KIFATO-MK.COM
[2012/10/03 09:31:54, 3]
2016 Oct 03
3
Samba Member NT_STATUS_NETWORK_SESSION_EXPIRED
hey,
now after observe last changes on the weekend… i have also the issue.
After 10 hours i can’t connect to the shares on my member server.
On Log of DC i found this:
[2016/10/02 20:35:45.601265, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: AS-REQ PL0024$@HQ.KONTRAST from ipv4:<member-ip>:55578 for krbtgt/HQ.KONTRAST at HQ.KONTRAST
[2016/10/02
2013 Aug 07
2
Samba 4 empty password
Hello,
We are trying to setup a SAMBA-Server with users that have empty passwords.
We are using:
Samba 4.0.8
Kernel 3.10.5
Slackware 14.0 x64
When we set a password the login successes!
That's what we get when trying to login:
[2013/08/07 13:31:46, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
Kerberos: AS-REQ media1 at BC from ipv4:10.0.99.100:62078 for
2016 Oct 04
1
Samba Member NT_STATUS_NETWORK_SESSION_EXPIRED
so i add the pam yesterday and now after 10 hours no connection to member is possible. :(
Same errors in logs i send yesterday
OLIVER WERNER
Systemadministrator
> Am 03.10.2016 um 18:54 schrieb Rowland Penny via samba <samba at lists.samba.org>:
>
> On Mon, 3 Oct 2016 17:56:07 +0200
> Oliver Werner <oliver.werner at kontrast.de <mailto:oliver.werner at
2015 Mar 19
1
Kerberos: Failed to decrypt PA-DATA
Hi,
Some users can't logon to their workstation if the session is negotiating
with samba domain controller, the password is requested again and again.
Samba is joined as a Domain Controller in a windows domain controllers. The
users' s computers are joined also to the domain. But for some users the
kerberos ticket is failing.
Samba version 4.1.15 - Debian 7.8
Samba debug logs, level 3:
2019 Apr 25
2
Win7 client error after classicupgrade from S3 to S4
Hi.
We're trying to upgrade an old NT domain to AD. It's our second upgrade, and while the first was successfull this one has raised some issues for existing Windows 7 clients.
If we disconnect the computer from the domain and join it back to the new S4 AD it works. Existing clients throws this error in Samba:
Kerberos: AS-REQ b1rd42nbtmp648$@NT4DOMAIN from ipv4:10.0.0.42:49472 for krbt
2016 Aug 22
1
Upgrade 4.2.14 --> 4.3.11
Hi,
I had Samba 4.2.14 working as AD DC with shares. After upgrade to version 4.3.11 AD DC authentication, ADUC, etc, stopped working. Shares still work fine.
OS. Oracle Linux 6.x with UEK, uptodate. Samba compiled from source.
Upgrade procedure (nothing special):
./configure --enable-selftest
make
make install
Testparm output:
# Global parameters
[global]
workgroup = EXAMPLE
realm =
2017 Mar 18
2
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
I made some progress with the issue, but didn't solve it completely
It's basically a kind of bug (i'm not sure if it's on kerberos side or
samba, I think samba is the culprit here (?).
Microsoft uses kind of weird SPN for Hyper-V. Weird as there are
"spaces" in the string - which is kind of unique as far as SPN's go,
usually SPN form a complete string.
So I kind
2015 Mar 31
4
Login not possible / machine account issues
Hi guys,
about a one or two weeks ago I've updated my samba to v4.1.7 which
might or might not relate to the problem at hand.
However lately we've seen some issues with users not able to login to
workstations (win 7). Windows servers (2008 r2 and newer) were also
affected.
Sometimes one or two reboots would solve this problems, on few
occasions I had to rejoin the computer account to the
2017 May 17
3
Samba AD DNS problem
Hello there.
I have a setup with Samba AD and a Named backend.
Everything has been working fine, until a few days ago, I cannot start the DNS snap-in from windows. I get a dialog box saying
"Access was denied. Would you like to add it anyway?"
If I enable level 3 debugging in the samba.conf, I get the following:
[2017/05/11 07:25:30.413481, 3]
2015 May 27
1
check password script for samba 4 ad dc
I would like to bump my question
2015-05-27 10:21 GMT+03:00 Krutskikh Ivan <stein.hak at gmail.com>:
> Hmm, looks like it's not. I've just set the password for something that
> cracklib-check would argue using both ad management tools and at windows
> login. Should it work that way or I'm missing something?
>
> My dc's smb.conf:
>
> [global]
>
2016 Jun 24
0
Login not possible / machine account issues
Hi,
Did you find any solution?
I am facing exactly the same scenario.
-CentOS 6.7
-Samba Version 4.4.3
-BIND_DLZ 9.9.8
Some workstations suddenly are unable to login, unless I reboot or rejoin
the domain. The only odd event I see in the client is the one already said:
Log Name: System
Source: Microsoft-Windows-Security-Kerberos
Event ID: 4
Task Category:
2016 Mar 31
5
NFSv4 / Krb / wildcard in keytab
Hi,
I'm trying to use wildcard in keytab because i don't want join every
computer, client for service NFS krb5.
I add a spn like this
# samba-tool spn add host/* nfs
(I create user nfs before)
# samba-tool spn list nfs
nfs
User CN=nfs,CN=Users,DC=if,DC=ujf-grenoble,DC=fr has the following
servicePrincipalName:
host/*
I export keytab :
#samba-tool domain exportkeytab
2017 Oct 12
4
samba getting stuck, highwatermark replication issue?
Hi all, James,
After following James' suggestions fixing the several dbcheck errors,
and having observed things for a few days, I'd like to update this
issue, and hope for some new input again. :-)
Summary: three DCs, all three running Version
4.5.10-SerNet-Debian-16.wheezy, samba-tool dbcheck --cross-ncs reports
no errors, except for two (supposedly innocent) dangling forward links
2017 Dec 27
2
AD replication problem "WERR_DS_DRA_ACCESS_DENIED" - need help debugging
We have 3 ADCs based on Samba-4.7.4 (compiled from source,internal DNS)/
CentOS7: dcdo1,dcnh1 and dcge1. dcge1 holds all FSMO roles. The 3 ADCs
are on different locations connected via IPSec based VPN. No traffic is
filtered out.
All 3 ADCs replicate fine except dcdo1 -->dcnh1. Symptom:
[root at dcdo1 ~]# samba-tool drs replicate dcnh1.ad.kdu.com
dcdo1.ad.kdu.com dc=ad,dc=kdu,dc=com
2016 Jul 05
0
Login not possible / machine account issues
>>This can occur when the target server principal name (SPN) is registered >>on an account other than the account the target service is using.
Hmm, multiple computers with the same serial cause these things.
So first make sure this computers serial isnt used before.
Or 2 computers with the same name in the netwerk, happens with not syspreped computers.
Keep an eye on your samba