Domain problem...
in [Samba]
|
From: Elvis Aaron Presley on 27 Sep 2006 03:30 Nobody knows any information or test for me? :( Elvis -----Mensaje original----- De: samba-bounces+elvisa=terra.es(a)lists.samba.org [mailto:samba-bounces+elvisa=terra.es(a)lists.samba.org] En nombre de Elvis Aaron Presley Enviado el: martes, 26 de septiembre de 2006 14:04 Para: Lista Samba Asunto: [Samba] Domain problem... Hello all, This is the first time I write to the list. Sorry about my english... My Debian Sarge server was working perfectly with samba and winbind as a normal client in a Domain enviroment. I was able to share folders on my linux machine giving rights to the domain users. Everything was working until one day in that it crashed for some reason I don't know. I didn't touch anything of my config files (smb.conf,nsswitch.conf) so I suppose it's ok. The problem is that now, I can't do "wbinfo -u" successfully. It returns "Error looking domain users", so I can't share directories with domain users. Enviroment info: PDC: W2000 server (ip 192.168.1.102,netbios-name server32) with DNS server Debian: domain client (ip 192.168.1.249,netbios-name oracle) with DNS server Other clients in the network uses DNS1 192.168.1.102 and DNS2 192.168.1.249 ... I don't know if this info is relevant. "net rpc join -S server32 -U Administrador%pass" returns "Joined domain RXN32." "wbinfo -m" returns "RXN32" <- is the netbios name of the domain "wbinfo -t" returns "checking the trust secret via RPC calls succeeded" "wbinfo -u" returns "Error looking up domain users" "wbinfo -g" returns "Error looking up domain groups" Samba version 3.0.22 on debian machine. And in the domain exist the user "oracle" with password "realpwd". I've tried "wbinfo --authenticate=oracle%fakepwd" and return: plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc0000064) error messsage was: No such user Could not authenticate user oracle%fakepwd with plaintext password challenge/response password authentication failed error code was NT_STATUS_WRONG_PASSWORD (0xc000006a) error messsage was: Wrong Password Could not authenticate user oracle with challenge/response But if I try "wbinfo --authenticate=oracle%realpwd" it returns: plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc0000064) error messsage was: No such user Could not authenticate user oracle%realpwd with plaintext password challenge/response password authentication succeeded What????? How is it possible? The user exist in the domain. I've tried delete it and create it again and same result. I've tried with other user... But same result. How can this stop to work if I didn't change anything? Is possible that it happenned after apt-get dist-upgrade? This is the global part of my smb.conf but i supposse it's ok because it was working and nothing changed: [global] workgroup = RXN32 security = DOMAIN password server = server32 encrypt passwords = true idmap uid = 10000-20000 idmap gid = 10000-20000 template shell = /bin/bash winbind separator = + netbios name = oracle I googled a lot, but with no luck... :( Thank for read this "big text", and sorry if this message is at incorrect list. If there is a more specific list for this kind of issues, please tell me. Thanks in advance and Regards. Elvis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
From: Henrik Zagerholm on 27 Sep 2006 03:40 Hello, winbind enum users = yes winbind enum groups = yes also check that getent passwd shows domain users. Cheers, Henrik 27 sep 2006 kl. 09:23 skrev Elvis Aaron Presley: > Nobody knows any information or test for me? :( > > Elvis > > -----Mensaje original----- > De: samba-bounces+elvisa=terra.es(a)lists.samba.org > [mailto:samba-bounces+elvisa=terra.es(a)lists.samba.org] En nombre de > Elvis Aaron Presley > Enviado el: martes, 26 de septiembre de 2006 14:04 > Para: Lista Samba > Asunto: [Samba] Domain problem... > > > Hello all, This is the first time I write to the list. Sorry about my > english... > > My Debian Sarge server was working perfectly with samba and winbind > as a > normal client in a Domain enviroment. I was able to share folders > on my > linux machine giving rights to the domain users. Everything was > working > until one day in that it crashed for some reason I don't know. I > didn't > touch anything of my config files (smb.conf,nsswitch.conf) so I > suppose > it's ok. The problem is that now, I can't do "wbinfo -u" successfully. > It returns "Error looking domain users", so I can't share directories > with domain users. > > Enviroment info: > > PDC: W2000 server (ip 192.168.1.102,netbios-name server32) with DNS > server > Debian: domain client (ip 192.168.1.249,netbios-name oracle) with DNS > server > > Other clients in the network uses DNS1 192.168.1.102 and DNS2 > 192.168.1.249 ... I don't know if this info is relevant. > > "net rpc join -S server32 -U Administrador%pass" returns "Joined > domain > RXN32." "wbinfo -m" returns "RXN32" <- is the netbios name of the > domain > "wbinfo -t" returns "checking the trust secret via RPC calls > succeeded" > "wbinfo -u" returns "Error looking up domain users" "wbinfo -g" > returns > "Error looking up domain groups" > > Samba version 3.0.22 on debian machine. And in the domain exist the > user > "oracle" with password "realpwd". > > I've tried "wbinfo --authenticate=oracle%fakepwd" and return: > > plaintext password authentication failed > error code was NT_STATUS_NO_SUCH_USER (0xc0000064) > error messsage was: No such user > Could not authenticate user oracle%fakepwd with plaintext password > challenge/response password authentication failed error code was > NT_STATUS_WRONG_PASSWORD (0xc000006a) error messsage was: Wrong > Password > Could not authenticate user oracle with challenge/response > > But if I try "wbinfo --authenticate=oracle%realpwd" it returns: > > plaintext password authentication failed > error code was NT_STATUS_NO_SUCH_USER (0xc0000064) > error messsage was: No such user > Could not authenticate user oracle%realpwd with plaintext password > challenge/response password authentication succeeded > > What????? How is it possible? The user exist in the domain. I've tried > delete it and create it again and same result. I've tried with other > user... But same result. > > How can this stop to work if I didn't change anything? Is possible > that > it happenned after apt-get dist-upgrade? > > This is the global part of my smb.conf but i supposse it's ok > because it > was working and nothing changed: > > [global] > workgroup = RXN32 > security = DOMAIN > password server = server32 > encrypt passwords = true > idmap uid = 10000-20000 > idmap gid = 10000-20000 > template shell = /bin/bash > winbind separator = + > netbios name = oracle > > I googled a lot, but with no luck... :( > > Thank for read this "big text", and sorry if this message is at > incorrect list. If there is a more specific list for this kind of > issues, please tell me. > > Thanks in advance and Regards. > > Elvis > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
From: Elvis Aaron Presley on 27 Sep 2006 07:10 Hello, I've tried what you said and restarted samba and winbind... But no success... :( After that, I re-joined to the domain, but the same result... I see when I tried to rejoin to the domain in the PDC w2000 event log a 5722 event. This is the error message: The session setup from the computer ORACLE failed to authenticate. The name of the account referenced in the security database is ORACLE$. The following error occurred: Access is denied. But the user exist at the domain. ¿? I see the log at /var/log/samba/log.winbindd with this: [2006/09/27 11:39:50, 0] libads/kerberos.c:ads_kinit_password(164) kerberos_kinit_password ORACLE$@RXN32.BIZ failed: Cannot resolve network address for KDC in requested realm [2006/09/27 11:39:50, 1] nsswitch/winbindd_ads.c:ads_cached_connection(109) ads_connect for domain RXN32 failed: Cannot resolve network address for KDC in requested realm The log at /var/log/samba/log.wb-RXN32 has: [2006/09/27 12:07:04, 0] libsmb/credentials.c:creds_client_check(256) creds_client_check: credentials check failed. [2006/09/27 12:07:04, 0] rpc_client/cli_netlogon.c:rpccli_netlogon_sam_network_logon(898) rpccli_netlogon_sam_network_logon: credentials chain check failed [2006/09/27 12:07:04, 0] libads/kerberos.c:ads_kinit_password(164) kerberos_kinit_password ORACLE$@RXN32.BIZ failed: Cannot resolve network address for KDC in requested realm [2006/09/27 12:07:04, 1] nsswitch/winbindd_ads.c:ads_cached_connection(109) ads_connect for domain RXN32 failed: Cannot resolve network address for KDC in requested realm But I'm not using kerberos. In addition, this errors are present too in other older dates, and the server was working fine at that dates. What can I do? I need to share folder on my debian to domain users... :S Elvis -----Mensaje original----- De: Henrik Zagerholm [mailto:henke(a)mac.se] Enviado el: miércoles, 27 de septiembre de 2006 9:30 Para: Elvis Aaron Presley CC: 'Lista Samba' Asunto: Re: [Samba] Domain problem... Hello, winbind enum users = yes winbind enum groups = yes also check that getent passwd shows domain users. Cheers, Henrik 27 sep 2006 kl. 09:23 skrev Elvis Aaron Presley: > Nobody knows any information or test for me? :( > > Elvis > > -----Mensaje original----- > De: samba-bounces+elvisa=terra.es(a)lists.samba.org > [mailto:samba-bounces+elvisa=terra.es(a)lists.samba.org] En nombre de > Elvis Aaron Presley Enviado el: martes, 26 de septiembre de 2006 14:04 > Para: Lista Samba > Asunto: [Samba] Domain problem... > > > Hello all, This is the first time I write to the list. Sorry about my > english... > > My Debian Sarge server was working perfectly with samba and winbind > as a > normal client in a Domain enviroment. I was able to share folders > on my > linux machine giving rights to the domain users. Everything was > working > until one day in that it crashed for some reason I don't know. I > didn't > touch anything of my config files (smb.conf,nsswitch.conf) so I > suppose > it's ok. The problem is that now, I can't do "wbinfo -u" successfully. > It returns "Error looking domain users", so I can't share directories > with domain users. > > Enviroment info: > > PDC: W2000 server (ip 192.168.1.102,netbios-name server32) with DNS > server > Debian: domain client (ip 192.168.1.249,netbios-name oracle) with DNS > server > > Other clients in the network uses DNS1 192.168.1.102 and DNS2 > 192.168.1.249 ... I don't know if this info is relevant. > > "net rpc join -S server32 -U Administrador%pass" returns "Joined > domain > RXN32." "wbinfo -m" returns "RXN32" <- is the netbios name of the > domain > "wbinfo -t" returns "checking the trust secret via RPC calls > succeeded" > "wbinfo -u" returns "Error looking up domain users" "wbinfo -g" > returns > "Error looking up domain groups" > > Samba version 3.0.22 on debian machine. And in the domain exist the > user > "oracle" with password "realpwd". > > I've tried "wbinfo --authenticate=oracle%fakepwd" and return: > > plaintext password authentication failed > error code was NT_STATUS_NO_SUCH_USER (0xc0000064) > error messsage was: No such user > Could not authenticate user oracle%fakepwd with plaintext password > challenge/response password authentication failed error code was > NT_STATUS_WRONG_PASSWORD (0xc000006a) error messsage was: Wrong > Password > Could not authenticate user oracle with challenge/response > > But if I try "wbinfo --authenticate=oracle%realpwd" it returns: > > plaintext password authentication failed > error code was NT_STATUS_NO_SUCH_USER (0xc0000064) > error messsage was: No such user > Could not authenticate user oracle%realpwd with plaintext password > challenge/response password authentication succeeded > > What????? How is it possible? The user exist in the domain. I've tried > delete it and create it again and same result. I've tried with other > user... But same result. > > How can this stop to work if I didn't change anything? Is possible > that > it happenned after apt-get dist-upgrade? > > This is the global part of my smb.conf but i supposse it's ok > because it > was working and nothing changed: > > [global] > workgroup = RXN32 > security = DOMAIN > password server = server32 > encrypt passwords = true > idmap uid = 10000-20000 > idmap gid = 10000-20000 > template shell = /bin/bash > winbind separator = + > netbios name = oracle > > I googled a lot, but with no luck... :( > > Thank for read this "big text", and sorry if this message is at > incorrect list. If there is a more specific list for this kind of > issues, please tell me. > > Thanks in advance and Regards. > > Elvis > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
Pages: 1 Prev: PLEASE HELP! Can't add machines to domain! - SOLVED Next: Domain problem... (other way) |