[Samba] getting samba to authenticate with kerberos/PAM [Samba]

Prev: [Samba] Running Samba-Swat on Ubuntu System
Next: [Samba] Error Message

From: Guillermo Gutierrez on 8 Mar 2006 14:10

Hello,
I reeeeally need someone's help here. I guide after guide from all sorts of sources but I still cannot get samba to authenticate a domain login via winbind off of the windows 2003 DC on our network.

Here is what I can do:
I can successfully do a kinit command and can verify the existance on the samba server in active directory on the DC.
I can login using domain profiles on the samba server linux box's (Gentoo) console.
I can login as root from ssh only, not at the console.
I can not login with domain profiles through ssh (haven't tried to modify /etc/pam.d/sshd for fear of not being able to login as root at all).
I can get to my /home/samba/public samba share through netBIOS.
I can not get into my /home/<DOMAIN>/<domainuser> samba share, I recieve a "network path not found" error in windows.
When the above happens, one samba log (log.<machinename>) will say:

[2006/03/08 10:36:19, 5] smbd/reply.c:reply_special(537)
init msg_type=0x81 msg_flags=0x0
[2006/03/08 10:36:19, 0] lib/util_sock.c:write_data(557)
write_data: write failure in writing to client 10.11.7.56. Error Connection reset by peer
[2006/03/08 10:36:19, 0] lib/util_sock.c:send_smb(765)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2006/03/08 10:36:19, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/08 10:36:19, 5] auth/auth_util.c:debug_nt_user_token(433)
NT user token: (NULL)
[2006/03/08 10:36:19, 5] auth/auth_util.c:debug_unix_user_token(454)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/03/08 10:36:19, 5] smbd/uid.c:change_to_root_user(324)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2006/03/08 10:36:19, 2] smbd/server.c:exit_server(614)
Closing connections
[2006/03/08 10:36:19, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2006/03/08 10:36:19, 3] smbd/connection.c:yield_connection(76)
yield_connection: tdb_delete for name failed with error Record does not exist.
[2006/03/08 10:36:19, 3] smbd/server.c:exit_server(655)
Server exit (process_smb: send_smb failed.)

The other samba log (log.<IPAddress>) will say:

[2006/03/08 10:40:26, 5] auth/auth_util.c:debug_nt_user_token(433)
NT user token: (NULL)
[2006/03/08 10:40:26, 5] auth/auth_util.c:debug_unix_user_token(454)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/03/08 10:40:26, 5] smbd/uid.c:change_to_root_user(324)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2006/03/08 10:40:26, 5] lib/util.c:show_msg(454)
[2006/03/08 10:40:26, 5] lib/util.c:show_msg(464)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=65279
smb_uid=101
smb_mid=448
smt_wct=0
smb_bcc=0
[2006/03/08 10:40:26, 3] smbd/process.c:timeout_processing(1447)
timeout_processing: End of file from client (client has disconnected).
[2006/03/08 10:40:26, 5] lib/gencache.c:gencache_shutdown(89)
Closing cache file
[2006/03/08 10:40:26, 5] libsmb/namecache.c:namecache_shutdown(79)
namecache_shutdown: netbios namecache closed successfully.
[2006/03/08 10:40:26, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/03/08 10:40:26, 5] auth/auth_util.c:debug_nt_user_token(433)
NT user token: (NULL)
[2006/03/08 10:40:26, 5] auth/auth_util.c:debug_unix_user_token(454)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/03/08 10:40:26, 5] smbd/uid.c:change_to_root_user(324)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2006/03/08 10:40:26, 2] smbd/server.c:exit_server(614)
Closing connections
[2006/03/08 10:40:26, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2006/03/08 10:40:26, 3] smbd/server.c:exit_server(655)
Server exit (normal exit)

and a whole bunch of other stuff that extends into the .old archive of this log.

Please help me figure out what the source of my issue is or point me to a step-by-step set of instructions that will work.

Here is some info on my setup:

Samba Server: samba 3.0.21c on a Gentoo Linux system
Network: windows 2003 Active Directory domain with a Novell Server on the network.
OS of client used for testing connection: windows XP SP2

thanks in advance,

Guillermo Gutierrez
Development Systems Engineer
Market Scan Information Systems
(818) 575-2000 x2427
ggutierrez(a)marketscan.com

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

|
Pages: 1
Prev: [Samba] Running Samba-Swat on Ubuntu System
Next: [Samba] Error Message