[Samba] Authentication problem
Rowland penny
rpenny at samba.org
Wed Jun 29 12:28:31 UTC 2016
On 29/06/16 12:48, L.P.H. van Belle wrote:
> Hai Rowland, his setup is ok.
>
> Im guessing this has todo with your dhcp options or resolvconf settings or dhcpclient settings or nsswitch.conf resolv order is changes.
> Or did you change /etc/hosts.conf to bind,hosts
>
> Its one of the above ;-)
>
>
> Greetz,
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland penny
>> Verzonden: woensdag 29 juni 2016 12:40
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Authentication problem
>>
>> On 29/06/16 11:27, Dr. Harry Knitter wrote:
>>> Am Mittwoch, 29. Juni 2016, 10:56:02 schrieb Rowland penny:
>>>> On 29/06/16 10:33, Dr. Harry Knitter wrote:
>>>>> I'm setting up a new Samba 4 Domain on a Debian Jessie machine.
>>>>> The dc works.
>>>>> Now I'm trying to setup a fileserver following the samba wiki.
>>>>> winbind is running on both machines, getent and wbinfo show the users
>> and
>>>>> groups of the domain.
>>>>>
>>>>> However, when I try
>>>>> net rpc rights list accounts -U"MYDOM\Administrator"
>>>>> Enter MYDOM\Administrator's password:
>>>>> Could not connect to server 127.0.0.1
>>>>> The username or password was not correct.
>>>>> Connection failed: NT_STATUS_LOGON_FAILURE
>>>>>
>>>>> What's wrong?
>>>>>
>>>>>
>>>>> Greetings
>>>>> Harry
>>>> Can you post /etc/resolv.conf and /etc/hosts from the domain member (or
>>>> as you call it, 'fileserver)
>>>>
>>>> Rowland
>>> Thanks for your quick reply.
>>>
>>> /etc/resolv.conf points to the dc as a nameserver
>>>
>>> search mydom.lan
>>> nameserver IP.of.my.dc
>>>
>>> /etc/hosts
>>> 127.0.0.1 localhost
>>> xxx.xxx.xxx.xxx fs.mydom.lan fs
>>>
>>> # The following lines are desirable for IPv6 capable hosts
>>> ::1 localhost ip6-localhost ip6-loopback
>>> ff02::1 ip6-allnodes
>>> ff02::2 ip6-allrouters
>>>
>>> The IPs are correct
>>>
>>> Harry
>>>
>>>
>>>
>> Nothing seems wrong there, my setup is similar (dhcp instead of your
>> fixed ip) and when I run your command, I get this:
>>
>> rowland at devstation:~/programming/git/samba-master$ net rpc rights list
>> accounts -U"SAMDOM\Administrator"
>> Enter SAMDOM\Administrator's password:
>> BUILTIN\Print Operators
>> No privileges assigned
>> ..........................
>> ...............
>> ....
>>
>> I take it the fileserver is joined to the domain, so what is in
>> /etc/krb5.conf ?
>> Is a firewall running ?
>> What is in your smb.conf files, on the DC and fileserver ?
>>
>> Rowland
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>
>
Cannot agree with you Louis, AD relies on DNS and as such, the net
command should be able to find the DC by dns.
My /etc/resolv.conf searches the domain and uses the DCs as nameservers,
all there is in /etc/hosts (apart from ipv6 lines) is
127.0.0.1 localhost
When I run the same command as the OP (just changing the domain) it
works for me. I would still be interested in seeing the info I last
asked for.
Rowland
More information about the samba
mailing list