[Samba] SMBD not authenticating against Active Directory
saddam abu ghaida
saddam.abughaida at gmail.com
Mon Dec 1 07:45:57 GMT 2008
hello,
add the following to samba
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap config TESTDOMAIN: default = yes
idmap config TESTDOMAIN: backend = rid
idmap config TESTDOMAIN: range = 10777216-57554431
idmap alloc TESTDOMAIN: range = 10777216-57554431
winbind nested groups = yes
winbind use default domain = no
prefered master = no
and remove the following
idmap backend = ad
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
if you still facing the same problem please send the new log once again
regards,
Saddam Abu Ghaida
On Sun, Nov 30, 2008 at 6:13 AM, Kums <kumaran.rajaram at gmail.com> wrote:
> Hi Saddam,
>
> Please find the Samba log file attached with the below log level settings.
>
> Sorry for the delay in response.
>
> Regards,
> -Kums
>
> On Fri, Nov 28, 2008 at 7:22 PM, saddam abu ghaida
> <saddam.abughaida at gmail.com> wrote:
>>
>> could you add the following and send the generated log files
>>
>> os level = 3 passdb:5 auth:10 winbind:5
>>
>> * spnego has something to do with this failure
>>
>> regards,
>> saddam abu ghaida
>>
>>
>> On Thu, Nov 27, 2008 at 2:01 AM, Kums <kumaran.rajaram at gmail.com> wrote:
>> > Hi,
>> >
>> > Iam trying to setup Samba version 3.2.3 on Redhat (RHEL5) server to use
>> > Active Directory for authentication. I followed the instructions from
>> > article in following website:
>> > http://technet.microsoft.com/en-au/magazine/dd228986.aspx
>> >
>> > Setup Winbind + Samba + Kerberos and it seems to work fine. I can see
>> > the
>> > users in Active Directory through winbind as well as authenticate users
>> > using NTLM authentication.
>> >
>> > Problem is that Iam unable to access Samba share from Windows clients as
>> > AD
>> > user. Analyzing the network traffic on SMBD port gives:
>> > ---
>> > 10.849969 192.168.97.2 -> 192.168.97.5 SMB Session Setup AndX Request,
>> > NTLMSSP_AUTH, User: TESTDOMAIN\testuser
>> > 10.853302 192.168.97.5 -> 192.168.97.2 SMB Session Setup AndX Response,
>> > Error:STATUS_LOGON_FAILURE
>> > --
>> >
>> > I can however access the Samba share as local user in the Samba server
>> > via
>> > smbpasswd:
>> > ---
>> > 166.059746 192.168.97.2 -> 192.168.97.5 SMB Session Setup AndX Request,
>> > NTLMSSP_AUTH, User: D1950-01\kums
>> > 166.068297 192.168.97.5 -> 192.168.97.2 SMB Session Setup AndX Response
>> > 166.068500 192.168.97.2 -> 192.168.97.5 SMB Tree Connect AndX Request,
>> > Path:
>> > \\192.168.97.5\global
>> > 166.068787 192.168.97.5 -> 192.168.97.2 SMB Tree Connect AndX Response
>> > ---
>> >
>> > Winbind gives following error, not sure if this is significant for I can
>> > access the AD via "wbinfo"
>> > [2008/11/26 15:22:58, 1]
>> > libsmb/cliconnect.c:cli_session_setup_kerberos(626)
>> > cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot find
>> > KDC for requested realm
>> >
>> > Please see attached for configuration detail + detailed error log.
>> > Googling
>> > helped me to get so far, but not completely resolve this issue.
>> >
>> > Please advise.
>> >
>> > Thanks in Advance,
>> > -Kums
>> >
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions: https://lists.samba.org/mailman/listinfo/samba
>> >
>
>
More information about the samba
mailing list