[Samba] Integrating samba with existing AD
thibaut.pouzet at lyra-network.com
Wed Jul 20 09:13:23 MDT 2011
Well thank you for noticing this error Jonathan, I didn't paid attention to
my samba version. We have quite a lot of centos machines on the network and
a poor internet connexion additionned with strong security policy.
Therefore, we have a rpm proxy and I did not noticed that the samba packages
available were out of date. Anyway, I fixed this issue and ran some more
I still can observe my problem though : I can connect to the server with
smbclient or windows clients, but cannot parse my folders. I also created a
dummy user named Alfred in my active directory, but he cannot connect in any
But now that I made this change, "# getent groups" does not gives me all my
local + ad groups (just some of them).
I managed to connect to one of my folder by having "valid users = thibaut"
in my settings, but I don't really like this solution since I have a lot of
users which will have access to this server.
[2011/07/20 16:59:01.751433, 1] smbd/service.c:1070(make_connection_snum)
192.168.206.145 (192.168.206.145) connect to service commercial initially
as user thibaut (uid=2032, gid=1500) (pid 3039)
[2011/07/20 16:59:02.771747, 1] smbd/sesssetup.c:332(reply_spnego_kerberos)
Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE!
And when accessing to another folder with "valid users = %S" :
[2011/07/20 16:58:53.584947, 2]
user 'thibaut' (from session setup) not permitted to access this share
I use ldap to identify myself to the server, so I think that the iud+gid
numbers for the user thibaut comes from my logins to the server and might
have nothing to do with samba.
I think I am a bit confused with all this and that I mix some different
De : samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] De
la part de Jonathan Buzzard
Envoyé : mercredi 20 juillet 2011 12:26
À : samba at lists.samba.org
Objet : Re: [Samba] Integrating samba with existing AD
On Wed, 2011-07-20 at 10:44 +0200, Thibaut POUZET wrote:
> The software involved :
> Server Linux CentOS 5.6
> Windows 2003 Serveur R2 with working AD and another DNS server working
> # rpm -qa | grep samba
Stop right there remove the samba packages and install the samba3x
packages. Then take a look at my previous post made yesterday.
> So where am I going wrong ? L
You are persisting on using a woefully out of date version of Samba when
your distribution comes with a much more recent prepackaged version. Why
anyone would want to use the plain samba packages in RHEL/CentOS when
trying to intergrate to the AD is utterly beyond me.
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
To unsubscribe from this list go to the following URL and read the
More information about the samba