[Samba] Re : ADS Problem : segmentation fault
djamel boussebha
dboussebha at yahoo.fr
Mon Nov 21 07:27:36 MST 2011
Please somebody can send me its configuration files which work so that I can compare with my values.
Thank's
--- En date de : Lun 21.11.11, djamel boussebha <dboussebha at yahoo.fr> a écrit :
De: djamel boussebha <dboussebha at yahoo.fr>
Objet: Re : [Samba] ADS Problem : segmentation fault
À: samba at lists.samba.org, "Robert Freeman-Day" <presgas at gmail.com>
Date: Lundi 21 novembre 2011, 13h51
Oups the dns domain for AD is : p9bis.neoplus.laposte.poc
--- En date de : Lun 21.11.11, djamel boussebha <dboussebha at yahoo.fr> a écrit :
De: djamel boussebha <dboussebha at yahoo.fr>
Objet: Re : [Samba] ADS Problem : segmentation fault
À: samba at lists.samba.org, "Robert Freeman-Day" <presgas at gmail.com>
Date: Lundi 21 novembre 2011, 13h49
Hi
I would like to compare the values of my configuration so If you have the following platform :
Windows server 2008 R2 with AD LDAP is : 187.0.17.104 (CINVW067)
Linux server with Samba/Winbind version 3.5.12 + kerberos 1.4 : 187.0.22.177 (CILVS04)
Could you please to confirm which are the good values to set into the following conf file ?
The entries for the hosts file /etc/hosts on the 2 servers linux and W2008R2 ?
The values for the file /etc/samba/smb.conf :
[global]
security = ads
realm = ?????
server string = ????
workgroup = ????
password server = ????
netbios name = ????
wins server = ????
The values for the kerberos file /etc/krb5.conf :
[libdefaults]
default_realm = ????
[realms]
???? = {
kdc = ????
default_domain = ????
admin_server = ????
}
[[domain_realm]
???? = ????
???? = ????
The values for the file cat /etc/resolv.conf :
nameserver ????
search ????
The values for the file /etc/nsswitch.conf :
passwd: ????
group: ????
shadow: ????
hosts:???
Regards
--- En date de : Lun 21.11.11, djamel boussebha <dboussebha at yahoo.fr> a écrit :
De: djamel boussebha <dboussebha at yahoo.fr>
Objet: [Samba] ADS Problem : segmentation fault
À: samba at lists.samba.org, "Robert Freeman-Day" <presgas at gmail.com>
Date: Lundi 21 novembre 2011, 10h12
Hi;
Please I would like to know which are the corrects values to set into the samba/kerberos configuration to ads protocol works fine.
My platform is :
Windows server 2008 R2 with AD LDAP is : 187.0.17.104 (CINVW067)
Linux server with Samba/Winbind version 3.5.12 + kerberos 1.4 : 187.0.22.177 (CILVS049)
When I try to join the AD via ADS protocol I have a error : segmentation fault :
# net ads join -S CINVW067 -U administrateur%laposte+1
Segmentation fault
The kinit works fine :
# kinit administrateur
Password for administrateur at P9BIS.NEOPLUS.LAPOSTE.POC:
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrateur at P9BIS.NEOPLUS.LAPOSTE.POC
Valid starting Expires Service principal
11/21/11 09:56:18 11/21/11 16:36:18 krbtgt/P9BIS.NEOPLUS.LAPOSTE.POC at P9BIS.NEOPLUS.LAPOSTE.POC
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
wbinfo -u et wbinfo -g work fine :
# wbinfo -u
administrateur
invité
admin_local
krbtgt
sp-farm
sp-serviceapp
sp-apppool
sql-service
sp-usersync
My configuration is as follows :
hosts file on the linux server :
# cat /etc/hosts
127.0.0.1 local.localdomain localhost CILVS049
187.0.22.177 CILVS049.p9bis.neoplus.laposte.poc CILVS049
187.0.17.104 CINVW067.p9bis.neoplus.laposte.poc CINVW067
#cat /etc/samba/smb.conf :
[global]
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
security = ads
client use spnego = yes
realm = P9BIS.NEOPLUS.LAPOSTE.POC
server string = CILVS049
workgroup = P9BIS
password server = 187.0.17.104.p9bis.neoplus.laposte.poc
interfaces = 127.0.0.1 eth0
bind interfaces only = true
printing = cups
printcap name = cups
load printers = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
#idmap backend = ad
winbind enum users = yes
winbind enum groups = yes
client use spnego = yes
encrypt passwords = yes
winbind nested groups = yes
winbind separator = /
winbind nss info = sfu
winbind cache time = 3600
winbind use default domain = yes
preferred master = no
domain master = no
restrict anonymous = 2
log file = /var/log/samba/log.smbd
max log size = 50
usershare allow guests = no
netbios name = CILVS049
#wins server = 187.0.17.104
#wins proxy = no
dns proxy = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
#cat /etc/krb5.conf :
[libdefaults]
default_realm = P9BIS.NEOPLUS.LAPOSTE.POC
default_keytab_name = FILE:/etc/krb5.keytab
kdc_timesync = 1
ticket_lifetime = 24000
dns_lookup_kdc = true
dns_lookup_realm = true
forwardable = true
fcc-mit-ticketflags = true
clockskew = 300
[realms]
P9BIS.NEOPLUS.LAPOSTE.POC = {
kdc = 187.0.17.104:88
default_domain = p9bis.neoplus.laposte.poc
admin_server = 187.0.17.104:749
}
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICE:DAEMON
[domain_realm]
MONWORKGROUP = P9BIS.NEOPLUS.LAPOSTE.POC
.p9bis.neoplus.laposte.poc = P9BIS.NEOPLUS.LAPOSTE.POC
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 1
try_first_pass = true
}
kinit = {
forwardable = true
proxiable = false
renewable = true
retain_after_close = false
minimum_uid = 1
try_first_pass = true
}
# cat /etc/resolv.conf
nameserver 187.0.17.3
nameserver 187.0.17.4
nameserver 187.0.17.104
search p9bis.neoplus.laposte.poc
#cat /etc/nsswitch.conf
passwd: files winbind
group: files winbind
shadow: files winbind
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files
aliases: files
How my configuration Samba/kerberos/winbind fails with ADS ?
Regards
More information about the samba
mailing list