[Samba] After Update Member Server not working
Tim
lists at kiuni.de
Thu Apr 9 06:10:24 MDT 2015
Hello all,
I got some updates for my centos 7 (core), but nothing for the sernet-samba-packages.
But now, my (test) member server isn't accessable anymore. Its smb.conf:
[global]
netbios name = SERVERNAME
workgroup = DOMAIN
security = ADS
realm = DOMAIN.EXAMPLE.COM
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
log level = 10 winbind:2
bind interfaces only = yes
interfaces = lo enp0s25
username map = /etc/samba/user.map
idmap config *:backend = tdb
idmap config *:range = 2000-8999
idmap config DOMAIN:backend = ad
idmap config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 10000-99999
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = Yes
winbind expand groups = 4
winbind normalize names = Yes
domain master = no
local master = no
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
[share]
path = /srv/share
read only = no
The behaviour is the following: If I hit \\<IP adress>, I can/must authenticate with administrator, normal domain users do not work anymore. When I hit \\<Servername>, nothing is working. There is only a message, I am not authorized to use the resource.
Here your are a log of smbd:
grep LOGON /var/log/samba/log.smbd
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE
smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:131
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2646
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE
smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:131
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2646
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE
smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:131
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2646
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE
smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:131
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2646
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE
smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:131
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2646
SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE
smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:131
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2646
My krb5.conf
[libdefaults]
dns_lookup_realm = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = Q007DPK2.Q007.INTERN
dns_lookup_kdc = true
I would appreciate your help. Thanks in advance.
Regards
Tim
More information about the samba
mailing list