[Samba] Cannot authenticate the administrator account
Rowland Penny
rowlandpenny at googlemail.com
Wed Apr 22 09:01:43 MDT 2015
On 22/04/15 15:04, L.P.H. van Belle wrote:
> Are you sure you have the "correct" administrator password ..
>
> this should work , echo ${SAMBA_NT_ADMIN_PASS}| smbclient //localhost/netlogon -U Administrator -c 'ls'
> that does not involve kerberos yet..
>
> Please run:
>
> SETHOSTNAME=`hostname -s`
> SETDNSDOMAIN=`hostname -d`
> SETFQDN=`hostname -f`
>
> host -t SRV _ldap._tcp.${SETDNSDOMAIN}.
>
> host -t SRV _kerberos._udp.${SETDNSDOMAIN}.
>
> host -t A ${SETHOSTNAME}.${SETDNSDOMAIN}.
>
> and
> cat /etc/hosts
>
> and these are your DC's ips?
>
> nameserver 75.75.76.76
> nameserver 75.75.75.75
>
>
> Greetz,
>
> Louis
>
>
>
>
>
> Van: Mike [mailto:1100100 at gmail.com]
> Verzonden: woensdag 22 april 2015 15:45
> Aan: L.P.H. van Belle
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] Cannot authenticate the administrator account
>
>
>
>
> On Wed, Apr 22, 2015 at 7:27 AM, L.P.H. van Belle <belle at bazuin.nl> wrote:
> can you try the following..
> and post the result back.
> and /etc/resolv.conf
> and /etc/krb5.conf
>
> copy past it, but set the admin pass fist.
> then whats the output.
>
> SAMBA_NT_ADMIN_PASS="PUT_YOUR-ADMINISTRATOR_PASSWORD_HERE"
> SETFQDN=`hostname -f`
>
> echo "NT Authentication test"
> echo ${SAMBA_NT_ADMIN_PASS}| smbclient //localhost/netlogon -U Administrator -c 'ls'
>
> echo "Kerberos Authentication"
> echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
> smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
> kdestroy
>
>
> [root at a10 ~]# cat /etc/resolv.conf
> # Generated by NetworkManager
> search conpago.mwllc.info
> nameserver 75.75.76.76
> nameserver 75.75.75.75
> [root at a10 etc]# cat krb5.conf
> [libdefaults]
> default_realm = MWLLC.INFO
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
> [root at a10 etc]# SETFQDN=`hostname -f`
> [root at a10 etc]# echo "NT Authentication test"
> NT Authentication test
> [root at a10 etc]# echo ${SAMBA_NT_ADMIN_PASS}| smbclient //localhost/netlogon -U Administrator -c 'ls'
> Enter Administrator's password:
> session setup failed: NT_STATUS_LOGON_FAILURE
> [root at a10 etc]# echo "Kerberos Authentication"
> Kerberos Authentication
> [root at a10 etc]# echo ${SAMBA_NT_ADMIN_PASS} | kinit Administrator
> kinit: Cannot find KDC for realm "MWLLC.INFO" while getting initial credentials
> [root at a10 etc]# smbclient //${SETFQDN}/netlogon -U Administrator -c 'ls' -k
> cli_session_setup_kerberos: spnego_gen_krb5_negTokenInit failed: No such file or directory
> session setup failed: NT_STATUS_UNSUCCESSFUL
> [root at a10 etc]# kdestroy
>
>
>
>
Hi Louis, did you miss this:
[root at a10 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search conpago.mwllc.info
nameserver 75.75.76.76
nameserver 75.75.75.75
His realm (from krb5.conf) is 'MWLLC.INFO'
Rowland
More information about the samba
mailing list