[Samba] samba 4.2 RDP problem (extra debug info)
L.P.H. van Belle
belle at bazuin.nl
Thu Apr 30 07:31:18 MDT 2015
After a new setup i was confronted again with the unable to login with RDP.
so here is some extra info for the debugging this.
I used RDP to connect a Windows 7 64 bit, connected in rdp with ipadres of the pc.
and again unable to login.
since im trying to setup a smb.conf with minimal changes, i only added :
auth methods = sam, winbind
restarted samba on both DC's
and yes.. im able to login again, ADUC works, i can add users .. and DNS tool did also work fine.
So i hope this info helps in debugging ..
config file used,
# Global parameters
workgroup = DOMAIN
realm = DOMAIN.TESTING
netbios name = DC1
server role = active directory domain controller
server services = -dns
auth methods = sam, winbind
idmap_ldb:use rfc2307 = yes
interfaces = 127.0.0.1 192.168.0.1
bind interfaces only = yes
time server = yes
wins support = yes
idmap config * : backend = tdb
idmap config * : range = 2000-9999
idmap config DOMAIN : backend = ad
idmap config DOMAIN : schema_mode = rfc2307
idmap config DOMAIN : range = 10000-3999999
# Use home directory and shell information from AD
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind expand groups = 3
>Van: Andrew Bartlett [mailto:abartlet at samba.org]
>Verzonden: maandag 27 april 2015 8:37
>Aan: L.P.H. van Belle
>CC: samba at lists.samba.org
>Onderwerp: Re: [Samba] samba 4.2 RDP problem (solved)
>On Wed, 2015-04-22 at 17:12 +0200, L.P.H. van Belle wrote:
>> sorry for the noise..
>> I missed the solution in my mail. just saw it online..
>> The working version for rdp login..
>> I can confirm also that after adding these to the smb.conf
>> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
>netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo,
>browser, eventlog6, backupkey, dnsserver, remote, winreg, srvsvc
>> auth methods = sam, winbind, ntdomain, ntdomain:winbind
>> I was able to login with RDP also.
>> sernet samba 4.2.1 - Windows 7 64bit.
>To be VERY clear, neither of these things are solutions. They are
>debugging aids, but running in either of these configurations in the
>long term (I say this because in Samba, suggestions like this
>turn up in
>google for years) will just result in pain.
>'smb' means the NTVFS file server, and while quite capable, and still
>tested, it hasn't been worked on in years, and has no support
>like POSIX ACLS, SMB3, VFS modules and unix extensions.
>the changes to 'auth methods' makes the server behave in a weird
>combination of an NT4 DC and an AD DC.
>That said, I find it most intriguing that these help, and that
>information has been recorded on the bug, and will assist
>those who made
>the change between 4.1 and 4.2.
>Andrew Bartlett http://samba.org/~abartlet/
>Authentication Developer, Samba Team http://samba.org
>Samba Developer, Catalyst IT
More information about the samba