[Samba] Problems to authenticate Ubuntu 14 on Samba4

L.P.H. van Belle belle at bazuin.nl
Tue Dec 29 09:16:38 UTC 2015


.. need more coffe.. 
>From /etc/hosts i meant.. 
> 
> 127.0.1.1    cliente-ad192.empresa.com    cliente-ad192



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens L.P.H. van Belle
> Verzonden: dinsdag 29 december 2015 10:04
> Aan: samba at lists.samba.org
> CC: Marcio Demetrio Bacci
> Onderwerp: Re: [Samba] Problems to authenticate Ubuntu 14 on Samba4
> 
> Remove from localhost.
> 
> 127.0.1.1    cliente-ad192.empresa.com    cliente-ad192
> 
> Reboot and try again.
> 
> Greetz,
> 
> Louis
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Marcio Demetrio
> > Bacci
> > Verzonden: maandag 28 december 2015 23:55
> > Aan: Rowland penny
> > CC: samba at lists.samba.org
> > Onderwerp: Re: [Samba] Problems to authenticate Ubuntu 14 on Samba4
> >
> > I'm using Ubuntu 14.04-64 bits
> >
> > I had installed with apt-get the follows packages
> >
> >
> > krb5-user krb5-config winbind samba samba-common smbclient cifs-utils
> > libpam-krb5 libpam-winbind libnss-winbind
> >
> > The samba version is 4.1.16-Ubuntu
> >
> > Below are my files of configuration
> >
> > */etc/samba/smb.conf*
> > [global]
> >   netbios name = cliente-ad192
> >   workgroup = EMPRESA
> >   security = ads
> >   realm = EMPRESA.COM
> >   password server = 192.196.40.1
> >   encrypt passwords = yes
> >   dedicated keytab file = /etc/krb5.keytab
> >   kerberos method = secrets and keytab
> >   preferred master = no
> >   idmap config *:backend = tdb
> >   idmap config *:range = 1000-3000
> >   idmap config EMPRESA:backend = ad
> >   idmap config EMPRESA:schema_mode = rfc2307
> >   idmap config EMPRESA:range = 10000-9999999
> >
> >   winbind nss info = rfc2307
> >   winbind trusted domains only = no
> >   winbind use default domain = yes
> >   winbind enum users = yes
> >   winbind enum groups = yes
> >   winbind refresh tickets = yes
> >   template homedir = /home/%D/%U
> >   template shell = /bin/bash
> >   vfs objects = acl_xattr
> >   map acl inherit = Yes
> >   store dos attributes = Yes
> >   username map = /etc/samba/user.map
> >
> >
> >
> > */etc/krb5.conf*
> > [libdefaults]
> > default_realm = EMPRESA.COM
> >
> > # The following krb5.conf variables are only for MIT Kerberos.
> > krb4_config = /etc/krb.conf
> > krb4_realms = /etc/krb.realms
> > dns_lookup_realm = false
> > dns_lookup_kdc = false
> > ticket_lifetime = 24h
> > renew_lifetime = 7d
> > forwardable = true
> >
> > [realms]
> > EMPRESA.COM = {
> > kdc = DC1.EMPRESA.COM
> > admin_server = DC1.EMPRESA.COM
> > }
> >
> > [domain_realm]
> > .empresa.com = EMPRESA.COM
> > empresa.com = EMPRESA.COM
> >
> > [login]
> > krb4_convert = true
> > krb4_get_tickets = false
> >
> >
> >
> > */etc/resolv.conf*
> > nameserver 192.168.40.1
> > search empresa.com
> >
> >
> > */etc/hosts*127.0.0.1    localhost
> > 127.0.1.1    cliente-ad192.empresa.com    cliente-ad192
> > 192.168.40.2    cliente-ad192.empresa.com    cliente-ad192
> > 192.168.40.1    dc1.empresa.comdc1
> >
> >
> > */etc/nsswitch.conf*
> > passwd:compat
> > group:compat
> > shadow:compat
> > hosts:files mdns4_minimal [NOTFOUND=return] dns
> > networks:files
> > protocols:      db files
> > services:db files
> > ethers:db files
> > rpc:db files
> > netgroup:nis
> >
> >
> > */etc/pam.d/common-session*
> > session [default=1]pam_permit.so
> > session requisitepam_deny.so
> > session requiredpam_permit.so
> > session optionalpam_umask.so
> > session optionalpam_krb5.so minimum_uid=1000
> > session requiredpam_unix.so
> > session optionalpam_winbind.so
> > session optionalpam_systemd.so
> >
> >
> > */usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf *
> > [SeatDefaults]
> > user-session=ubuntu
> > greeter-show-manual-login=true
> >
> >
> >
> > */usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf *
> > [SeatDefaults]
> > allow-guest=false
> > greeter-show-remote-login=false
> > greeter-show-manual-login=true
> > greeter-session=unity-greeter
> >
> >
> > Thanks
> >
> > 2015-12-28 19:29 GMT-02:00 Rowland penny <rpenny at samba.org>:
> >
> > > On 28/12/15 21:10, Marcio Demetrio Bacci wrote:
> > >
> > >> Hi,
> > >>
> > >> I have saw many tutorials to ingress Ubuntu 14 in the Samba4 domain,
> > but
> > >> none worked properly. I put the Ubuntu workstation in the Domain, but
> > when
> > >> I try to login, appear the following messenge:
> > >>
> > >> "your password will be expire in 42 days"
> > >>
> > >> and does not permit the authentication.
> > >>
> > >> How can I configure correctly Ubuntu 14 workstation to authenticate
> in
> > the
> > >> Samba 4 domain?
> > >>
> > >>
> > >> Thanks
> > >>
> > >> Márcio Bacci
> > >>
> > >
> > > Hi, you are going to have to give us more info before we can help you,
> > > smb.conf, etc/resolv.conf, /etc/krb5.conf etc
> > > Also what packages have you installed with the Samba packages.
> > >
> > > Rowland
> > >
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  https://lists.samba.org/mailman/options/samba
> > >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba





More information about the samba mailing list