[Samba] Joining 4.2.2 Samba client to Samba3 PDC
L.P.H. van Belle
belle at bazuin.nl
Fri Jun 12 02:57:23 MDT 2015
Just a pointer..
try with settings like :
client lanman auth = yes
client NTLMv2 auth = no
client plaintext auth = yes
i dont know the exact setting are which you need, but look in the man of smb.conf
man smb.conf search for NT4, you see more settings.
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: dmorgan at westquad.med.harvard.edu
>[mailto:samba-bounces at lists.samba.org] Namens David Morgan
>Verzonden: donderdag 11 juni 2015 23:37
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Joining 4.2.2 Samba client to Samba3 PDC
>
>
>Hi,
>
>Not sure of the etiquette of this, so apologies if this is
>frowned upon,
>but a couple of months ago, this[1] question was asked.
>
>I'm trying to join a Samba 4.2.2 server to a Samba 3.4.7 PDC
>(e.g. Think
>NT4, not AD), which is also our OpenLDAP principal server.
>I'm failing
>because, although my "net rpc join" command seems to succeed, and the
>host entry is added to the directory, I keep getting messages such as
>this in /var/log/samba/log.CLIENT_IP on my PDC/LDAP host:
>
> _netr_ServerAuthenticate3: netlogon_creds_server_check failed.
>Rejecting auth request from client CLIENT machine account CLIENT$
>[2015/06/11 16:46:18, 0]
>rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3)
> _netr_ServerAuthenticate3: netlogon_creds_server_check failed.
>Rejecting auth request from client CLIENT machine account CLIENT$
>
>and the user that I've added, fails to log in, with basically a
>"permissions denied" error (I'm trying to log in from OS X 10.10.3).
>This login attempt correlates with the two error lines above.
>
>The PDC is running Ubuntu 10.04 (* * *looks away in
>embarrassment* * *)
>and the client CLIENT[2] is Ubuntu Server 14.04. The sensible advice
>might likely be: UPGRADE YOUR PDC HOST, DUMMY!, and I do intend to do
>that, but if we could get this working it would be really neat-o keen,
>and would buy us a bit of time. The motivation for this is to
>give our
>OS X users the significant performance advantages that
>vfs_fruit has to
>offer them (Thanks again, Ralph![3]). If the only solution is to
>upgrade the PDC, that's ultimately fine, but that will of course take
>more time.
>
>If you've read this far, Thanks![4]
>
>-DM
>
>
>[1]
> > Francesco Malvezzi francesco.malvezzi at unimore.it
> > Tue Apr 14 00:41:15 MDT 2015
> >
> > hi all,
> >
> > my working samba-4.1.7 member of a samba3 domain
>(samba-3.5.3) failed
> > while updating to samba-4.2.0. Users were no longer able to access
> > shares because the trust account was broken.
> >
> > According to release notes (Winbindd/Netlogon improvements):
> >
> > For the client side we have the following new options:
> > "require strong key" (yes by default), "reject md5 servers"
>(no by >
> > default).
> > E.g. for Samba 3.0.37 you need "require strong key = no" and
> > for NT4 DCs you need "require strong key = no" and "client
>NTLMv2 > >
> > auth = no",
> >
> > so in samba-4.2.0 member's smb.conf I put:
> >
> > require strong key = no
> > client NTLMv2 auth = no
> >
> > but yet trust account wasn't able to authenticate on domain PDC.
> >
> > Which are the correct switches to allow a samba-4.2.0
>member to join a
> > samba3 PDC?
> >
> > thank you,
> >
> > Francesco
>
>[2] Not his real name.
>
>[3] Legally required statement.
>
>[4] ...but you might need to get outside more. :-O
>
>--
>David S Morgan, Ph.D. david_morgan at hms.harvard.edu
>Director http://wqcg.med.harvard.edu
>West Quad Computing Group Office: 617-651-0259
>Harvard Medical School
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list