[Samba] Oracle 11 nts authentication againts samba4 AD DC

[schnaggy]

> On 05 Mar 2015, at 10:45, Rowland Penny <rowlandpenny at googlemail.com> wrote:
> 
> On 03/03/15 09:56, Izan Díez Sánchez wrote:
>> Hi again. I apologize for my vague previous question. After some investigation I can be much more precise in my consult. Furthermore, I think I found a bug…
>> ...
>> 
>> User "ids" is requesting a ticket to connect to the "DATABASE_SERVER". In the process samba makes an ldbsearch looking for the server but does not find it. Why? Because the sAMAccountName that is searching lacks the trailing dollar "$" that every machine account has.
>> 
>> Is this a bug? Any idea on how can I workaround this issue?
>> We have a production environment with Windows DC working and planned to migrate to samba4 but need everything working flawlessly.
>> 
>> 
>> 
> 
> No, I don't think this is a bug, I think it is a mis-configuration of *oracle*.
> 
> If authentication works by removing the '$' sign from the computers samacountname, then there is your problem, oracle doesn't expect the '$' sign but it should because *every* AD computer samaccountname ends with a '$' sign.
> 
> So, to put it another way, this is not a samba problem, it is an oracle problem, try searching the internet with something like 'oracle windows authentication nts’
> 

Yes, you are right. It’s not a samba problem if the oracle client tries to authenticate with a machine account name and stripping the $-sign. My fault. I’m gonna try some metawork searches. Maybe there will be any hints...

BTW: we use a win 8.1pro with a local oracle server installation, not win7 and a remote oracle on a win 2008 server

schnaggy:-)

> Rowland
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

Carsten Wagner

schnaggy at schnaggy.de