[Samba] Debugging Samba 4 AD Setup
Georg Georgiev
kable at abv.bg
Tue Mar 24 07:27:13 MDT 2015
Hello Johannes,
Please check your kerberos realm, wiki says: _Realm:_ . It will also
automatically be used as the Active Directory DNS domain name. The Realm
always has to be in uppercase.
I see that your is realm = ourdomain.com
Regards,
George
On 24.3.2015 г. 14:29 ч., Johannes Amorosa | Celluloid VFX wrote:
> We're using quite successfully a samba 4.1 AD setup authenticating
> user. We have on an unregular basis
> mails that can't be delivered because dovecot-pam fails to verify the
> credentials. I'm trying to debug
> this and set the loglevel up to 3.
>
> I can see an error message being spammed in the log files and can't
> figure out what causes this. I expect a configuration error somewhere
> although everything else seems to work. Can someone shed some light on
> this error.
>
> Invalid domain! Expected name in domain [ourdomain.com]. But received
> [THE-AD-HOSTNAME]!
> ../source4/rpc_server/netlogon/dcerpc_netlogon.c:2330(dcesrv_netr_DsrEnumerateDomainTrusts)
>
>
> I don't believe this has anything to do with the initial problem, but
> I would like to resolve this one aswell.
> Thank you for your time.
> Joe
>
> Setup:
> Two identical servers with this samba.conf.
>
> # Global parameters
> [global]
> workgroup = OURDOMAIN
> realm = ourdomain.com
> netbios name = THE-AD-HOSTNAME
> netbios aliases = SOMETHINGELSE
> log level = 3
>
> server role = active directory domain controller
> dns forwarder = 192.168.1.254
> [netlogon]
> path = /var/lib/samba/sysvol/ourdomain.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
>
More information about the samba
mailing list