[Samba] ADUC - "UNIX Attributes" tab - "Unwilling To Perform"
mathias dufresne
infractory at gmail.com
Mon Oct 26 14:11:28 UTC 2015
To check if your issue comes from Samba or SSSD you could replace SSSD by
Winbind in your PAM configuration. Once your system will retrieve users
from Winbind, if your not-working-group is shown correctly, the issue is
from SSSD. If the group is not shown, the issue should rather come from
Samba.
If your issue comes from Samba perhaps it would help if you show us the
whole ldbsearch on that specific group.
Cheers,
mathias
2015-10-24 20:56 GMT+02:00 Jonathan Hunter <jmhunter1 at gmail.com>:
> On 24 October 2015 at 19:16, Jonathan Hunter <jmhunter1 at gmail.com> wrote:
> > I might see if I can tcpdump capture the traffic to this client VM,
> > and load the resulting output into Wireshark (decrypting it using the
> > private key of the DC, hopefully) to see what's going on.
>
> Apparently this could be harder than I first thought.. the outer
> session is TLS which I can decrypt using the key from
> /usr/local/samba/private/tls/key.pem but inside that it seems to be
> further encrypted via GSS-API and krb5.. I don't know if I can open
> that up in wireshark :(
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list