[Samba] Authentication problem
L.P.H. van Belle
belle at bazuin.nl
Wed Jun 29 12:55:51 UTC 2016
Ok, but you changed your hosts file :-p
You removed 127.0.1.1 .. ..
So now then, whats wrong here...
>/etc/resolv.conf points to the dc as a nameserver
>
>search mydom.lan
>nameserver IP.of.my.dc
>
>/etc/hosts
>127.0.0.1 localhost
>xxx.xxx.xxx.xxx fs.mydom.lan fs
>
># The following lines are desirable for IPv6 capable hosts
>::1 localhost ip6-localhost ip6-loopback
>ff02::1 ip6-allnodes
>ff02::2 ip6-allrouters
Nothing in my opinion.
So a new big mistry..
Why does :
net rpc rights list accounts -U"MYDOM\Administrator"
work with dhcp and a /etc/hosts with only 127.0.0.1 in it.
and why does a server with static ip errors
net rpc rights list accounts -U"MYDOM\Administrator"
Enter MYDOM\Administrator's password:
Could not connect to server 127.0.0.1 The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
While net rpc rights list accounts -U"MYDOM\Administrator" -S ADDC.MYDOMAIN.TLD work.
A ping ADDC.MYDOMAIN.TLD works also.
And a correct krb5.conf.
cat /etc/krb5.conf
[libdefaults]
default_realm = ROTTERDAM.BAZUIN.NL
dns_lookup_kdc = true
and kinit Administrator
works also..
Rowland can you show me your /etc/dhcp/dhclient.conf,
and the result of the dhcp client. /var/lib/dhcp/dhclient.leases
Can you try this again and add this to your hosts file.
># The following lines are desirable for IPv6 capable hosts
>::1 localhost ip6-localhost ip6-loopback
>ff02::1 ip6-allnodes
>ff02::2 ip6-allrouters
And try it again also, lets see what happens..
I dont now whats the difference here. You know my setup but i have/had the same as the topic starter.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
>
> Cannot agree with you Louis, AD relies on DNS and as such, the net
> command should be able to find the DC by dns.
>
> My /etc/resolv.conf searches the domain and uses the DCs as nameservers,
> all there is in /etc/hosts (apart from ipv6 lines) is
>
> 127.0.0.1 localhost
>
> When I run the same command as the OP (just changing the domain) it
> works for me. I would still be interested in seeing the info I last
> asked for.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list