[Samba] suddenly unable to mount shares with hostname
Herb Lewis
hlewis at panasas.com
Wed Nov 9 18:15:35 UTC 2016
I would guess that it is some kind of Kerberos issue since mounting by
IP does
not use Kerberos authentication
https://support.microsoft.com/en-ca/kb/322979
On 11/09/2016 08:46 AM, Andreas Oster via samba wrote:
> Hello all,
>
> my name is Andreas and today I have run into a problem which I am not
> able to fix by myself.
>
> In our company we have a samba file server (Version 4.3.11-Ubuntu)
> which till doday did work without any problems. Unfortunately this is
> not the case anymore. Since today we are no longer able to mount
> network shares on this serverusing the servers dns hostname. The
> server complains about wrong username or password. Using the same
> credentials but using the hosts IP address instead of the DNS name
> does still work.
> The DNS hostname is resolvable. This server is a member server in a
> domain (samba-ad-dc).
>
> Does anyone have an idea what could be the problem ?
>
> here a part of the current smb.conf (real domain name replaced):
>
> [global]
> workgroup = EXAMPLE
> realm = EXAMPLE.LOC
> server string = Samba Server %v
> interfaces = 127.0.0.0/8 eth0
> bind interfaces only = Yes
> server role = member server
> security = ADS
> map to guest = Bad User
> obey pam restrictions = Yes
> log file = /var/log/samba/log.%m
> max log size = 1000
> max xmit = 65535
> printcap name = cups
> os level = 65
> preferred master = Yes
> domain master = No
> dns proxy = No
> panic action = /usr/share/samba/panic-action %d
> template homedir = /iSCSI/homes/%U
> template shell = /bin/bash
> winbind enum users = Yes
> winbind enum groups = Yes
> winbind use default domain = Yes
> winbind refresh tickets = Yes
> idmap config EXAMPLE:backend = rid
> idmap config EXAMPLE:range = 10000-20000
> idmap config *:range = 10000-20000
> idmap config * : backend = tdb
> map acl inherit = Yes
> store dos attributes = Yes
> vfs objects = acl_xattr
>
>
> [homes]
> comment = Home Directories
> valid users = %S
> write list = %S +EXAMPLE\Domain-Admins
> force group = "EXAMPLE\Domain-Users"
> group = "EXAMPLE\Domain-Users"
> create mask = 0750
> directory mask = 0750
> directory mode = 0750
> browseable = No
>
> [Temporary]
> comment = Temporary auf EXAMPLELX09
> path = /iSCSI/shares/temporary
> admin users = @EXAMPLE\Domain-Admins
> read only = No
>
>
> [Applications]
> comment = Application auf EXAMPLELX09
> path = /iSCSI/shares/applications
> admin users = @EXAMPLE\Domain-Admins
> read only = No
>
>
> Thank you for your kind help
>
> best regards
> Andreas
>
>
More information about the samba
mailing list