[Samba] samba as ADS member(s) - virtually identical yet..
peljasz at yahoo.co.uk
Tue Sep 13 10:37:39 UTC 2016
.. one of the Sambas fails to authenticate users.
I have four virtually identical Samba systems which are
configured as AD members.
All servers seem fine, I can
$ net ads lookup | status | dn | user | testjoin .. and so on.
But, problem is that all servers except one can successfully:
smbclient -L $(hostname) -UDOM\\user
here that one server fails:
SPNEGO login failed: Logon failure
session setup failed: NT_STATUS_LOGON_FAILURE
That one server was the only one which was initially
configured as local Samba to IPA domain.
$ net conf drop
and I force config backend = file
I'm guessing it's somewhere id database/registry of Samba
that prevents successful users authentication/verification.
Would you suggest how to troubleshoot it? Without wiping
I have full access to win AD DC (which I'm not very fluent
at) if that helps.
many thanks for any help
More information about the samba