[Samba] Samba file sharing with AD authentication doesn't work on some boxes
Vitaly Karasik
me at vitalykarasik.com
Tue Apr 4 11:31:03 UTC 2017
I have a few RHEL7 boxes, all of them are members in MS Win domain using
SSSD. All of these linuxes run Samba for file sharing with the same config.
Usually it works nice, but from time to time users cannot map Samba
folders, with the following message in the log:
[2017/03/07 14:58:27.050493, 0]
../source3/auth/auth_domain.c:121(connect_to_domain_password_server)
connect_to_domain_password_server: unable to open the domain client
session to machine DC03.example.LOCAL. Error was : NT_STATUS_ACCESS_DENIED.
[2017/03/07 14:58:27.050756, 0]
../source3/auth/auth_domain.c:184(domain_client_validate)
domain_client_validate: Domain password server not available.
"From time to time" - i.e., sometimes certain Samba box is broken for a
long time, sometime some box is stopping to work for some time.
Unfortunately, I cannot blame MS Win admins because in the same time some
Samba boxes are OK when others are broken. Any ideas?
My Samba is samba-4.4.4-12.el7_3.x86_64, config is
security = ADS
passdb backend = tdbsam
realm = EXAMPLE.LOCAL
password server = x.x.x.x y.y.y.y
Any ideas?
Thank you,
Vitaly
More information about the samba
mailing list