[Samba] Samba file sharing with AD authentication doesn't work on some boxes
amit kumar
amitkuma at redhat.com
Tue Apr 4 13:38:13 UTC 2017
Hello,
Try configure samba-servers with kerberos authentication from AD.
Thanks
On 04/04/2017 05:01 PM, Vitaly Karasik via samba wrote:
> I have a few RHEL7 boxes, all of them are members in MS Win domain using
> SSSD. All of these linuxes run Samba for file sharing with the same config.
> Usually it works nice, but from time to time users cannot map Samba
> folders, with the following message in the log:
>
>
> [2017/03/07 14:58:27.050493, 0]
> ../source3/auth/auth_domain.c:121(connect_to_domain_password_server)
>
> connect_to_domain_password_server: unable to open the domain client
> session to machine DC03.example.LOCAL. Error was : NT_STATUS_ACCESS_DENIED.
>
> [2017/03/07 14:58:27.050756, 0]
> ../source3/auth/auth_domain.c:184(domain_client_validate)
>
> domain_client_validate: Domain password server not available.
>
>
> "From time to time" - i.e., sometimes certain Samba box is broken for a
> long time, sometime some box is stopping to work for some time.
>
> Unfortunately, I cannot blame MS Win admins because in the same time some
> Samba boxes are OK when others are broken. Any ideas?
>
>
> My Samba is samba-4.4.4-12.el7_3.x86_64, config is
>
>
> security = ADS
>
> passdb backend = tdbsam
>
> realm = EXAMPLE.LOCAL
>
> password server = x.x.x.x y.y.y.y
>
>
> Any ideas?
>
>
> Thank you,
>
> Vitaly
--
Thanks
Amit Kumar
There are three ways to get something done:
(1) Do it yourself.
(2) Hire someone to do it for you.
(3) Forbid your kids to do it.
More information about the samba
mailing list