[Samba] cannot join windows 7 samba4-ad-dc fresh install, get NT_STATUS_INTERNAL_ERROR
Rowland Penny
rpenny at samba.org
Tue Aug 15 08:16:58 UTC 2017
On Tue, 15 Aug 2017 13:40:15 +0700
Vladimir Frelikh via samba <samba at lists.samba.org> wrote:
> Hello, sorry for the delay,
> kinit goes fine, here is the output of
> klist :
>
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: administrator at RONA.LOC
>
> Valid starting Expires Service principal
> 15.08.2017 13:36:07 15.08.2017 23:36:07 krbtgt/RONA.LOC at RONA.LOC
> renew until 16.08.2017 13:36:03
> ------
> here's the output of
> smbclient -k -L //sambadc.rona.loc -d9 -UAdministrator%password :
>
> INFO: Current debug levels:
> all: 9
> tdb: 9
> printdrivers: 9
> lanman: 9
> smb: 9
> rpc_parse: 9
> rpc_srv: 9
> rpc_cli: 9
> passdb: 9
> sam: 9
> auth: 9
> winbind: 9
> vfs: 9
> idmap: 9
> quota: 9
> acls: 9
> locking: 9
> msdfs: 9
> dmapi: 9
> registry: 9
> scavenger: 9
> dns: 9
> ldb: 9
> tevent: 9
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384) INFO: Current debug levels:
> all: 9
> tdb: 9
> printdrivers: 9
> lanman: 9
> smb: 9
> rpc_parse: 9
> rpc_srv: 9
> rpc_cli: 9
> passdb: 9
> sam: 9
> auth: 9
> winbind: 9
> vfs: 9
> idmap: 9
> quota: 9
> acls: 9
> locking: 9
> msdfs: 9
> dmapi: 9
> registry: 9
> scavenger: 9
> dns: 9
> ldb: 9
> tevent: 9
> Processing section "[global]"
> doing parameter netbios name = SAMBADC
> doing parameter realm = RONA.LOC
> doing parameter workgroup = RONA
> doing parameter dns forwarder = 192.168.19.1
> doing parameter server role = active directory domain controller
> doing parameter idmap_ldb:use rfc2307 = yes
> doing parameter log level = 5
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> added interface eth0 ip=192.168.19.2 bcast=192.168.19.255
> netmask=255.255.255.0
> Netbios name list:-
> my_netbios_names[0]="SAMBADC"
> Client started (version 4.5.8-Debian).
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/run/samba/gencache_notrans.tdb
> sitename_fetch: No stored sitename for realm 'RONA.LOC'
> name sambadc.rona.loc#20 found.
> Connecting to 192.168.19.2 at port 445
> Socket options:
> SO_KEEPALIVE = 0
> SO_REUSEADDR = 0
> SO_BROADCAST = 0
> TCP_NODELAY = 1
> TCP_KEEPCNT = 9
> TCP_KEEPIDLE = 7200
> TCP_KEEPINTVL = 75
> IPTOS_LOWDELAY = 0
> IPTOS_THROUGHPUT = 0
> SO_REUSEPORT = 0
> SO_SNDBUF = 2626560
> SO_RCVBUF = 1061808
> SO_SNDLOWAT = 1
> SO_RCVLOWAT = 1
> Could not test socket option SO_SNDTIMEO.
> Could not test socket option SO_RCVTIMEO.
> TCP_QUICKACK = 1
> TCP_DEFER_ACCEPT = 0
> session request ok
> Doing spnego session setup (blob length=96)
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178 at please_ignore
> cli_session_setup_spnego: using target hostname not SPNEGO principal
> cli_session_setup_spnego: guessed server
> principal=cifs/sambadc.rona.loc at RONA.LOC
> Kinit for Administrator to access cifs/sambadc.rona.loc at RONA.LOC
> failed: Preauthentication failed
> SPNEGO login failed: Preauthentication failed
> session setup failed: NT_STATUS_LOGON_FAILURE
>
>
>
can you run 'pam-auth-update' in a terminal and then post what PAM
profiles are enabled ?
Rowland
More information about the samba
mailing list