[Samba] cannot join windows 7 samba4-ad-dc fresh install, get NT_STATUS_INTERNAL_ERROR

Vladimir Frelikh e285ne at gmail.com
Wed Aug 16 00:33:33 UTC 2017


Hello, here's the output of
pam-auth-update :

Unix authentication
Register user sessions in the systemd control group hierarchy
Inheritable Capabilities Management

--
С уважением, Владимир.

2017-08-15 15:16 GMT+07:00 Rowland Penny via samba <samba at lists.samba.org>:

> On Tue, 15 Aug 2017 13:40:15 +0700
> Vladimir Frelikh via samba <samba at lists.samba.org> wrote:
>
> > Hello, sorry for the delay,
> > kinit goes fine, here is the output of
> > klist :
> >
> > Ticket cache: FILE:/tmp/krb5cc_0
> > Default principal: administrator at RONA.LOC
> >
> > Valid starting       Expires              Service principal
> > 15.08.2017 13:36:07  15.08.2017 23:36:07  krbtgt/RONA.LOC at RONA.LOC
> >         renew until 16.08.2017 13:36:03
> > ------
> > here's the output of
> > smbclient -k -L //sambadc.rona.loc -d9 -UAdministrator%password :
> >
> > INFO: Current debug levels:
> >   all: 9
> >   tdb: 9
> >   printdrivers: 9
> >   lanman: 9
> >   smb: 9
> >   rpc_parse: 9
> >   rpc_srv: 9
> >   rpc_cli: 9
> >   passdb: 9
> >   sam: 9
> >   auth: 9
> >   winbind: 9
> >   vfs: 9
> >   idmap: 9
> >   quota: 9
> >   acls: 9
> >   locking: 9
> >   msdfs: 9
> >   dmapi: 9
> >   registry: 9
> >   scavenger: 9
> >   dns: 9
> >   ldb: 9
> >   tevent: 9
> > lp_load_ex: refreshing parameters
> > Initialising global parameters
> > rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> > (16384) INFO: Current debug levels:
> >   all: 9
> >   tdb: 9
> >   printdrivers: 9
> >   lanman: 9
> >   smb: 9
> >   rpc_parse: 9
> >   rpc_srv: 9
> >   rpc_cli: 9
> >   passdb: 9
> >   sam: 9
> >   auth: 9
> >   winbind: 9
> >   vfs: 9
> >   idmap: 9
> >   quota: 9
> >   acls: 9
> >   locking: 9
> >   msdfs: 9
> >   dmapi: 9
> >   registry: 9
> >   scavenger: 9
> >   dns: 9
> >   ldb: 9
> >   tevent: 9
> > Processing section "[global]"
> > doing parameter netbios name = SAMBADC
> > doing parameter realm = RONA.LOC
> > doing parameter workgroup = RONA
> > doing parameter dns forwarder = 192.168.19.1
> > doing parameter server role = active directory domain controller
> > doing parameter idmap_ldb:use rfc2307 = yes
> > doing parameter log level = 5
> > pm_process() returned Yes
> > lp_servicenumber: couldn't find homes
> > added interface eth0 ip=192.168.19.2 bcast=192.168.19.255
> > netmask=255.255.255.0
> > Netbios name list:-
> > my_netbios_names[0]="SAMBADC"
> > Client started (version 4.5.8-Debian).
> > Opening cache file at /var/cache/samba/gencache.tdb
> > Opening cache file at /var/run/samba/gencache_notrans.tdb
> > sitename_fetch: No stored sitename for realm 'RONA.LOC'
> > name sambadc.rona.loc#20 found.
> > Connecting to 192.168.19.2 at port 445
> > Socket options:
> >         SO_KEEPALIVE = 0
> >         SO_REUSEADDR = 0
> >         SO_BROADCAST = 0
> >         TCP_NODELAY = 1
> >         TCP_KEEPCNT = 9
> >         TCP_KEEPIDLE = 7200
> >         TCP_KEEPINTVL = 75
> >         IPTOS_LOWDELAY = 0
> >         IPTOS_THROUGHPUT = 0
> >         SO_REUSEPORT = 0
> >         SO_SNDBUF = 2626560
> >         SO_RCVBUF = 1061808
> >         SO_SNDLOWAT = 1
> >         SO_RCVLOWAT = 1
> >         Could not test socket option SO_SNDTIMEO.
> >         Could not test socket option SO_RCVTIMEO.
> >         TCP_QUICKACK = 1
> >         TCP_DEFER_ACCEPT = 0
> >  session request ok
> > Doing spnego session setup (blob length=96)
> > got OID=1.2.840.48018.1.2.2
> > got OID=1.2.840.113554.1.2.2
> > got OID=1.3.6.1.4.1.311.2.2.10
> > got principal=not_defined_in_RFC4178 at please_ignore
> > cli_session_setup_spnego: using target hostname not SPNEGO principal
> > cli_session_setup_spnego: guessed server
> > principal=cifs/sambadc.rona.loc at RONA.LOC
> > Kinit for Administrator to access cifs/sambadc.rona.loc at RONA.LOC
> > failed: Preauthentication failed
> > SPNEGO login failed: Preauthentication failed
> > session setup failed: NT_STATUS_LOGON_FAILURE
> >
> >
> >
>
> can you run 'pam-auth-update' in a terminal and then post what PAM
> profiles are enabled ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list