[Samba] smbclient //server/netlogon -k -c 'ls' fails with "NT_STATUS_LOGON_FAILURE"
Rowland Penny
rpenny at samba.org
Mon Feb 26 10:10:38 UTC 2018
On Mon, 26 Feb 2018 09:49:48 +0000
Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Mon, 26 Feb 2018 11:30:58 +0200
> Arcadie Cracan <arcadiec at gmail.com> wrote:
>
> > /etc/samba/smb.conf:
> > # Global parameters
> > [global]
> > workgroup = DAM
> > realm = INTRA.DAM-APPLICATION.RO
> > netbios name = LOTUS
> > server role = active directory domain controller
> > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
> > drepl, winbindd, ntp_signd, kcc, dnsupdate
> > idmap_ldb:use rfc2307 = yes
>
> Everything above looks okay and it also shows you are using Bind9, so
> can you post the contents of the various named.conf files.
>
> >
> > # Default idmap config used for BUILTIN and local
> > accounts/groups idmap config *:backend = tdb
> > idmap config *:range = 2000-9999
> >
> > # idmap config for domain INTRA
> > idmap config INTRA:backend = ad
> > idmap config INTRA:schema_mode = rfc2307
> > idmap config INTRA:range = 10000-99999
> >
> > # Use settings from AD for login shell and home directory
> > winbind nss info = rfc2307
>
> You might as well remove the above lines, they do not work on a DC,
> they never did and anyway 'INTRA' should be 'DAM' if they did work.
> In fact they may be your problem.
>
> Rowland
>
Just had another thought, if you run 'pstree', do you get something
like this in the output:
├─samba─┬─samba───samba───smbd─┬─cleanupd
│ │ ├─smbd
│ │ └─smbd-notifyd
│ ├─samba───samba
│ ├─9*[samba]
│ └─samba───samba───winbindd───3*[winbindd]
If you don't get 'winbindd', try running 'apt-get install winbind'
Rowland
More information about the samba
mailing list