[Samba] Fwd: Fwd: Problem connecting to DC from windows 10. Failed to create user record ... acl: unable to get access to ...

Andrzej Gryko andrzej.gryko at gmail.com
Thu Jul 26 19:22:23 UTC 2018 

---------- Forwarded message ---------
From: Rowland Penny via samba <samba at lists.samba.org>
Date: śr., 25 lip 2018 o 18:36
Subject: Re: [Samba] Fwd: Problem connecting to DC from windows 10. Failed
to create user record ... acl: unable to get access to ...
To: <samba at lists.samba.org>


On Wed, 25 Jul 2018 08:55:01 +0200
Andrzej Gryko via samba <samba at lists.samba.org> wrote:

> Avahi is not running.
> My smb.conf:
> # Global parameters
> [global]
>         netbios name = SAMBA
>         realm = GRYKO.LOCAL
>         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
> drepl, winbindd, ntp_signd, kcc, dnsupdate
>         workgroup = GRYKO
>         server role = active directory domain controller
>
> [netlogon]
>         path = /var/lib/samba/sysvol/gryko.local/scripts
>         read only = No
>
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
>
> I didn't tell that I ran debian on Microsoft Hyper-V machine, I try to
> connect to DC typing "gryko.local" as a domain in win 10 system
> properties, and next typing username and password (also I type
> domainname\username and password).
>
> I installed two virtual machines and on both there is the same error
> in log.samba.
> I installed samba by: " *apt-get install samba smbclient bind9
> krb5-user" and next I installed winbind by apt-get too.*
>

>So you are trying to log into the DC as a user, then you need some more
>packages installed.
>
>attr libpam-winbind libpam-krb5 libnss-winbind krb5-config ntp bind9utils
>Note: some of these may already be installed.
>
>By default, you cannot log into a DC
>
>Rowland

I installed new debian, configured domain gryko.org. installed every
mentioned package and it is exacly the same if username and password are
correct:
[2018/07/26 21:09:49.736794,  0]
../source4/dsdb/common/util_samr.c:192(dsdb_add_user)
  Failed to create user record
CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org: acl: unable to get access
to CN=ANDRZEJ-DESKTOP,CN=Computers,DC=gryko,DC=org

I found in google same examples and I'm follow them.

Any more ideas?

regards
Andrzej

More information about the samba mailing list