[Samba] problems with authentication
L.P.H. van Belle
belle at bazuin.nl
Mon Aug 5 08:08:12 UTC 2019
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland penny via samba
> Verzonden: maandag 5 augustus 2019 9:59
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] problems with authentication
>
> On 05/08/2019 08:24, L.P.H. van Belle via samba wrote:
> > Hai,
> >
> > I think this is an old bug.. ( pretty sure about it )
> > And i suggest to dont change anything except smb.conf.
> >
> > Your trying to use kerbereros usersname.
> > wbinfo -a marcio at EMPRESA.COM.BR
> > Enter marcio at EMPRESA.COM.BR's password:
> >
> > And you using:
> > winbind use default domain = yes
> > This is and old bug somewhere in 4.5/4/6 i believe.
> >
> > Only change these, yes only slows down you server.
> > winbind enum users = no
> > winbind enum groups = no
> >
> > And then try this:
> > wbinfo -a marcio
> >
> >
> > I'll bet that works.
> >
> How much are you prepared to bet ;-)
ALL IN.. ;-)
root at rtd-gw2:~# wbinfo -a username
Enter username's password:
plaintext password authentication succeeded
Enter username's password:
challenge/response password authentication succeeded
root at rtd-gw2:~# wbinfo -a BAZRTD\\username
Enter BAZRTD\username's password:
plaintext password authentication succeeded
Enter BAZRTD\username's password:
challenge/response password authentication succeeded
root at rtd-gw2:~# wbinfo -a username at rotterdam.bazuin.nl
Enter username at rotterdam.bazuin.nl's password:
plaintext password authentication succeeded
Enter username at rotterdam.bazuin.nl's password:
challenge/response password authentication succeeded
Server Debian Buster, samba 4.10.6 ( my new proxy ) ;-)
Greetz,
Louis
>
> This has never worked for me, but everything else seems to work, so I
> ignore it:
>
> rowland at devstation:~$ wbinfo -a rowland
> Enter rowland's password:
> plaintext password authentication succeeded
> Enter rowland's password:
> challenge/response password authentication failed
> Could not authenticate user rowland with challenge/response
> rowland at devstation:~$ wbinfo -a rowland
> Enter rowland's password:
> plaintext password authentication succeeded
> Enter rowland's password:
> challenge/response password authentication failed
> Could not authenticate user rowland with challenge/response
> rowland at devstation:~$ wbinfo -a SAMDOM\\rowland
> Enter SAMDOM\rowland's password:
> plaintext password authentication succeeded
> Enter SAMDOM\rowland's password:
> challenge/response password authentication failed
> Could not authenticate user SAMDOM\rowland with challenge/response
> rowland at devstation:~$ kinit rowland
> Password for rowland at SAMDOM.EXAMPLE.COM:
> rowland at devstation:~$ wbinfo -a rowland
> Enter rowland's password:
> plaintext password authentication succeeded
> Enter rowland's password:
> challenge/response password authentication failed
> Could not authenticate user rowland with challenge/response
> rowland at devstation:~$ wbinfo -a rowland at SAMDOM.EXAMPLE.COM
> Enter rowland at SAMDOM.EXAMPLE.COM's password:
> plaintext password authentication succeeded
> Enter rowland at SAMDOM.EXAMPLE.COM's password:
> challenge/response password authentication failed
> Could not authenticate user rowland at SAMDOM.EXAMPLE.COM with
> challenge/response
>
> I am still going with the old favourite 'there are no uidNumber or
> gidNumbers in AD', this is usually the problem. For some
> reason people
> think these magically appear in AD ;-)
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list