[Samba] Samba SSSD Integration
Brian J Sullivan
brian.j.sullivan at dteenergy.com
Fri Aug 30 18:03:58 UTC 2019
Was hoping for a helping hand. Trying to set up Samba on a domain member server. The member server was previously joined to the kerberized domain using realm join and a system keytab file exists in the /etc.
Subsequently I added samba along with winbind not being entirely sure if the latter was needed. This is a Redhat 7.4 server. My smb.conf appears as follows.
[global]
password server = *
security = ads
realm = DOMAIN.COM
workgroup = DOMAIN
netbios name = server1
kerberos method = system keytab
log file = /var/log/samba/%m.log
log level = 10
client use spnego = yes
idmap config * : backend = tdb
idmap config * : range = 1-199999
idmap config DOMAIN : backend = sss
idmap config DOMAIN : range = 200000-2147483647
[share1]
comment = NMS Maximo ETL Directory
path = /opt/smbshare
guest ok = no
browseable = No
read only = No
inherit acls = Yes
I have tried running it with many options and with and without winbind running. Not sure if winbind is needed. When I run it the output of the "systemctl status smb" is
Aug 30 17:23:47 server1.domain.com systemd[1]: Starting Samba SMB Daemon...
Aug 30 17:23:48 server1.domain.com smbd[40996]: [2019/08/30 17:23:48.513702, 0, pid=40996, effective(0, 0), real(0, 0)] ../lib/util/become_daemon.c:138(daemon_ready)
Aug 30 17:23:48 server1.domain.com smbd[40996]: daemon_ready: STATUS=daemon 'smbd' finished starting up and ready to serve connections
Aug 30 17:23:48 server1.domain.com systemd[1]: Started Samba SMB Daemon.
Aug 30 17:23:49 server1.domain.com smbd[40996]: [2019/08/30 17:23:49.228538, 0, pid=40996, effective(0, 0), real(0, 0)] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
Aug 30 17:23:49 server1.domain.com smbd[40996]: kerberos_kinit_password SERVER1$@DOMAIN.COM failed: Preauthentication failed
Aug 30 17:23:49 server1.domain.com smbd[40996]: [2019/08/30 17:23:49.228990, 0, pid=40996, effective(0, 0), real(0, 0)] ../source3/printing/nt_printing.c:249(nt_printing_init)
Aug 30 17:23:49 server1.domain.com smbd[40996]: nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
And when I do a
smbclient -L server1.domain.com -W DOMAIN -U myuid
I see a message in the logs "session setup failed: NT_STATUS_NO_LOGON_SERVERS"
Any help would be appreciated.
More information about the samba
mailing list