[Samba] lookup_name_smbconf for <user> failed

Hans Schou hsc at miracle.dk
Fri Feb 22 13:34:49 UTC 2019


Hi

I have a Red Hat 7.6 server with samba-4.8.3 which report
lookup_name_smbconf failed when running "smbclient -L" from another console
on the same server. smbclient works fine on an old server running Suse and
samba version 3 and thew the
user.

Any ideas of where to look or what to try?

I got this in the logfile:

# grep "^ " /var/log/samba/log.172.23.10.25
  init_oplocks: initializing messages.
  Transaction 0 of length 216 (0 toread)
  switch message SMBnegprot (pid 25189) conn 0x0
  Requested protocol [PC NETWORK PROGRAM 1.0]
  Requested protocol [MICROSOFT NETWORKS 1.03]
  Requested protocol [MICROSOFT NETWORKS 3.0]
  Requested protocol [LANMAN1.0]
  Requested protocol [LM1.2X002]
  Requested protocol [DOS LANMAN2.1]
  Requested protocol [LANMAN2.1]
  Requested protocol [Samba]
  Requested protocol [NT LANMAN 1.0]
  Requested protocol [NT LM 0.12]
  Requested protocol [SMB 2.002]
  Requested protocol [SMB 2.???]
  Selected protocol SMB2_FF
  Selected protocol SMB 2.???
  Selected protocol SMB3_11
  Found account name from PAC: zmir2 [Hans Schou]
  Kerberos ticket principal name is [zmir2 at ACME.COM]
  lp_load_ex: refreshing parameters
  Initialising global parameters
  Processing section "[global]"
  Processing section "[global]"
  Processing section "[homes]"
  Processing section "[fiks_filer]"
  Processing section "[fikslog-b]"
  Processing section "[tmp]"
  adding IPC service
  lookup_name_smbconf for ACME.DOM\zmir2 at acme.com failed
  Failed to map kerberos pac to server info (NT_STATUS_NO_SUCH_USER)
  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_sesssetup.c:137
  Server exit (NT_STATUS_END_OF_FILE)

smb.conf:
[global]
        log level = 3
        unix charset = UTF8
        dos charset = ISO-8859-1
        workgroup = ACME.DOM
realm = ACME.COM
        server string = Samba %v paa %L(%h)
        security = ads
encrypt passwords = yes
        kerberos method = secrets and keytab
        password server = srv-addc1.acme.com
winbind use default domain = yes
        idmap config ACME.DOM : backend = rid
        idmap config ACME.DOM : range = 1000 - 999999
        idmap config * : backend = tdb
        idmap config * : range = 1000 - 999999
winbind enum users = yes
winbind enum groups = yes
deadtime = 10
winbind cache time = 10
winbind nested groups = yes
template homedir = /home/%U
template shell = /bin/bash
client use spnego = yes
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
ldap idmap suffix = dc=acme,dc=dk
ldap admin dn = sn=Administrator,cn=Users,dc=acme,dc=dk
ldap suffix = dc=acme,dc=dk
        log file = /var/log/samba/log.%m
        max log size = 100
        local master = No
        dns proxy = No
        wins server = srv-dhcp3.acme.com
        include = /etc/samba/smb.conf.%h
printing = cups
cups options = raw

best regards


More information about the samba mailing list