[Samba] Failed auth attempt i don't understand.
karel.de.macil at free.fr
karel.de.macil at free.fr
Thu Oct 1 18:06:48 UTC 2020
Le 01/10/2020 19:27, Rowland penny via samba a écrit :
> On 01/10/2020 18:09, karel de macil via samba wrote:
>> Hi all,
>>
>> when i try to authenticate against my AD (rdesktop authentication) i
>> got a wrong password/logname message despite my logname and password
>> being exact , in the log i have the following .
>>
>> Nothing wrong for me.
>>
>> the only strange thing being the : stream_terminate_connection:
>> Terminating connection - 'kdc_tcp_call_loop:
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' line
>> in perticular the second one because just after things seems to
>> continue with the :
>>
>> Kerberos: TGS-REQ Administrator at LOCAL.MYDOMAIN from
>> ipv4:192.168.1.23:62418 for
>> host/vr083023.LOCAL.MYDOMAIN at LOCAL.MYDOMAIN [canonicalize, renewable,
>> forwardable]
>>
>> line.
>>
>> Can anyone with more knowledge than me have an eye on the log and tell
>> me if he see anything wrong ?
>>
>>
>>
>> Kerberos: AS-REQ administrator at LOCAL.MYDOMAIN from
>> ipv4:192.168.1.23:62416 for krbtgt/LOCAL.MYDOMAIN at LOCAL.MYDOMAIN
>
> Is this on a DC or a Unix domain member ?
this is a remote desktop attempt on a computer who is in the domain
managed by the DC from which i get the log
> Why are you using Administrator on Unix ?
This is the default administrator account in samba4 but the behavior is
the same with any account.
> Might help if we see your smb.conf
[global]
netbios name = DC-TEST
realm = LOCAL.MYDOMAIN
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbind, ntp_signd, kcc, dnsupdate, dns
workgroup = IETR
idmap_ldb:use rfc2307 = yes
dns forwarder = 129.20.128.39
allow dns updates = nonsecure
dns update command=/usr/sbin/samba_dnsupdate --use-samba-tool
restrict anonymous = 2
printcap name = /dev/null
load printers = no
disable spoolss = yes
printing = bsd
log level = 6
#auth_audit:10@/var/log/samba/log.auth_audit
disable netbios = yes
smb ports = 445
[netlogon]
path = /var/lib/samba/sysvol/local.mydomain/scripts
read only = No
vfs objects = full_audit
[sysvol]
path = /var/lib/samba/sysvol
read only = No
vfs objects = full_audit
> Rowland
More information about the samba
mailing list