[Samba] Failed auth attempt i don't understand.
Rowland penny
rpenny at samba.org
Thu Oct 1 19:55:33 UTC 2020
On 01/10/2020 20:47, karel.de.macil at free.fr wrote:
> Le 01/10/2020 20:46, Rowland penny via samba a écrit :
>> On 01/10/2020 19:06, karel.de.macil at free.fr wrote:
>>> Le 01/10/2020 19:27, Rowland penny via samba a écrit :
>>>>
>>>> Is this on a DC or a Unix domain member ?
>>>
>>> this is a remote desktop attempt on a computer who is in the domain
>>> managed by the DC from which i get the log
>> I actually meant where the log came from.
> The log commes from the samba 4 DC of the domain.
>
>>>
>>>> Why are you using Administrator on Unix ?
>>>
>>> This is the default administrator account in samba4 but the behavior
>>> is the same with any account.
>>
>> No, it is the default administrator in AD and as such, shouldn't be
>> used used as a normal user. Another question is, do you use the
>> winbind 'ad' backend anywhere in your network and have you added a
>> uidNumber to Administrator ?
>
> for winbind, i'm not sur if i'm using it..
>
> for the administrator and his uidNumber :
> and ldbsearch -H /root/sambackup/private/sam.ldb CN=administrator |
> grep uidNumber
> --> uidNumber: 10001
>
By doing that, you have turned Administrator into a normal Unix user,
when it is supposed to be mapped to 'root'. I suggest you remove the
uidNumber from Administrator.
Also, if you are not using the winbind 'ad' backend, why have you added
a uidNumber attribute to anything ?
Rowland
More information about the samba
mailing list