[Samba] Mail samba
Rowland penny
rpenny at samba.org
Sat Oct 10 15:00:02 UTC 2020
On 10/10/2020 15:08, Rowland penny via samba wrote:
> On 10/10/2020 14:40, Philip Offermans wrote:
>>
>>>>
>>>>
>>>>
>>>> (The ip6 addresses are from docker)
>>> 'docker' ???
>> https://www.docker.com would recommend to check it out some time
> No, I should have expanded on that, what I meant was, is one or other
> of the DC or Unix domain member running in a docker container ?
>>
>>
>>> On 10 Oct 2020, at 14:25, Rowland penny via samba
>>> <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote:
>>>
>>> Strange, I run: ldapsearch -h dc4.samdom.example.com
>>> <http://dc4.samdom.example.com/> -U 'rowland' -W -b
>>> 'cn=users,dc=samdom,dc=example,dc=com'
>>>
>>> At the top of the successful result is this:
>>>
>>> Enter LDAP Password:
>>> SASL/GSS-SPNEGO authentication started
>>> SASL username: rowland at SAMDOM.EXAMPLE.COM
>>> <mailto:rowland at SAMDOM.EXAMPLE.COM>
>>> SASL SSF: 56
>>> SASL data security layer installed.
>>> # extended LDIF
>>>
>> What is strange is that I get this
>> root at dna:/home/philip# ldapsearch -h gaia.rompen.lokaal -U 'philip'
>> -W -b 'cn=users,dc=rompen,dc=lokaal'
>> Enter LDAP Password:
>> SASL/NTLM authentication started
>> Please enter your password:
>> ldap_sasl_interactive_bind_s: Invalid credentials (49)
>> additional info: 8009030C: LdapErr: DSID-0C0904DC, comment:
>> AcceptSecurityContext error, data 52e, v1db1
>>
>> I don’t fully understand. But what do you have to fill in by ldap
>> password? The user password or is this an global password? What does
>> sass/N
>>
> I don't understand it either, you seem to be running the same as I am,
> but you are using NTLM in the search (SASL/NTLM authentication
> started) and I am using kerberos:
>
> SASL/GSS-SPNEGO authentication started
> SASL username: rowland at SAMDOM.EXAMPLE.COM
>
> I am using Devuan 3 (Debian 10 minus systemd) on the DC and Unix
> domain member and it works.
>
> However, I have just discovered it doesn't work from Unix domain
> member running on Raspbian:
>
> pi at raspberrypi:~ $ ldapsearch -h dc4.samdom.example.com -U 'rowland'
> -W -b 'cn=Users,dc=samdom,dc=example,dc=com'
> Enter LDAP Password:
> SASL/GSS-SPNEGO authentication started
> ldap_sasl_interactive_bind_s: Local error (-2)
> additional info: SASL(-1): generic failure: GSSAPI Error: An
> unsupported mechanism was requested (unknown mech-code 0 for mech
> unknown)
>
> Same command against the same DC and it doesn't work :-\
>
> It is still trying to use Kerberos though.
>
> I will get back to you when I find out why it isn't working.
>
> Rowland
>
>
>
OK, found out why it wasn't working on the rpi, I was logged in as 'pi',
when I logged in as 'rowland', it works, fairly obvious if you stop and
think about it :-D
Try the search with your username & password, not 'vmail'
Rowland
More information about the samba
mailing list